Security Risk Assessments: Modeling and Risk Level Propagation
نویسندگان
چکیده
Security risk assessment is an important task in systems engineering. It used to derive security requirements for a secure system design and evaluate alternatives as well vulnerabilities. also complex interdisciplinary task, where experts from the application domain have collaborate understand each other. Automated tool-supported approaches are desired help manage complexity. However, models engineering usually focus on functional behavior lack security-related aspects. Therefore, we present our modeling approach that alleviates communication between involved features steps of computer-aided achieve consistency avoid omission errors. We demonstrate with example. describe how model impact rating attack feasibility estimation modular fashion, along propagation aggregation these estimations through model. As result, can make local decisions or changes model, which turn provides overall profile. Finally, discuss advantages model-based method.
منابع مشابه
Vulnerability identification errors in security risk assessments
......................................................................................................................... 2 Acknowledgements ........................................................................................................ 6 Table of
متن کاملMetaStar Security Risk Assessments: HIPAA and Meaningful Use.
• Vulnerability identification—Identify system’s weaknesses. • Control analysis—Analyze controls in place to prevent vulnerabilities from being exploited. • Likelihood determination—Determine probability of a vulnerability being exploited. • Impact analysis—Analyze impact on organization should a vulnerability be exploited. • Risk determination—Develop prioritized listing of risks (ie, gaps in ...
متن کاملStrategic security management: risk assessments in the environment of care.
Securing the environment of care is a challenging and continuous effort for most healthcare security managers, who face unique challenges in balancing the open campus environment with the protection needs of the hospital's patients, employees, and other assets. By conducting a comprehensive risk assessment, hospital security managers can prioritize identified risks, develop an effective hospita...
متن کاملSystems Risk Analysis UsingHierarchical Modeling
A fresh look at the system analysis helped us in finding a new way of calculating the risks associated with the system. The author found that, due to the shortcomings of RPN, more researches needed to be done in this area to use RPNs as a new source of information for system risk analysis. It is the purpose of this article to investigate the fundamental concepts of failure modes and effects ana...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: ACM Transactions on Cyber-Physical Systems
سال: 2023
ISSN: ['2378-962X', '2378-9638']
DOI: https://doi.org/10.1145/3569458