Sashwath Ragothaman (2336467) Sashwath Ragothaman

Comparison of fault trees and attack trees

Project Abstract

. The main motivation for me to take up this project is Risk Assessment. I always wanted to get into the field of risk management and assessment and this project will be helpful to gain a better clarity of the standards of ISO 21434 which uses TARA methodology. The basic analysis for the risk assessment was fault tree and attack tree which also comes under TARA methodology. This project also led me to learn more topics and an idea of how the tools regarding the trees work in the ground reality.The distinctions between attack trees and fault trees?��two essential tools for system security and risk assessment?��are examined in this research. Based in reliability engineering, fault trees use top-down decomposition to analyze system faults and help identify failure paths and remedies. Attack trees, on the other hand, are a computer security technique that use bottom-up analysis to model danger vectors and create countermeasures. This study evaluates their effectiveness, benefits, and applications and finds a significant commonality. Attack trees are good at modeling security threats, whereas fault trees are better at analyzing system failures. They are useful for thorough risk assessment due to their complementing characteristics. The dissertation emphasizes their practical value in areas like vehicle cybersecurity and critical infrastructure protection, especially in infotainment systems, through case studies and empirical�?validation.

Keywords: fault and attack trees, TARA, Automotive cybersecurity

 

 Conference Details

 

Session: Presentation Stream 24 at Presentation Slot 6

Location: College 017 at Wednesday 8th 09:00 – 12:30

Markers: Fabio Caraffini, Nader Al Khatib (GTA)

Course: MSc Cyber Security, Masters PG

Future Plans: I’m looking for work