@inproceedings{984c238109494ae4a02695cfa2ac969f,
title = "Attribute Repair for Threat Prevention",
abstract = "We propose a model-based procedure for preventing security threats using formal models. We encode system models and threats as satisfiability modulo theory (SMT) formulas. This model allows us to ask security questions as satisfiability queries. We formulate threat prevention as an optimization problem over the same formulas. The outcome of our threat prevention procedure is a suggestion of model attribute repair that eliminates threats. We implement our approach using the state-of-the-art Z3 SMT solver and interface it with the threat analysis tool THREATGET. We demonstrate the value of our procedure in two case studies from automotive and smart home domains.",
author = "Thorsten Tarrach and Masoud Ebrahimi and Sandra K{\"o}nig and Christoph Schmittner and Roderick Bloem and Dejan Ni{\v c}kovi{\'c}",
note = "Publisher Copyright: {\textcopyright} 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.; 42nd International Conference on Computer Safety, Reliability and Security : SAFECOMP 2023, SAFECOMP 2023 ; Conference date: 20-09-2023 Through 22-09-2023",
year = "2023",
doi = "10.1007/978-3-031-40923-3_11",
language = "English",
isbn = "9783031409226",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Science and Business Media Deutschland GmbH",
pages = "135--148",
editor = "J{\'e}r{\'e}mie Guiochet and Stefano Tonetta and Friedemann Bitsch",
booktitle = "Computer Safety, Reliability, and Security - 42nd International Conference, SAFECOMP 2023, Proceedings",
address = "Germany",
}