METHOD AND DEVICE FOR ANALYZING THE SECURITY OF AN INFORMATION SYSTEM

摘要

The security of an information system is built up by iterative phases of defence and attack. The defence phase models the system (1) and stores the model in a file (11) then defines behaviour rules (2) and stores them (12). The attack phase specifies attacks (3) leading to attack scenarios (13) and an interactive simulation (4) with results stored in a logbook (14) An Independent claim is also included for: Equipment for the method which includes a man/machine interface for the modelling phase and an attack/display motor for the simulation phase