To main content

Beyond Traceability: Compared Approaches to Consistent Security Risk Assessments

Abstract

As military and civil software-intensive infor-
mation systems grow and become more and more complex,
structured approaches, called architecture frameworks (AF),
were developed to support their engineering. The concepts
of these approaches were standardised under ISO/IEC
42010 – Systems and Software Engineering – Architecture
Description. An Architecture Description is composed of
Views, where each View addresses one or more engineering
concerns. As mentioned in the standard, a multi-viewpoint
approach requires the capacity to capture the different views,
and maintain their mutual consistency. This paper addresses
primarily the problem of integrating a model-based security
risk assessment view to the mainstream system engineering
view(s) and, to a lesser extent, the problem of maintaining
the overall consistency of the views. Both business stakes
and technical means are studied. We present two specific
approaches, namely CORAS and Rinforzando. Both come
with techniques and tool support to facilitate security risk
assessment of complex and evolving critical infrastructures,
such as ATM systems. The former approach offers static
import/export relationships between artefacts, whereas the
latter offers dynamic relationships. The pros and cons of
each technical approach are discussed.

Category

Academic chapter/article/Conference paper

Client

  • EU / NESSOS (256980)
  • EU / NESSoS (256980)
  • EU / SecureChange (231101)
  • EU / SECURECHANGE (231101)

Language

English

Author(s)

  • Franco Bergomi
  • Stéphane Paul
  • Bjørnar Solhaug
  • Raphael Vignon-Davillier

Affiliation

  • Thalesgroup
  • SINTEF Digital / Software and Service Innovation

Year

2013

Publisher

IEEE

Book

2013 Eighth International Conference on Availability, Reliability and Security (ARES), Regensburg, 2-6 September 2013

ISBN

978-0-7695-5008-4

Page(s)

814 - 820

View this publication at Cristin