tags: #publish links: [[Security]] created: 2021-02-17 Wed --- # Attack Trees https://www.schneier.com/academic/archives/1999/12/attack_trees.html A methodology to model threats against (computer) systems. Start from the goal, as the root node, then work backward in time/causation. Final actions to get to the goal become multiple child trees, each node marked as possible or impossible. Some steps may "and" their child trees, some "or". Some subtrees may be shared. Then continue to explore the chains leading to the child nodes until you get to starting point actions. Then, use the tree to analyse possible attacks and priority of defenses, perhaps annotating nodes with costs etc.