Abstract
The protection and security of critical infrastructures are important parts of Homeland Defense. Adequate means for analyzing the security risks of such infrastructures is a prerequisite for properly understanding the security needs and for maintaining appropriate incident preparedness. Risk management is coordinated activities to direct and control an organization with regard to risk, and includes the identification, analysis and mitigation of unacceptable risks. For critical infrastructures consisting of interdependent systems, risk analysis and mitigation is challenging because the overall risk picture may be strongly affected by changes in only a few of the systems. In order to continuously manage risks and maintain an adequate level of protection, there is a need to continuously maintain the validity of risk models while systems change and evolve. This paper addresses these challenges by presenting an approach to model-driven security risk analysis of changing and evolving systems. The approach is a tool-supported method with techniques and modeling support for traceability of system changes to risk models, as well as the explicit modeling of the impact of changes on the current risk picture. The presented artifacts are exemplified and validated in the domain of air traffic management.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: Journal of Ambient Intelligence and Humanized Computing
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.