Lukas Güthing

Context: Attack-Fault-Trees describe paths that can lead to a system failure. Events are either attacks (compromising security) or faults (compromising safety) that are combined by gates, comparable to logical gates in combinatorial logic. Variability-Aware Attack-Fault-Trees add variability information to events and gates to make them suitable for configurable systems. To our knowledge, there is no open-source tool to model and potentially analyze (variability-aware) attack-fault-trees.

Goal: Develop a graphical editor to model Variability-Aware Attack-Fault-Trees and enable automatic safety/security analyses for system families.

Context: Prior knowledge of product lines is not required but might be helpful. Knowledge about UPPAAL SMC can be helpful.