# Minimal Schedule with Minimal Number of Agents in Attack-Defence Trees This repository hosts the results for the paper. ## Clone this repository: ``` git clone https://depot.lipn.univ-paris13.fr/parties/publications/minimal-scheduling.git && cd minimal-scheduling ``` ## Folder Structure ``` . └── results # folder with the ADTree models and the minimal assignments ``` ## Results ### Forestall #### ADTree model ![forestall ADTree](results/forestall/model/forestall.png) #### Minimal Scheduling ### Gain Admin #### ADTree model ![gain-admin ADTree](results/gain-admin/model/gain-admin.png) #### Minimal Scheduling ### Interrupted #### ADTree model ![interrupted ADTree](results/interrupted/model/interrupted.png) #### Minimal Scheduling ![interrupted Assignment](results/interrupted/assignment/interrupted_scheduling_1.png) ### Compromise IoT device (iot-dev) This model describes an attack to an Internet-of-Things (IoT) device either via wireless or wired LAN. Once the attacker gains access to the private network and has acquired the corresponding credentials, it can exploit a software vulnerability in the IoT device to run a malicious script. Our ADTree adds defence nodes on top of the attack trees used in [4]. #### ADTree model ![iot-dev ADTree](results/iot-dev/model/iot-dev.png) #### Minimal Scheduling ### Last #### ADTree model ![last ADTree](results/last/model/last.png) #### Minimal Scheduling ![last Assignment](results/last/assignment/last_scheduling_1.png) ### Toy Example #### ADTree model ![toy-example ADTree](results/toy-example/model/toy-example.png) #### Minimal Scheduling ![toy-example Assignment](results/toy-example/assignment/toy_example_scheduling_1.png) ### Treasure Hunters It models thieves that try to steal a treasure in a museum. To achieve their goal, they first must access the treasure room, which involves bribing a guard (b), and forcing the secure door (f). Both actions are costly and take some time. Two coalitions are possible: either a single thief has to carry out both actions, or a second thief could be hired to parallelise b and f. After these actions succeed the attacker/s can steal the treasure (ST), which takes a little time for opening its display stand and putting it in a bag. If the two-thieves coalition is used, we encode in ST an extra 90 € to hire the second thief — the computation function of the gate can handle this plurality — else ST incurs no extra cost. Then the thieves are ready to flee (TF), choosing an escape route to get away (GA): this can be a spectacular escape in a helicopter (h), or a mundane one via the emergency exit (e). The helicopter is expensive but fast while the emergency exit is slower but at no cost. Furthermore, the time to perform a successful escape could depend on the number of agents involved in the robbery. Again, this can be encoded via computation functions in gate GA. As soon as the treasure room is penetrated (i.e. after b and f but before ST) an alarm goes off at the police station, so while the thieves flee the police hurries to intervene (p). The treasure is then successfully stolen iff the thieves have fled and the police failed to arrive or does so too late. This last possibility is captured by the condition associated with the treasure stolen gate (TS), which states that the arrival time of the police must be greater than the time for the thieves to steal the treasure and go away. #### ADTree model ![Treasure Hunters ADTree](results/treasure-hunters/model/treasure-hunters.png) #### Minimal Scheduling ### Tricky #### ADTree model ![tricky ADTree](results/tricky/model/tricky.png) #### Minimal Scheduling ![tricky Assignment](results/tricky/assignment/tricky_scheduling_1.png) ## Authors - Jaime Arias (LIPN, CNRS UMR 7030, Université Sorbonne Paris Nord) - Wojciech Penczek (Institute of Computer Science, PAS, Warsaw University of Technology) - Laure Petrucci (LIPN, CNRS UMR 7030, Université Sorbonne Paris Nord) - Teofil Sidoruk (Institute of Computer Science, PAS, Warsaw University of Technology) ## Abstract