Abstract
This chapter introduces and explains the basic risk related terminology on which this book builds. It also positions CORAS in the setting of the most well-known alternative approaches to risk modeling and analysis.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alberts, C.J., Davey, J.: OCTAVE criteria version 2.0. Technical report CMU/SEI-2001-TR-016. Carnegie Mellon University (2004)
Barber, B., Davey, J.: The use of the CCTA risk analysis and management methodology CRAMM in health information systems. In: 7th International Congress on Medical Informatics, MEDINFO’92, pp. 1589–1593. North-Holland, Amsterdam (1992)
Ben-Gal, I.: Bayesian networks. In: Ruggeri, F., Kenett, R.S., Faltin, F.W. (eds.) Encyclopedia of Statistics in Quality and Reliability. John Wiley & Sons, New York (2007)
Bouti, A., Kadi, A.D.: A state-of-the-art review for FMEA/FMECA. Int. J. Reliab. Qual. Saf. Eng. 1, 515–543 (1994)
Fenton, N.E., Krause, P., Neil, M.: Software measurement: Uncertainty and causal modeling. IEEE Softw. 19(4), 116–122 (2002)
Hogganvik, I.: A graphical approach to security risk analysis. Ph.D. thesis, University of Oslo (2007)
Hogganvik, I., Stølen, K.: Risk analysis terminology for IT-systems: Does it match intuition? In: 4th International Symposium on Empirical Software Engineering, ISESE’05, pp. 13–23. IEEE Computer Society, Los Alamitos (2005)
Hogganvik, I., Stølen, K.: A graphical approach to risk identification, motivated by empirical investigations. In: 9th International Conference on Model Driven Engineering Languages and Systems, MoDELS’06. Lecture Notes in Computer Science, vol. 4199, pp. 574–588. Springer, Berlin (2006)
Howard, R.A.: Dynamic Probabilistic Systems, Volume I: Markov Models. John Wiley & Sons, New York (1971)
International Electrotechnical Commission: IEC 61025 Fault Tree Analysis (FTA) (1990)
International Electrotechnical Commission: IEC 60300-3-9 Dependability management – Part 3: Application guide – Section 9: Risk analysis of technological systems – Event Tree Analysis (ETA) (1995)
International Electrotechnical Commission: IEC 61165 Application of Markov Techniques (1995)
International Electrotechnical Commission: IEC 61882 Hazard and Operability studies (HAZOP studies) – Application guide (2001)
International Organization for Standardization: ISO 27001 Information technology – Security techniques – Information security management systems – Requirements (2005)
International Organization for Standardization: ISO/IEC 17799 Information technology – Security techniques – Code of practice for information security management (ISO27002) (2005)
International Organization for Standardization: ISO 31000 Risk management – Principles and guidelines (2009)
International Organization for Standardization: ISO Guide 73 Risk management – Vocabulary (2009)
Kemeny, J.G., Snell, J.L.: Finite Markov Chains. Springer, Berlin (1976)
Nielsen, D.S.: The cause/consequence diagram method as basis for quantitative accident analysis. Technical report RISO-M-1374, Danish Atomic Energy Commission (1971)
Object Management Group: OMG Unified Modeling Language (OMG UML), Superstructure. Version 2.2 (2009). OMG Document: formal/2009-02-02
Redmill, F., Chudleigh, M., Catmur, J.: System Safety: HAZOP and Software HAZOP. Wiley, New York (1999)
Schneier, B.: Attack trees: Modeling security threats. Dr. Dobb’s J. 24(12), 21–29 (1999)
Stålhane, T., Wedde, K.J.: Practical experience with the application of HazOp to a software intensive system. In: Project Control for 2000 and Beyond (ESCOM-ENCRESS’98), pp. 271–281. Shaker Pub (1998)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Lund, M.S., Solhaug, B., Stølen, K. (2011). Background and Related Approaches. In: Model-Driven Risk Analysis. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12323-8_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-12323-8_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-12322-1
Online ISBN: 978-3-642-12323-8
eBook Packages: Computer ScienceComputer Science (R0)