Model-based security analysis in seven steps — a guided tour to the CORAS method

Abstract: This paper presents the CORAS method for model-based security analysis. The presentation is case-driven. We follow two analysts in their interaction with an organisation by which they have been hired to carry out a security risk analysis. The analysis is divided into seven main steps, and the paper devotes a separate section to each of them. The paper focuses in particular on the use of the CORAS security risk modelling language as a means for communication and interaction during the seven steps.

“…It is based on ISO 15408:2007 [89][90][91] and consists of four main components: Figure 2.1: Sub-processes of CORAS risk management process [14] (1) a risk documentation framework based on RM-ODP [69]; (2) a risk management process based on the AS/NZS 4360:2004 [97]; (3) an integrated risk management and system development process based on the Unified Process [28] and (4) a platform for tool inclusion based on data-integration using XML.…”

“…During these HazOp sessions, to motivate the attendees to structured thinking, the risk [14] To/From HazOp FTA HazOp…”

“…When applied together they can be applied as input/output to each other, as documented by Table 2.1 [14].…”

“…Another proposal is that of Braber et al [14], who developed the CORAS framework to produce an improved method for precise, unambiguous, and efficient risk analysis of security-critical systems. CORAS focuses on the tight integration of viewpoint-oriented visual modelling in the RA process, using a UML-based approach in the context of security and RA.…”

“…For this reason, the European Telecommunications Standards Institute (ETSI) developed a threat, vulnerability, risk analysis (eTVRA) method to support telecommunication companies in the Common Criteria (CC) evaluation. eTVRA builds on the risk management component of the CORAS framework [14] and is structured to provide output that can be directly used for the security evaluation. Thus, it aims a more cost-efficient CC evaluation process.…”

IT architecture-based confidentiality risk assessment in networks of organizations

“…It is based on ISO 15408:2007 [89][90][91] and consists of four main components: Figure 2.1: Sub-processes of CORAS risk management process [14] (1) a risk documentation framework based on RM-ODP [69]; (2) a risk management process based on the AS/NZS 4360:2004 [97]; (3) an integrated risk management and system development process based on the Unified Process [28] and (4) a platform for tool inclusion based on data-integration using XML.…”

“…During these HazOp sessions, to motivate the attendees to structured thinking, the risk [14] To/From HazOp FTA HazOp…”

“…When applied together they can be applied as input/output to each other, as documented by Table 2.1 [14].…”

“…Another proposal is that of Braber et al [14], who developed the CORAS framework to produce an improved method for precise, unambiguous, and efficient risk analysis of security-critical systems. CORAS focuses on the tight integration of viewpoint-oriented visual modelling in the RA process, using a UML-based approach in the context of security and RA.…”

“…For this reason, the European Telecommunications Standards Institute (ETSI) developed a threat, vulnerability, risk analysis (eTVRA) method to support telecommunication companies in the Common Criteria (CC) evaluation. eTVRA builds on the risk management component of the CORAS framework [14] and is structured to provide output that can be directly used for the security evaluation. Thus, it aims a more cost-efficient CC evaluation process.…”

IT architecture-based confidentiality risk assessment in networks of organizations

Bibliography

Perceived Threat Modeling for Cyber‐Physical Systems