Risk Analysis of Changing and Evolving Systems Using CORAS

Lund, Mass Soldal; Solhaug, Bjørnar; Stølen, Ketil

doi:10.1007/978-3-642-23082-0_9

Cited by 28 publications

(16 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…ISRA methods are often comprehensive and comparing tasks at a sufficient level of detail is challenging. There exist multiple frameworks for comparing ISRM/RA methods [2,9,[23][24][25][26][27]; however, these are primarily scoped to compare method content to a predetermined set of criteria. In these frameworks, evaluation proceeds from the predetermined criteria at the top to methods at the bottom.…”

Section: Framework Developmentmentioning

confidence: 99%

“…The former ENISA comparison [23] is a high-level comparison of methods, based on four predefined categories for ISRM and ISRA, eight in total. While similarly, Syalim et al [27] have published a comparative analysis that applies four predefined generic steps of the ISRA process for comparison. Both these studies compare a set of ISRA methods within a predefined set of criteria.…”

Section: Relationship To Other Literaturementioning

confidence: 99%

See 1 more Smart Citation

A framework for estimating information security risk assessment method completeness

Wangen¹,

Hallstensen²,

Snekkenes³

2017

Int. J. Inf. Secur.

View full text Add to dashboard Cite

In general, an information security risk assessment (ISRA) method produces risk estimates, where risk is the product of the probability of occurrence of an event and the associated consequences for the given organization. ISRA practices vary among industries and disciplines, resulting in various approaches and methods for risk assessments. There exist several methods for comparing ISRA methods, but these are scoped to compare the content of the methods to a predefined set of criteria, rather than process tasks to be carried out and the issues the method is designed to address. It is the lack of an all-inclusive and comprehensive comparison that motivates this work. This paper proposes the Core Unified Risk Framework (CURF) as an all-inclusive approach to compare different methods, all-inclusive since we grew CURF organically by adding new issues and tasks from each reviewed method. If a task or issue was present in surveyed ISRA method, but not in CURF, it was appended to the model, thus obtaining a measure of completeness for the studied methods. The scope of this work is primarily functional approaches risk assessment procedures, which are the formal ISRA methods that focus on assessments of assets, threats, vulnerabilities, and protections, often with measures of probability and consequence. The proposed approach allowed for Digital Security Section, NTNU, Teknologiveien 22, 2815 Gjøvik, Norway a detailed qualitative comparison of processes and activities in each method and provided a measure of completeness. This study does not address aspects beyond risk identification, estimation, and evaluation; considering the total of all three activities, we found the "ISO/IEC 27005 Information Security Risk Management" to be the most complete approach at present. For risk estimation only, we found the Factor Analysis of Information Risk and ISO/IEC 27005:2011 as the most complete frameworks. In addition, this study discovers and analyzes several gaps in the surveyed methods.

show abstract

Section: Framework Developmentmentioning

confidence: 99%

Section: Relationship To Other Literaturementioning

confidence: 99%

A framework for estimating information security risk assessment method completeness

Wangen¹,

Hallstensen²,

Snekkenes³

2017

Int. J. Inf. Secur.

View full text Add to dashboard Cite

show abstract

“…For instance, TROPOS provides a goal-risk framework for the analysis of risk and necessary countermeasures [11], [12], while the CORAS approach to model-driven risk analysis encompasses techniques and guidelines for the treatment of risk in changing systems where system and environment evolve dynamically [13]. However, typically opportunities are not taken into account, especially in the field of access control.…”

Section: Related Workmentioning

confidence: 99%

Formal Modeling and Verification of Opportunity-enabled Risk Management

Aldini

Seigneur

Lafuente

et al. 2015

2015 IEEE Trustcom/BigDataSE/Ispa

View full text Add to dashboard Cite

Abstract-With the advent of the Bring-Your-Own-Device (BYOD) trend, mobile work is achieving a widespread diffusion that challenges the traditional view of security standard and risk management. A recently proposed model, called opportunity-enabled risk management (OPPRIM), aims at balancing the analysis of the major threats that arise in the BYOD setting with the analysis of the potential increased opportunities emerging in such an environment, by combining mechanisms of risk estimation with trust and threat metrics. Firstly, this paper provides a logic-based formalization of the policy and metric specification paradigm of OPPRIM. Secondly, we verify the OPPRIM model with respect to the socio-economic perspective. More precisely, this is validated formally by employing toolsupported quantitative model checking techniques.

show abstract

“…The method advances the state of the art with regards to other publications in the domain, e.g., [4], [5], [6], as it offers the possibility to relate system threats to system assumptions. This allows the rapid investigation of system design alternatives or identification of the most feared attackers (malicious actors) and threats, even when assumptions on attackers or threats change.…”

Section: Introductionmentioning

confidence: 99%

Threat Navigator: Grouping and Ranking Malicious External Threats to Current and Future Urban Smart Grids

Vasenev

Montoya

Ceccarelli

et al. 2016

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

View full text Add to dashboard Cite

Abstract.Deriving value judgements about threat rankings for large and entangled systems, such as those of urban smart grids, is a challenging task. Suitable approaches should account for multiple threat events posed by different classes of attackers who target system components. Given the complexity of the task, a suitable level of guidance for ranking more relevant and filtering out the less relevant threats is desirable. This requires a method able to distil the list of all possible threat events in a traceable and repeatable manner, given a set of assumptions about the attackers. The Threat Navigator proposed in this paper tackles this issue. Attacker profiles are described in terms of Focus (linked to Actor-to-Asset relations) and Capabilities (Threat-toThreat dependencies). The method is demonstrated on a sample urban Smart Grid. The ranked list of threat events obtained is useful for a risk analysis that ultimately aims at finding cost-effective mitigation strategies.

show abstract

Risk Analysis of Changing and Evolving Systems Using CORAS

Cited by 28 publications

References 11 publications

A framework for estimating information security risk assessment method completeness

A framework for estimating information security risk assessment method completeness

Formal Modeling and Verification of Opportunity-enabled Risk Management

Threat Navigator: Grouping and Ranking Malicious External Threats to Current and Future Urban Smart Grids

Contact Info

Product

Resources

About