Functional Specification to Support Security Risk Assessment of Large Systems

Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 763)


Measuring the security of organizations is needed to obtain security evidence. We believe that common security identification and quantification related to system’s functionalities can be extended to be used in other systems. Security measurements are common at the business process layer. This paper supports the development of security metrics according to each function of a related system. An elementary metric quantify risk by system’s function. This leads to improve security risk analysis and communication for decision making.


Cyber security metrics E-Learning Mean failure cost Risk management Security measures Functional specification 


  1. 1.
    Jansen, W.A.: NIST IR 7564: Directions in security metrics research. National Institute of Standards and Technology, US Department of Commerce, Gaithersburg (2009)Google Scholar
  2. 2.
    Wang, L., Singhal, A., Jajodia, S.: Toward measuring network security using attack graphs. In: Proceedings of the 2007 ACM Workshop on Quality of Protection, pp. 49–54. ACM (2007)Google Scholar
  3. 3.
    Final Report of Task Group IST-049, Improving Common Security Risk Analysis (2008)Google Scholar
  4. 4.
    Chen, Y., He, W.: Security risks and protection in online learning: a survey. Int. Rev. Res. Open Distrib. Learn. 14(5) (2013)Google Scholar
  5. 5.
    MohdAlwi, N.H., Fan, I.S.: Threats analysis for e-learning. Int. J. Technol. Enhanced Learn. 2(4), 358–371 (2010)CrossRefGoogle Scholar
  6. 6.
    Rjaibi, N., Rabai, L.B.A.: Expansion and practical implementation of the MFC cybersecurity model via a novel security requirements taxonomy. Int. J. Secure Softw. Eng. (IJSSE) 6(4), 32–51 (2015)CrossRefGoogle Scholar
  7. 7.
    Rjaibi, N., Rabai, L.B.A.: Maximizing security management performance and decision with the MFC cyber-security risk management model. EAI Endorsed Trans. e-Learn. 4(15) (2017)Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2019

Authors and Affiliations

  1. 1.Laboratoire SMART, Institut Supérieur de GestionUniversité de TunisTunisTunisia

Personalised recommendations