This article describes the fundamentals of logic trees used in decision and risk analysis. We include in the broad definition of logic trees any conceptual or mathematical model that describes scenarios of events and/or decisions in a treelike structure. Logic trees are important tools for analyzing uncertain events, defining accident scenarios, assessing risk, calculating joint probability distributions, and evaluating decision options. Six types of logic trees are described, compared, and illustrated in this article: fault trees, success trees, attack trees, event trees, probability trees, and decision trees. Fault trees deductively model the combination of system failures and human errors that could lead to an accident. Success trees are the complement of fault trees and model the combination of events that lead to success. Attack trees model the sequential actions of an intelligent adversary to defeat a defensive system. Event trees inductively model the sequences of events that lead to an accident. Probability trees model a sequence of uncertain events in order to calculate the probability of events in the outcome space. Decision trees are logic trees that include sequential decisions in addition to sequential uncertain events. Examples are provided in this article to illustrate the similarities and differences among the types of logic trees. We conclude with challenges for applying logic trees to homeland security applications.
Identifying and understanding security risks for information system design or evaluation is very challenging. Making decisions about accepting or mitigating these risks through a rational, traceable, and understandable process is even harder. Quantitative risk analysis techniques can help stakeholders understand and communicate risk‐informed design decisions even when the stakeholders have conflicting objectives. Quantitative risk analysis also helps stakeholders understand security, cost, and functionality trade‐off decisions in repeatable process. This paper discusses the roles of stakeholders in risk analysis, the advantages and disadvantages of quantitative risk analysis, basic cyber risk decision support concepts and processes, and the mathematical definitions of risk for information systems. This paper recommends the use of properly constructed quantitative risk analysis models and discourages the use of semiquantitative risk analysis models.
Identifying and understanding security risks for information system design or evaluation is very challenging. Making decisions about accepting or mitigating these risks through a rational, traceable, and understandable process is even harder. Quantitative risk analysis techniques can help stakeholders understand and communicate risk‐informed design decisions even when the stakeholders have conflicting objectives. Quantitative risk analysis also helps stakeholders understand security, cost, and functionality trade‐off decisions in repeatable process. This paper discusses the roles of stakeholders in risk analysis, the advantages and disadvantages of quantitative risk analysis, basic cyber risk decision support concepts and processes, and the mathematical definitions of risk for information systems. This paper recommends the use of properly constructed quantitative risk analysis models and discourages the use of semiquantitative risk analysis models.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.