From Trust to Dependability through Risk Analysis

The importance of critical systems has been widely recognized and several efforts are devoted to integrate dependability requirements in their development process. Such efforts result in a number of models, frameworks, and methodologies that have been proposed to model and assess the dependability of critical systems. Among them, risk analysis considers the likelihood and severity of failures for evaluating the risk affecting the system. In our previous work, we introduced the Tropos goal-risk framework, a formal framework for modeling, assessing, and treating risks on the basis of the likelihood and severity of failures. In this paper, we refine this framework introducing the notion of trust for assessing risks on the basis of the organizational setting of the system. The assessment process is also enhanced to analyze risks along trust relations among actors. To make the discussion more concrete, we illustrate the framework with a case study on partial airspace delegation in air traffic management system

[1]  Yao-Hua Tan,et al.  Trust and Deception in Virtual Societies , 2001, Springer Netherlands.

[2]  Martin S. Feather Towards a unified approach to the representation of, and reasoning with, probabilistic risk information about software and its system interface , 2004, 15th International Symposium on Software Reliability Engineering.

[3]  David L. Collinson,et al.  Trust Relations in High‐Reliability Organizations , 2006, Risk analysis : an official publication of the Society for Risk Analysis.

[4]  Robin A. Gandhi,et al.  Security Requirements Driven Risk Assessment for Critical Infrastructure Information Systems , 2005 .

[5]  Yu. I. Lyubich Foundations and Methods , 1992 .

[6]  E. Dubois,et al.  Towards a Risk-Based Security Requirements Engineering Framework , 2005 .

[7]  Paul Fischbeck,et al.  Multi-attribute risk assessment , 2002 .

[8]  Elisa Bertino,et al.  A unified framework for enforcing multiple access control policies , 1997, SIGMOD '97.

[9]  Martin S. Feather,et al.  Applicatiuons of tool support for risk-informed requirements reasoning , 2005, Comput. Syst. Sci. Eng..

[10]  John Mylopoulos,et al.  Risk Modelling and Reasoning in Goal Models , 2006 .

[11]  Paolo Giorgini,et al.  Modelling Risk and Identifying Countermeasure in Organizations , 2006, CRITIS.

[12]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[13]  John Erickson Trust metrics , 2009, 2009 International Symposium on Collaborative Technologies and Systems.

[14]  Ian Sommerville,et al.  Software Engineering (7th Edition) , 2004 .

[15]  J. Jacobson Safety validation of dependable transportation systems , 2005 .

[16]  Ketil Stølen,et al.  The CORAS Framework for a Model-Based Risk Management Process , 2002, SAFECOMP.

[17]  T. Bedford,et al.  Probabilistic Risk Analysis: Foundations and Methods , 2001 .

[18]  Michael J. Muller,et al.  Requirements specification , 2002 .

[19]  César A. Muñoz,et al.  Simulation and verification I: formal analysis of air traffic management systems: the case of conflict resolution and recovery , 2003, WSC '03.

[20]  John Mylopoulos,et al.  Modeling security requirements through ownership, permission and delegation , 2005, 13th IEEE International Conference on Requirements Engineering (RE'05).

[21]  John Mylopoulos,et al.  Modeling Social and Individual Trust in Requirements Engineering Methodologies , 2005, iTrust.

[22]  Ross D. Shachter,et al.  User-Agent Value Alignment , 2002 .

[23]  C. Castelfranchi,et al.  Social Trust : A Cognitive Approach , 2000 .

[24]  Shawn A. Butler Security attribute evaluation method: a cost-benefit approach , 2002, ICSE '02.

[25]  Daniel W. Manchala,et al.  Trust metrics, models and protocols for electronic commerce transactions , 1998, Proceedings. 18th International Conference on Distributed Computing Systems (Cat. No.98CB36183).

[26]  Paolo Giorgini,et al.  Modelling and Analysing Risk at Organizational Level , 2006 .

[27]  John Mylopoulos,et al.  Formal Reasoning Techniques for Goal Models , 2003, J. Data Semant..

[28]  Makis Stamatelatos,et al.  Fault tree handbook with aerospace applications , 2002 .

[29]  Audun Jøsang,et al.  Analysing the Relationship between Risk and Trust , 2004, iTrust.

[30]  William H. Sanders,et al.  Model-based evaluation: from dependability to security , 2004, IEEE Transactions on Dependable and Secure Computing.