Divide and Conquer - Towards a Notion of Risk Model Encapsulation

The criticality of risk management is evident when considering the information society of today, and the emergence of Future Internet technologies such as Cloud services. Information systems and services become ever more complex, heterogeneous, dynamic and interoperable, and many different stakeholders increasingly rely on their availability and protection. Managing risks in such a setting is extremely challenging, and existing methods and techniques are often inadequate. A main difficulty is that the overall risk picture becomes too complex to understand without methodic and systematic techniques for how to decompose a large scale risk analysis into smaller parts. In this chapter we introduce a notion of risk model encapsulation to address this challenge. Encapsulation facilitates compositional risk analysis by hiding internal details of a risk model. This is achieved by defining a risk model interface that contains all and only the information that is needed for composing the individual risk models to derive the overall risk picture. The interface takes into account possible dependencies between the risk models. We outline a method for compositional risk analysis, and demonstrate the approach by using an example on information security from the petroleum industry.

[1]  Ketil Stølen,et al.  A Denotational Model for Component-Based Risk Analysis , 2011, FACS.

[2]  G. Stoneburner,et al.  Risk Management Guide for Information Technology Systems: Recommendations of the National Institute of Standards and Technology , 2002 .

[3]  Ketil Stølen,et al.  An Approach to Select Cost-Effective Risk Countermeasures Exemplified in CORAS , 2013, DBSec.

[4]  日本規格協会 情報技術-セキュリティ技術-情報セキュリティマネジメントシステム-要求事項 : 国際規格ISO/IEC 27001 = Information technology-Security techniques-Information security management systems-Requirements : ISO/IEC 27001 , 2005 .

[5]  Kim G. Larsen,et al.  A modal specification theory for components with data , 2011, Sci. Comput. Program..

[6]  Johannes Viehmann Reusing Risk Analysis Results -- An Extension for the CORAS Risk Analysis Method , 2012, 2012 International Conference on Privacy, Security, Risk and Trust and 2012 International Confernece on Social Computing.

[7]  Ketil Stølen,et al.  Model-Driven Risk Analysis - The CORAS Approach , 2010 .

[8]  Peter Liggesmeyer,et al.  A New Component Concept for Fault Trees , 2003, SCS.

[9]  David Clark,et al.  Safety and Security Analysis of Object-Oriented Models , 2002, SAFECOMP.

[10]  Holger Giese,et al.  Compositional Hazard Analysis of UML Component and Deployment Models , 2004, SAFECOMP.

[11]  Anne Marsden,et al.  International Organization for Standardization , 2014 .

[12]  Ketil Stølen,et al.  Modular analysis and modelling of risk scenarios with dependencies , 2010, J. Syst. Softw..

[13]  W-P de Roever,et al.  The quest for compositionality - a survey of assertion - based proof systems for concurrent programs. Part 1 ; concurrency based on shared variables , 1985 .

[14]  Ketil Stølen,et al.  Evolution in Relation to Risk and Trust Management , 2010, Computer.

[15]  Ketil Stølen,et al.  Using Model-Driven Risk Analysis in Component-Based Development , 2010 .

[16]  Holger Giese,et al.  Component-Based Hazard Analysis: Optimal Designs, Product Lines, and Online-Reconfiguration , 2006, SAFECOMP.

[17]  Gary McGraw,et al.  Risk Analysis in Software Design , 2004, IEEE Secur. Priv..

[18]  Gary Stoneburner,et al.  SP 800-30. Risk Management Guide for Information Technology Systems , 2002 .

[19]  Gerd Gigerenzer,et al.  Calculated Risks: How to Know When Numbers Deceive You , 2002 .