Refinement of Systems with an Attacker Focus

Tools and techniques for assessing the possibilities and impacts of attacks on IT systems are necessary to ensure the IT systems upon which society depends on continue to operate despite targeted attacks. This reality compels the development of intuitive brainstorming formalisms like attack-defense trees. With an attack-defense tree and a suitable system description, one can validate if a system succumbs to or withstands a described attack. Yet having established a secure system, it is still necessary to understand if and how system security may or may not be compromised or improved when the system requires modifications. Our research describes how we develop and implement a modeling methodology to resolve attacker-oriented refinement between systems.