Risk analysis is a very complex process. It requires rigorous representation and in-depth assessment of threats and countermeasures. This thesis focuses on the formal modelling of security using attack and defence trees. These are used to represent and quantify potential attacks in order to better understand the security issues that the analyzed system may face. They therefore make it possible to guide an expert in the choice of countermeasures to be implemented to secure their system. The main contributions of this thesis are as follows: - The enrichment of the attack and defence tree model allowing the analysis of real security scenarios. In particular, we have developed the theoretical foundations and quantitative evaluation algorithms f...
Cyber breaches have grown exponentially over the years, both in the number of incidents and in damag...
Security risk analysis is the term used to describe the analysis of critical facilities in which the...
This thesis presents a novel framework for security risk assessment (SRA) and identification, compri...
Risk analysis is a very complex process. It requires rigorous representation and in-depth assessment...
Risk analysis is a very complex process. It requires rigorous representation and in-depth assessment...
En analyse de risques, les arbres d’attaque sont utilisés pour évaluer les menaces sur un système. L...
National audienceRisk Analysis is a discipline consisting in identifying and evaluating risks that t...
Information systems constitute an increasingly attractive target for attackers. Given the number and...
Les systèmes embarqués traitent et manipulent de plus en plus de données sensibles. La sécurité de c...
Current computing systems have to protect the data they hold and to fit easily into versatile workin...
peer reviewedRisk treatment is an important part of risk management, and deals with the question whi...
International audiencePerforming a thorough security risk assessment of an organisation has always b...
Performing a thorough security risk assessment of an organisation has always been challenging, but w...
Current Security Information and Event Management systems (SIEMs) constitute the central platform of...
Cyber breaches have grown exponentially over the years, both in the number of incidents and in damag...
Security risk analysis is the term used to describe the analysis of critical facilities in which the...
This thesis presents a novel framework for security risk assessment (SRA) and identification, compri...
Risk analysis is a very complex process. It requires rigorous representation and in-depth assessment...
Risk analysis is a very complex process. It requires rigorous representation and in-depth assessment...
En analyse de risques, les arbres d’attaque sont utilisés pour évaluer les menaces sur un système. L...
National audienceRisk Analysis is a discipline consisting in identifying and evaluating risks that t...
Information systems constitute an increasingly attractive target for attackers. Given the number and...
Les systèmes embarqués traitent et manipulent de plus en plus de données sensibles. La sécurité de c...
Current computing systems have to protect the data they hold and to fit easily into versatile workin...
peer reviewedRisk treatment is an important part of risk management, and deals with the question whi...
International audiencePerforming a thorough security risk assessment of an organisation has always b...
Performing a thorough security risk assessment of an organisation has always been challenging, but w...
Current Security Information and Event Management systems (SIEMs) constitute the central platform of...
Cyber breaches have grown exponentially over the years, both in the number of incidents and in damag...
Security risk analysis is the term used to describe the analysis of critical facilities in which the...
This thesis presents a novel framework for security risk assessment (SRA) and identification, compri...