Attack-defense trees

Barbara Kordy, Sjouke Mauw, Saša Radomirović, Patrick Schweitzer (Lead / Corresponding author)

Research output: Contribution to journalArticlepeer-review

115 Citations (Scopus)


Attack-defense trees are a novel methodology for graphical security modelling and assessment. They extend the well- known formalism of attack trees by allowing nodes that represent defensive measures to appear at any level of the tree. This enlarges the modelling capabilities of attack trees and makes the new formalism suitable for representing interactions between an attacker and a defender. Our formalization supports different semantical approaches for which we provide usage scenarios. We also formalize how to quantitatively analyse attack and defense scenarios using attributes.

Original languageEnglish
Pages (from-to)55-87
Number of pages33
JournalJournal of Logic and Computation
Issue number1
Early online date21 Jun 2012
Publication statusPublished - Feb 2014


  • Attack trees
  • Attack-defense trees
  • Attributes
  • Complete set of axioms
  • Countermeasures
  • Security assessment
  • Semantics

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Software
  • Arts and Humanities (miscellaneous)
  • Hardware and Architecture
  • Logic


Dive into the research topics of 'Attack-defense trees'. Together they form a unique fingerprint.

Cite this