Extending Attack-Fault Trees with Runtime Verification
Rafael C. Cardoso (University of Aberdeen), Angelo Ferrando, (University of Genova), Michael Fisher (The University of Manchester)
TL;DR
This paper introduces RVAFTs, an extension of Attack-Fault Trees that incorporates runtime events to enable effective detection of failures caused by attacks or faults in autonomous systems.
Contribution
The paper presents RVAFTs, a novel extension of AFTs that integrates runtime verification, enhancing fault and attack detection in complex autonomous systems.
Findings
Effective detection of faults and attacks demonstrated
Improved process of instrumentation for runtime verification
Evaluation of computational overhead of monitors
Abstract
Autonomous systems are often complex and prone to software failures and cyber-attacks. We introduce RVAFTs, an extension of Attack-Fault Trees (AFTs) with runtime events that can be used to construct runtime monitors. These monitors are able to detect when failures, that can be caused either by an attack or by a fault, occur. The safety and security properties monitored are, in turn, derived from the hierarchical decomposition of RVAFTs. Our approach not only provides further use of AFTs, but also improves the process of instrumentation often required in runtime verification. We explain the principles and provide a simple case study demonstrating how RVAFTs can be used in practice. Through this we are also able to evaluate the detection of faults and attacks as well as assessing the computational overhead of the monitors.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.