Abstract

The protection and security of critical infrastructures are important parts of Homeland Defense. Adequate means for analyzing the security risks of such infrastructures is a prerequisite for properly understanding the security needs and for maintaining appropriate incident preparedness. Risk management is coordinated activities to direct and control an organization with regard to risk, and includes the identification, analysis and mitigation of unacceptable risks. For critical infrastructures consisting of interdependent systems, risk analysis and mitigation is challenging because the overall risk picture may be strongly affected by changes in only a few of the systems. In order to continuously manage risks and maintain an adequate level of protection, there is a need to continuously maintain the validity of risk models while systems change and evolve. This paper addresses these challenges by presenting an approach to model-driven security risk analysis of changing and evolving systems. The approach is a tool-supported method with techniques and modeling support for traceability of system changes to risk models, as well as the explicit modeling of the impact of changes on the current risk picture. The presented artifacts are exemplified and validated in the domain of air traffic management.


Original document

The different versions of the original document can be found in:

http://link.springer.com/article/10.1007/s12652-013-0179-6/fulltext.html,
http://link.springer.com/content/pdf/10.1007/s12652-013-0179-6,
http://dx.doi.org/10.1007/s12652-013-0179-6 under the license http://www.springer.com/tdm
https://dblp.uni-trier.de/db/journals/jaihc/jaihc5.html#SolhaugS14,
http://doi.org/10.1007/s12652-013-0179-6,
https://doi.org/10.1007/s12652-013-0179-6,
https://dx.doi.org/10.1007/s12652-013-0179-6,
http://dx.doi.org/10.1007/s12652-013-0179-6,
https://rd.springer.com/article/10.1007/s12652-013-0179-6,
https://academic.microsoft.com/#/detail/2019637006
Back to Top

Document information

Published on 01/01/2013

Volume 2013, 2013
DOI: 10.1007/s12652-013-0179-6
Licence: Other

Document Score

0

Views 1
Recommendations 0

Share this document

Keywords

claim authorship

Are you one of the authors of this document?