Skip to main content

Risk Engineering and Blockchain: Anticipating and Mitigating Risks

Part of the Lecture Notes in Business Information Processing book series (LNBIP,volume 339)


Complex systems require an integrated approach to risks. In this paper, we describe risk engineering, a methodology to incorporate risks at the planning and design stage for complex systems, and introduce some of its components. We examine, at a high level, how risk engineering can help improve the risk picture for blockchain technologies and their applications and outline challenges and benefits of this approach.


  • Risk engineering
  • Blockchain
  • Ontology
  • Reasoning
  • Integrated risk analysis

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-04849-5_34
  • Chapter length: 12 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
USD   84.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-04849-5
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   109.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.


  1. 1.

    Blockchain and distributed ledger technologies,



  2. Software Engineering Institute (SEI): Carnegie Mellon University, Architecture Tradeoff Analysis Method (2015).

  3. Katsumata, P., Hemenway, J., Gavins, W.: Cybersecurity risk management. In: Military Communications Conference, 2010-MILCOM 2010. IEEE (2010)

    Google Scholar 

  4. Cyber-Physical Systems Public Working Group: Framework for Cyber-Physical Systems. Release 0.8. DRAFT, September 2015

    Google Scholar 

  5. Piètre-Cambacédès, L., Bouissou, M.: Cross-fertilization between safety and security engineering. Rel. Eng. Sys. Safety 110, 110–126 (2013)

    CrossRef  Google Scholar 

  6. International Atomic Energy Agency (IAEA): International nuclear safety group (INSAG), Defence in depth in nuclear safety, INSAG-10, STI/PUB/1013 (1996)

    Google Scholar 

  7. Sweeney, L.: Technology Dialectics: Constructing Provably Appropriate Technology. Data Privacy Lab, Fall (2006). Accessed 26 Aug 2015

  8. Ozment, A.: Software security growth modeling: examining vulnerabilities with reliability growth models. In: Gollmann, D., Massacci, F., Yautsiukhin, A. (eds.) Quality of Protection. Advances in Information Security, vol. 23, pp. 25–36. Springer, Boston (2006).

    CrossRef  Google Scholar 

  9. Sheyner, O., Haines, J.W., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: IEEE Symposium on Security and Privacy, pp. 273–284 (2002)

    Google Scholar 

  10. Roy, A., Kim, D.S., Trivedi, K.S.: Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees. In: Security and Communication Networks, vol. 5(8), pp. 929–943, John Riley & Sons (2012)

    Google Scholar 

  11. Vishik, C., Balduccini, M.: Making sense of future cybersecurity technologies: using ontologies for multidisciplinary domain analysis. ISSE 2015, pp. 135–145. Springer, Wiesbaden (2015).

    CrossRef  Google Scholar 

  12. Mylopoulos, J., Jarke, M., Koubarakis, M.: Telos – a language for representing knowledge about information systems. ACM Trans. Inf. Syst. 8(4), 327–362 (1990)

    CrossRef  Google Scholar 

  13. Herzog, A., Shahmehri, N., Duma, C.: An ontology of information security. Int. J. Inf. Secur. 1(4), 1–23 (2007)

    CrossRef  Google Scholar 

  14. Fenz, S., Ekelhart, A.: Formalizing information security knowledge. In: ASIACCS 2009, pp. 183–194 (2009)

    Google Scholar 

  15. Mouratidis, H., Giorgini, P., Manson, G.: An ontology for modelling security: the tropos approach. In: Palade, V., Howlett, Robert J., Jain, L. (eds.) KES 2003. LNCS (LNAI), vol. 2773, pp. 1387–1394. Springer, Heidelberg (2003).

    CrossRef  Google Scholar 

  16. Massacci, F., Mylopoulos, J., Paci, F., Tun, T.T., Yu, Y.: An extended ontology for security requirements. In: Salinesi, C., Pastor, O. (eds.) CAiSE 2011. LNBIP, vol. 83, pp. 622–636. Springer, Heidelberg (2011).

    CrossRef  Google Scholar 

  17. Nakamoto, S.: A Peer-to-Peer Electronic Cash System.

  18. Lamport, L., Shostak, R., Pease, M.: The Byzantine generals problem. ACM Trans. Program. Lang. Syst. 4(3), 382–401 (1982)

    CrossRef  Google Scholar 

  19. Lundbaek, L., Beutel, D., Huth, M., Kirk, L., Jackson, S.: Proof of kernel work: a resilient & scalable blockchain consensus algorithm for dynamic low-energy networks.

  20. Schneider, F.B., Mulligan, D.: Doctrine for cybersecurity. Daedalus 140, 70–92 (2011). Fall

    Google Scholar 

Download references

Author information

Authors and Affiliations


Corresponding author

Correspondence to Michael Huth .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Huth, M., Vishik, C., Masucci, R. (2019). Risk Engineering and Blockchain: Anticipating and Mitigating Risks. In: Abramowicz, W., Paschke, A. (eds) Business Information Systems Workshops. BIS 2018. Lecture Notes in Business Information Processing, vol 339. Springer, Cham.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-04848-8

  • Online ISBN: 978-3-030-04849-5

  • eBook Packages: Computer ScienceComputer Science (R0)