Abstract:This paper introduces a new web-based decision support tool calledSmart-Swaps to support multicriteria decision analysis. The decision maker's preferences are elicited with the even swaps method, which is an elimination process based on value trade-offs. The software provides a platform for carrying out the elimination process and implements a preference programming model to give suggestions to the decision maker on how to proceed with the process. Such decision support can provide substantial help to the deci… Show more
“…When several requirements and risks are considered, determining the right swaps to make among numerous possibilities is hard for human decision makers [8], and thus non-expert users may not know which goals to swap next, and the process can become tedious without creating a dominated alternative.…”
Section: B Discussion: Even Swaps In Practicementioning
confidence: 99%
“…Swaps aim to either make criteria irrelevant, in the sense that both alternatives have equal consequences on the criteria, or create a dominant alternative. Alternative A dominates alternative B, if A is better than (or equal to) B on every criteria [8]. Irrelevant goals and dominated alternatives can both be eliminated, and the process continues until only the most preferred alternative remains [8].…”
Section: A Basics Of the Even Swaps Decision Analysismentioning
Abstract-Security risk assessment in the requirements phase is challenging because probability and damage of attacks are not always numerically measurable or available in the early phases of development. Selecting proper security solutions is also problematic because mitigating impacts and side-effects of solutions are not often quantifiable either. In the early development phases, analysts need to assess risks in the absence of numerical measures or deal with a mixture of quantitative and qualitative data. We propose a risk analysis process which intertwines security requirements engineering with a vulnerability-centric and qualitative risk analysis method. The proposed method is qualitative and vulnerability-centric, in the sense that by identifying and analyzing common vulnerabilities the probability and damage of risks are evaluated qualitatively. We also propose an algorithmic decision analysis method that considers risk factors and alternative security solutions, and helps analysts select the most cost-effective solution. The decision analysis method enables making a decision when some of the available data is qualitative.
I. INTRODUCTIONAbsolute security is impossible. Security is more a cat and mouse game between the defenders and attackers [?]; hence, it is ultimately about mitigating the damage of attacks or increasing the effort and time required for successful exploitations. Requirements analysts and project leaders need to have an objective measure of security risks to select good-enough security countermeasures. They also need to understand consequences of different alternative countermeasures on the probability and potential damage of attacks to decide over alternatives.The concept of risk: The risk (r) of a security attack is described by the level of damage (d) that the successful attack poses to the system and the probability (p) that the attack occurs: r = p×d [?]. A security solution may mitigate the damage to a lower level (d ) or reduce the probability of an attack to a lower chance (p ), so the risk is reduced to r = p ×d . If the damage is expressed in terms of financial costs, then the risk represents the financial damage of the attack. In this way, managers can easily decide whether to apply a security solution, by examining if the solution's cost (c) is lower than the financial damage that they can save (c < r − r ). When managers need to decide over a set of alternative solutions, they can select a solution which minimizes the costs while mitigating the risks (min(c + r − r)).Risk assessment challenges: In an ideal situation, security risks are known, their damage is measurable in terms of
“…When several requirements and risks are considered, determining the right swaps to make among numerous possibilities is hard for human decision makers [8], and thus non-expert users may not know which goals to swap next, and the process can become tedious without creating a dominated alternative.…”
Section: B Discussion: Even Swaps In Practicementioning
confidence: 99%
“…Swaps aim to either make criteria irrelevant, in the sense that both alternatives have equal consequences on the criteria, or create a dominant alternative. Alternative A dominates alternative B, if A is better than (or equal to) B on every criteria [8]. Irrelevant goals and dominated alternatives can both be eliminated, and the process continues until only the most preferred alternative remains [8].…”
Section: A Basics Of the Even Swaps Decision Analysismentioning
Abstract-Security risk assessment in the requirements phase is challenging because probability and damage of attacks are not always numerically measurable or available in the early phases of development. Selecting proper security solutions is also problematic because mitigating impacts and side-effects of solutions are not often quantifiable either. In the early development phases, analysts need to assess risks in the absence of numerical measures or deal with a mixture of quantitative and qualitative data. We propose a risk analysis process which intertwines security requirements engineering with a vulnerability-centric and qualitative risk analysis method. The proposed method is qualitative and vulnerability-centric, in the sense that by identifying and analyzing common vulnerabilities the probability and damage of risks are evaluated qualitatively. We also propose an algorithmic decision analysis method that considers risk factors and alternative security solutions, and helps analysts select the most cost-effective solution. The decision analysis method enables making a decision when some of the available data is qualitative.
I. INTRODUCTIONAbsolute security is impossible. Security is more a cat and mouse game between the defenders and attackers [?]; hence, it is ultimately about mitigating the damage of attacks or increasing the effort and time required for successful exploitations. Requirements analysts and project leaders need to have an objective measure of security risks to select good-enough security countermeasures. They also need to understand consequences of different alternative countermeasures on the probability and potential damage of attacks to decide over alternatives.The concept of risk: The risk (r) of a security attack is described by the level of damage (d) that the successful attack poses to the system and the probability (p) that the attack occurs: r = p×d [?]. A security solution may mitigate the damage to a lower level (d ) or reduce the probability of an attack to a lower chance (p ), so the risk is reduced to r = p ×d . If the damage is expressed in terms of financial costs, then the risk represents the financial damage of the attack. In this way, managers can easily decide whether to apply a security solution, by examining if the solution's cost (c) is lower than the financial damage that they can save (c < r − r ). When managers need to decide over a set of alternative solutions, they can select a solution which minimizes the costs while mitigating the risks (min(c + r − r)).Risk assessment challenges: In an ideal situation, security risks are known, their damage is measurable in terms of
“…We can also note that [MH07,MH05] propose to enrich the original even swaps method in a way that accounts for incomplete knowledge about the value function. They consider a "practical dominance" notion when the value of an alternative is at least as high as the value of another one with every feasible combination of parameters, this perspective being very close to the one developed in [GMS08] (see next section).…”
Multicriteria decision analysis aims at supporting a person facing a decision problem involving conflicting criteria. We consider an additive utility model which provides robust conclusions based on preferences elicited from the decision maker. The recommendations based on these robust conclusions are even more convincing if they are complemented by explanations. We propose a general scheme, based on sequence of preference swaps, in which explanations can be computed. We show first that the length of explanations can be unbounded in the general case. However, in the case of binary reference scales, this length is bounded and we provide an algorithm to compute the corresponding explanation.
Current models of healthcare quality recommend that patient management decisions be evidence-based and patient-centered. Evidence-based decisions require a thorough understanding of current information regarding the natural history of disease and the anticipated outcomes of different management options. Patient-centered decisions incorporate patient preferences, values, and unique personal circumstances into the decision making process and actively involve both patients along with health care providers as much as possible. Fundamentally, therefore, evidence-based, patient-centered decisions are multi-dimensional and typically involve multiple decision makers.
Advances in the decision sciences have led to the development of a number of multiple criteria decision making methods. These multi-criteria methods are designed to help people make better choices when faced with complex decisions involving several dimensions. They are especially helpful when there is a need to combine “hard data” with subjective preferences, to make trade-offs between desired outcomes, and to involve multiple decision makers. Evidence-based, patient-centered clinical decision making has all of these characteristics. This close match suggests that clinical decision support systems based on multi-criteria decision making techniques have the potential to enable patients and providers to carry out the tasks required to implement evidence-based, patient-centered care effectively and efficiently in clinical settings.
The goal of this paper is to give readers a general introduction to the range of multi-criteria methods available and show how they could be used to support clinical decision-making. Methods discussed include the balance sheet, the even swap method, ordinal ranking methods, direct weighting methods, multi-attribute decision analysis, and the analytic hierarchy process (AHP)
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.