Abstract
Complex systems require an integrated approach to risks. In this paper, we describe risk engineering, a methodology to incorporate risks at the planning and design stage for complex systems, and introduce some of its components. We examine, at a high level, how risk engineering can help improve the risk picture for blockchain technologies and their applications and outline challenges and benefits of this approach.
Keywords
- Risk engineering
- Blockchain
- Ontology
- Reasoning
- Integrated risk analysis
This is a preview of subscription content, access via your institution.
Buying options
Notes
- 1.
Blockchain and distributed ledger technologies, https://www.iso.org/committee/6266604.html.
References
InternetLiveStats.com. http://www.internetlivestats.com/internet-users/
Software Engineering Institute (SEI): Carnegie Mellon University, Architecture Tradeoff Analysis Method (2015). http://www.sei.cmu.edu/architecture/tools/evaluate/atam.cfm
Katsumata, P., Hemenway, J., Gavins, W.: Cybersecurity risk management. In: Military Communications Conference, 2010-MILCOM 2010. IEEE (2010)
Cyber-Physical Systems Public Working Group: Framework for Cyber-Physical Systems. Release 0.8. DRAFT, September 2015
Piètre-Cambacédès, L., Bouissou, M.: Cross-fertilization between safety and security engineering. Rel. Eng. Sys. Safety 110, 110–126 (2013)
International Atomic Energy Agency (IAEA): International nuclear safety group (INSAG), Defence in depth in nuclear safety, INSAG-10, STI/PUB/1013 (1996)
Sweeney, L.: Technology Dialectics: Constructing Provably Appropriate Technology. Data Privacy Lab, Fall (2006). http://dataprivacylab.org/dataprivacy/projects/dialectics/index.html. Accessed 26 Aug 2015
Ozment, A.: Software security growth modeling: examining vulnerabilities with reliability growth models. In: Gollmann, D., Massacci, F., Yautsiukhin, A. (eds.) Quality of Protection. Advances in Information Security, vol. 23, pp. 25–36. Springer, Boston (2006). https://doi.org/10.1007/978-0-387-36584-8_3
Sheyner, O., Haines, J.W., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: IEEE Symposium on Security and Privacy, pp. 273–284 (2002)
Roy, A., Kim, D.S., Trivedi, K.S.: Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees. In: Security and Communication Networks, vol. 5(8), pp. 929–943, John Riley & Sons (2012)
Vishik, C., Balduccini, M.: Making sense of future cybersecurity technologies: using ontologies for multidisciplinary domain analysis. ISSE 2015, pp. 135–145. Springer, Wiesbaden (2015). https://doi.org/10.1007/978-3-658-10934-9_12
Mylopoulos, J., Jarke, M., Koubarakis, M.: Telos – a language for representing knowledge about information systems. ACM Trans. Inf. Syst. 8(4), 327–362 (1990)
Herzog, A., Shahmehri, N., Duma, C.: An ontology of information security. Int. J. Inf. Secur. 1(4), 1–23 (2007)
Fenz, S., Ekelhart, A.: Formalizing information security knowledge. In: ASIACCS 2009, pp. 183–194 (2009)
Mouratidis, H., Giorgini, P., Manson, G.: An ontology for modelling security: the tropos approach. In: Palade, V., Howlett, Robert J., Jain, L. (eds.) KES 2003. LNCS (LNAI), vol. 2773, pp. 1387–1394. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45224-9_187
Massacci, F., Mylopoulos, J., Paci, F., Tun, T.T., Yu, Y.: An extended ontology for security requirements. In: Salinesi, C., Pastor, O. (eds.) CAiSE 2011. LNBIP, vol. 83, pp. 622–636. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22056-2_64
Nakamoto, S.: A Peer-to-Peer Electronic Cash System. https://bitcoin.org/bitcoin.pdf
Lamport, L., Shostak, R., Pease, M.: The Byzantine generals problem. ACM Trans. Program. Lang. Syst. 4(3), 382–401 (1982)
Lundbaek, L., Beutel, D., Huth, M., Kirk, L., Jackson, S.: Proof of kernel work: a resilient & scalable blockchain consensus algorithm for dynamic low-energy networks. xain.io/assets/downloads/XAIN_Yellowpaper_PoKW_Version_1.3.pdf
Schneider, F.B., Mulligan, D.: Doctrine for cybersecurity. Daedalus 140, 70–92 (2011). Fall
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Huth, M., Vishik, C., Masucci, R. (2019). Risk Engineering and Blockchain: Anticipating and Mitigating Risks. In: Abramowicz, W., Paschke, A. (eds) Business Information Systems Workshops. BIS 2018. Lecture Notes in Business Information Processing, vol 339. Springer, Cham. https://doi.org/10.1007/978-3-030-04849-5_34
Download citation
DOI: https://doi.org/10.1007/978-3-030-04849-5_34
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-04848-8
Online ISBN: 978-3-030-04849-5
eBook Packages: Computer ScienceComputer Science (R0)