Making Enterprise Information Systems Resilient Against Disruptive Events: A Conceptual View

Conference paper
Part of the Lecture Notes in Business Information Processing book series (LNBIP, volume 391)


Enterprise Information Systems (EIS) are designed to deal with normal variability in their inputs and data. Empowered by CONTEXT-AWARENESS, some EIS even count on sensors and/or data analytics for capturing changes outside of the system. Nevertheless, context-awareness would often fail when EIS are affected by (large-scale) disruptive events, such as disasters, virus outbreaks, or military conflicts. Hence, in the current paper, we take a step forward, by considering context-awareness for disruptive events. We combine context-awareness with risk management techniques, such as FMECA and FTA, that are useful for defining and mitigating risk events. To avoid having to define the likelihood for such very-low-probability disruptive risks, we use CONSEQUENCE-BASED RISK MANAGEMENT rather than traditional risk management. We augment this approach with the context-awareness paradigm, delivering a contribution that is two-fold: (i) We propose context-awareness-related measures and consequence-based-risk-management-related measures, to address disruptive events; (ii) We reflect this in a method featuring the application of context-awareness and risk management for designing robust and resilient EIS.


Enterprise information system Resilience Context-awareness Risk management 


  1. 1.
    Snoeck, M.: Enterprise Information Systems Engineering, the MERODE Approach. Springer, Cham (2014). Scholar
  2. 2.
    Shishkov, B.: Designing Enterprise Information Systems, Merging Enterprise Modeling and Software Specification. Springer, Cham (2020). Scholar
  3. 3.
    Shishkov, B., van Sinderen, M., Verbraeck, A.: Towards flexible inter-enterprise collaboration: a supply chain perspective. In: Filipe, J., Cordeiro, J. (eds.) ICEIS 2009. LNBIP, vol. 24, pp. 513–527. Springer, Heidelberg (2009). Scholar
  4. 4.
    Shishkov, B., Larsen, J.B., Warnier, M., Janssen, M.: Three categories of context-aware systems. In: Shishkov, B. (ed.) BMSD 2018. LNBIP, vol. 319, pp. 185–202. Springer, Cham (2018). Scholar
  5. 5.
    Wegdam, M.: AWARENESS: a project on context AWARE mobile NEtworks and ServiceS. In: Proceedings of 14th Mobile and Wireless Communications Summit. EURASIP (2005)Google Scholar
  6. 6.
    Kopják, J., Sebestyén, G.: Comparison of data collecting methods in wireless mesh sensor networks. In: IEEE 16th World Symposium on Applied Machine Intelligence and Informatics (SAMI), Kosice and Her-lany, Slovakia (2018)Google Scholar
  7. 7.
    Han, J., Kamber, M., Pei, J.: Data Mining: Concepts and Techniques, 3rd edn. Morgan Kaufmann Publ. Inc., San Francisco (2011)zbMATHGoogle Scholar
  8. 8.
    Reuters: Italian PM Orders Businesses to Close All Operations. In: The Guardian - International Edition, London (2020)Google Scholar
  9. 9.
    Takizawa, K.: Resilience of communities affected by the great east japan earthquake and restoration of their local festivals. In: Bouterey, S., Marceau, L. (eds.) Crisis and Disaster in Japan and New Zealand. Palgrave Macmillan, Singapore (2019)Google Scholar
  10. 10.
    Shibata, Y.: Writing Shanghai, the atomic bomb, and incest: homelessness and stigmatized womanhood of Hayashi Kyōko. In: Bouterey, S., Marceau, L. (eds.) Crisis and Disaster in Japan and New Zealand. Palgrave Macmillan, Singapore (2019)Google Scholar
  11. 11.
    Alférez, G.H., Pelechano, V.: Context-aware autonomous web services in software product lines. In: Proceedings of 15th International SPLC Conference. IEEE, CA, USA (2011)Google Scholar
  12. 12.
    Dey, A.K., Abowd, G.D., Salber, D.: A conceptual framework and a toolkit for supporting the rapid prototyping of context-aware applications. Hum.-Comput. Interact. 16(2), 97–166 (2001)CrossRefGoogle Scholar
  13. 13.
    Dey, A.K., Newberger, A.: Support for context-aware intelligibility and control. In: Proceedings of SIGCHI Conference on Human Factors in Computing Systems. ACM, USA (2009)Google Scholar
  14. 14.
    Papadimitriou G.: Future Internet: The Cross-ETP (2011). Accessed December 2011
  15. 15.
    Choraś, M., Kozik, R.: Machine learning techniques applied to detect cyber attacks on web applications. Log. J. IGPL 23(1), 45–56 (2015)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Hopkins, P.: Fundamentals of Risk Management - Understanding, Evaluating, and Implementing Effective Risk Management. IRM (2012)Google Scholar
  17. 17.
    La Rosa, M., Van Der Aalst, W.M.P., Dumas, M., Milani, F.P.: Business process variability modeling: a survey. ACM Comput. Surv. 50(1), Article 2 (2017)Google Scholar
  18. 18.
    Dietz, J.L.G.: Enterprise Ontology, Theory and Methodology. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  19. 19.
    Abeywickrama, D.B.: Context-aware services engineering for service-oriented architectures. In: Bouguettaya, A., Sheng, Q., Daniel, F. (eds.) Web Services Foundations. Springer, New York (2014). Scholar
  20. 20.
    Friedman, B., Hendry, D.G., Borning, A.: A survey of salue sensitive design methods. In: A Survey of Value Sensitive Design Methods, vol. 1. Now Foundations and Trends (2017)Google Scholar
  21. 21.
    Van den Hoven, J.: Value sensitive design and responsible innovation. In: Owen, R., Bessant, J., Heintz, M. (eds.) Responsible Innovation: Managing the Responsible Emergence of Science and Innovation in Society. Wiley, Hoboken (2013)Google Scholar
  22. 22.
    Shishkov, B.: Tuning the Behavior of context-aware applications. In: Shishkov, B. (ed.) BMSD 2019. LNBIP, vol. 356, pp. 134–152. Springer, Cham (2019). Scholar
  23. 23.
    Shishkov, B., van Sinderen, M.: From user context states to context-aware applications. In: Filipe, J., Cordeiro, J., Cardoso, J. (eds.) ICEIS 2007. LNBIP, vol. 12, pp. 225–239. Springer, Heidelberg (2008). Scholar
  24. 24.
    Bunge, M.A.: Treatise on Basic Philosophy. A World of Systems, vol. 4. D. Reidel Publishing Company, Dordrecht (1979)zbMATHCrossRefGoogle Scholar
  25. 25.
    Shishkov, B., Mendling, J.: Business process variability and public values. In: Shishkov, B. (ed.) BMSD 2018. LNBIP, vol. 319, pp. 401–411. Springer, Cham (2018). Scholar
  26. 26.
    Bosems, S., van Sinderen, M.: Models in the design of context-aware well-being applications. In: Meersman, R., et al. (eds.) OTM 2014. LNCS, vol. 8842, pp. 37–42. Springer, Heidelberg (2014). Scholar
  27. 27.
    Cano, J., Delaval, G., Rutten, E.: Coordination of ECA rules by verification and control. In: Kühn, E., Pugliese, R. (eds.) COORDINATION 2014. LNCS, vol. 8459, pp. 33–48. Springer, Heidelberg (2014). Scholar
  28. 28.
    Alegre, U., Augusto, J.C., Clark, T.: Engineering context-aware systems and applications. J. Syst. Softw. 117(1), 55–83 (2016)CrossRefGoogle Scholar
  29. 29.
    Abeywickrama, D.B., Ramakrishnan, S.: Context-aware services engineering: models, transformations, and verification. ACM Trans. Internet Technol. J. 11(3), Article 1 (2012)Google Scholar
  30. 30.
    UML: The website of the Unified Modeling Language (2020).
  31. 31.
    Shishkov, B., Janssen, M.: Enforcing context-awareness and privacy-by-design in the specification of information systems. In: Shishkov, B. (ed.) BMSD 2017. LNBIP, vol. 309, pp. 87–111. Springer, Cham (2018). Scholar
  32. 32.
    González-Rojas, O., Ochoa-Venegas, L.: A decision model and system for planning and adapting the configuration of enterprise information systems. Comput. Ind. 92–93, 161–177 (2017)CrossRefGoogle Scholar
  33. 33.
    Scott, J.E., Vessey, I.: Managing risks in enterprise systems implementations. Commun. ACM 45(4), 74–81 (2002)CrossRefGoogle Scholar
  34. 34.
    Broad, J.: Risk Management Framework. A Lab-Based Approach to Securing Information Systems. Elsevier, Amsterdam (2013)Google Scholar
  35. 35.
    NIST: NIST Special Publication (SP) 800-37 Revision 2, Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy. NIST, December 2018.
  36. 36.
    O’Donnel, E.: Enterprise risk management: a systems-thinking framework for the event identification phase. Int. J. Acc. Inf. Syst. 6, 177–195 (2005)CrossRefGoogle Scholar
  37. 37.
    COSO: Enterprise Risk Management - Integrating with Strategy and Performance. Committee of Sponsoring Organization of the Treadway Committee (COSO) (2017)Google Scholar
  38. 38.
    ISO: ISO 31000 - Risk Management. International Organization for Standardization (ISO), Geneva (2018)Google Scholar
  39. 39.
    Blanchard, B.S., Fabrycky, W.J.: Systems Engineering and Analysis, 4th edn. Prentice-Hall, Upper Saddle River (2006)Google Scholar
  40. 40.
    NASA: NASA SP-2016-6105 Rev2: NASA Systems Engineering Handbook. NASA (2016).
  41. 41.
    NASA: NASA/SP-2011-3422: NASA Risk Management Handbook (2011).
  42. 42.
    Taleb, N.N.: The Black Swan - The Impact of the Highly Improbable, 2nd edn. Random House, New York (2010)Google Scholar
  43. 43.
    Haimes, Y.Y.: Chapter 3: risk management. In: Sage, A.P., Rouse, W.B. (eds.) Handbook of Systems Engineering and Management, 2nd edn, pp. 155–204. Wiley, Hoboken (2009)Google Scholar
  44. 44.
    Hillson, D., Simon, P.: Practical Project Risk Management: The ATOM Methodology, 2nd edn. Management Concepts Press, Tysons Corner (2012)Google Scholar
  45. 45.
    Underwood, S.: Blockchain Beyond Bitcoin. Commun. ACM 59, 15–17 (2016)CrossRefGoogle Scholar
  46. 46.
    Borissova, D., Cvetkova, P., Garvanov, I., Garvanova, M.: A framework of business intelligence system for decision making in efficiency management. In: Saeed, K., Dvorský, J. (eds.) CISIM 2020. LNCS, vol. 12133, pp. 111–121. Springer, Cham (2020). Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Faculty of Information SciencesUniversity of Library Studies and Information TechnologiesSofiaBulgaria
  2. 2.Institute of Mathematics and InformaticsBulgarian Academy of SciencesSofiaBulgaria
  3. 3.Institute IICRESTSofiaBulgaria
  4. 4.Faculty of Technology, Policy, and ManagementDelft University of TechnologyDelftThe Netherlands

Personalised recommendations