AttackTree provides the functionality to model threats to your system using threat analysis (J3061 and ISO-26262) and attack trees. In addition mitigation trees allow you to construct graphical representations of measures designed to reduce the consequences of a successful attack.
Threat Modeling using Attack Trees
Attack trees allow threats against system security to be modeled concisely in a graphical format to create a security risk assessment. The effectiveness of cyber security, network security, banking system security, automotive cybersecurity, installation and personnel security may all be modeled using attack trees.
With the increased risk of terrorist attacks on homeland security, hacking attacks on computer systems and computer-based fraud on banking systems, the AttackTree security analyzer is an invaluable tool to system designers and security personnel for security assessment.
AttackTree provides a method to model and report the threats against a system in a graphical easy-to-understand manner. If we understand the ways in which a system can be attacked, we can develop countermeasures to prevent those attacks achieving their goal.
In order for an attack to succeed, the attack has to be initiated and various barriers overcome by the attacker. There may be different ways in which an individual or team could mount an attack on a system and there may be different levels of defense against different types of attack.
Attack trees provide a graphical representation of how attacks might succeed and allow a probabilistic analysis of which attacks are most likely to succeed. The methodology can also reveal the vulnerability of your system, under specified constraints. For example, what are the most probable ways in which an attack will succeed in its objective at a relatively low cost to the attacker?
Using AttackTree to Model Threats
AttackTree, through the use of attack tree models, allows the user to model the probability that different attacks will succeed. AttackTree also allows users to define indicators that quantify the cost of an attack, the operational difficulty in mounting the attack and any other relevant quantifiable measure that may be of interest.
Questions such as ‘which attacks have the highest probability of success at a low cost to the attacker?’ or ‘which attacks have the highest probability of success with no special equipment required?’ can be answered using AttackTree.
In AttackTree, different categories and levels of consequence may also be assigned to nodes in the attack tree. A successful attack may have financial, political, operational and safety consequences. A partially successful attack may have a different level of consequence to a totally successful attack. All these types of consequence measure may be modeled in AttackTree.
Threat Modeling with AttackTree
AttackTree provides the framework for threat modeling, performing threat analysis and risk assessment according to well known standards such as J3061 and ISO-26262. Users may also customize the analysis using their own consequence categories and severity weightings, likelihood categories and risk levels.
Modeling Threat Mitigation with AttackTree
AttackTree may also be used to model the effect of mitigating measures designed to reduce the consequences of a successful attack. Mitigating measures might include procedures for reducing the effects of data breaches, implementing a timely public relations plan or a providing a rapid emergency response. Mitigating measures may be graphically represented in AttackTree using mitigation trees.
Windows 10 Compatibility
Isograph’s AttackTree has been tested and verified as compatible with 64-bit Windows 10 with Internet Explorer 11/Edge and is supported on the Current Branch, Current Branch for Business and the Long Term Servicing Branch