Attack Models

Home / About

About Attack Models

Attack Models is a curated, defensive-first knowledge hub for attack modeling across IT, cloud, and cyber-physical systems. The intent is to make strong modeling practice easier to learn, easier to compare, and easier to operationalize into evidence, tests, and resilience work.

What we mean by an attack model

An attack model is a reasoning artifact that links prerequisites to actions and effects under explicit constraints. Good models are precise enough to be tested, but abstract enough to travel across environments. On this site, models are written to support defenders: every step is paired with what can be observed and what can be done to prevent, detect, limit, or recover.

Why OT and CPS require deeper constraints

In OT and CPS, cyber steps are inseparable from process reality. Feasibility is shaped by zoning and reachability, role and workstation dependencies, protocol semantics, deterministic timing, safety interlocks, and physics-informed operating envelopes. These constraints shape not only what an attacker can do, but also what indicators should move and how impact can propagate through coupled units.

Flagship features

The Attack Model Composer turns selected context into an exportable, structured model with prerequisites, actions, observables, mitigations, and a defensible scorecard. It is designed for education, planning, and hypothesis generation, and it provides a stable structure you can extend with site-specific facts.

The Evidence Packs workflow converts a structured model into a defender-ready evidence map, an observability score, and a safe validation plan. In the Premium edition, packs can be tailored using an environment profile, telemetry inventory, and optional export schemas so the outputs match your tooling and retention reality.

Tooling using latent methods

Where environment data is available, our tooling using latent methods builds on the Composer structure to add reachability, dependency, and constraint checks, and to quantify impact pathways more rigorously. The Composer remains valuable on its own, while the latent-method layer grounds models in a specific architecture and operating context.

Editorial principles

• Primary sources first. Prefer standards, specifications, and original papers over summaries.
• Operational outputs. Every concept should translate into tasks, indicators, tests, or resilience decisions.
• Clear terminology. Where communities disagree, we state the definition used and link to sources.
• Ethical use. Content is written to support defense, education, and research.

Companion hubs

If you want deeper dives on adjacent topics, these companion hubs may help:

• AttackModeling focuses on workflows, templates, and running modeling in real teams.
• AttackGraphs focuses on graph generation, scoring, and graph-based analysis.

Contact

For collaboration, partnerships, or further information, reach us at:

• Email: [email protected]

Disclaimer

This site is educational. It does not provide legal advice, and it is not intended to enable wrongdoing. If you work with real systems, follow applicable laws, obtain authorization, and apply safety-aware testing practices.