Engineering Secure Future Internet Services and Systems

Volume 8431 of the series Lecture Notes in Computer Science pp 345-365

Divide and Conquer – Towards a Notion of Risk Model Encapsulation

  • Atle RefsdalAffiliated withSINTEF ICT
  • , Øyvind RidengAffiliated withOilfield Technology Group
  • , Bjørnar SolhaugAffiliated withSINTEF ICT
  • , Ketil StølenAffiliated withSINTEF ICTDep. of Informatics, University of Oslo

* Final gross prices may vary according to local VAT.

Get Access


The criticality of risk management is evident when considering the information society of today, and the emergence of Future Internet technologies such as Cloud services. Information systems and services become ever more complex, heterogeneous, dynamic and interoperable, and many different stakeholders increasingly rely on their availability and protection. Managing risks in such a setting is extremely challenging, and existing methods and techniques are often inadequate. A main difficulty is that the overall risk picture becomes too complex to understand without methodic and systematic techniques for how to decompose a large scale risk analysis into smaller parts. In this chapter we introduce a notion of risk model encapsulation to address this challenge. Encapsulation facilitates compositional risk analysis by hiding internal details of a risk model. This is achieved by defining a risk model interface that contains all and only the information that is needed for composing the individual risk models to derive the overall risk picture. The interface takes into account possible dependencies between the risk models. We outline a method for compositional risk analysis, and demonstrate the approach by using an example on information security from the petroleum industry.


Risk analysis risk modeling risk model encapsulation risk composition security ICT