Abstract
Modelling and analysing risk is one of the most critical activity in system engineering. However, in literature approaches like Fault Tree Analysis, Event Tree Analysis, Failure Modes and Criticality Analysis focus on the system-to-be without considering the impact of the associated risks to the organization where the system will operate. The Tropos framework has been proved effective in modelling strategic interests of the stakeholders at organizational level. In this paper, we introduce the extended Tropos goal model to analyse risk at organization level and we illustrate a number of different techniques to help the analyst in identifying and enumerating relevant countermeasures for risk mitigation.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bresciani, P., Perini, A., Giorgini, P., Giunchiglia, F., Mylopoulos, J.: Tropos: An Agent-Oriented Software Development Methodology. Autonomous Agents and Multi-Agent Systems 8(3), 203–236 (2004)
van Lamsweerde, A., Letier, E.: Handling Obstacles in Goal-Oriented Requirements Engineering. IEEE Transaction Software Engineering 26(10), 978–1005 (2000)
Stamatelatos, M., Vesely, W., Dugan, J., Fragola, J., Minarick, J., Railsback, J.: Fault Tree Handbook with Aerospace Applications. NASA (2002)
DoD: Military Standard, Procedures for Performing a Failure Mode, Effects, and Critical Analysis (MIL-STD-1692A). U.S. Department of Defense (1980)
Yu, E.: Modelling Strategic Relationships for Process Engineering. PhD thesis, University of Toronto, Department of Computer Science (1995)
Dardenne, A., van Lamsweerde, A., Fickas, S.: Goal-Directed Requirements Acquisition. Science of Computer Programming 20, 3–50 (1993)
Anton, A.I.: Goal-Based Requirements Analysis. In: ICRE 1996: Proceedings of the 2nd International Conference on Requirements Engineering, Washington, DC, USA, p. 136. IEEE Computer Society, Los Alamitos (1996)
COSO: Enterprise Risk Management - Integrated Framework. Committee of Sponsoring Organizations of the Treadway Commission (2004)
Giorgini, P., Mylopoulos, J., Nicchiarelli, E., Sebastiani, R.: Formal Reasoning Techniques for Goal Models. Journal of Data Semantics (2003)
Giorgini, P., Mylopoulos, J., Sebastiani, R.: Simple and Minimum-Cost Satisfiability for Goal Models. In: Persson, A., Stirna, J. (eds.) CAiSE 2004. LNCS, vol. 3084, pp. 20–33. Springer, Heidelberg (2004)
LAS: London ambulance service - official website (2006), http://www.londonambulance.nhs.uk/
Finkelstein, A.: Report of the inquiry into the london ambulance service. In: International Workshop on Software Specification and Design Case Study (1995)
van Lamsweerde, A., Letier, E., Darimont, R.: Managing Conflicts in Goal-Driven Requirements Engineering. IEEE Transaction Software Engineering 24(11), 908–926 (1998)
Carr, M.J., Konda, S.L., Monarch, I., UlrichCarr1993, F.C.: Taxonomy-Based Risk Identification. Technical Report CMU/SEI-93-TR-6, ESC-TR-93-183, Software Engineering Institute, Carnegie Mellon University (1993)
Holton, G.A.: Defining Risk. Financial Analyst Journal 60(6), 19–25 (2004)
Feather, M.S., Cornford, S.L., Dunphy, J., Hicks, K.: A quantitative risk model for early lifecycle decision making. In: Proceedings of the Conference on Integrated Design and Process Technology (2002)
Asnar, Y., Giorgini, P., Mylopoulos, J.: Risk Modelling and Reasoning in Goal Models. Technical Report DIT-06-008, DIT - University of Trento (2006)
Fuxman, A., Kazhamiakin, R., Pistore, M., Roveri, M.: Formal Tropos: language and semantics (2003), http://trinity.dit.unitn.it/~tropos/papers_files/ftsem03.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Asnar, Y., Giorgini, P. (2006). Modelling Risk and Identifying Countermeasure in Organizations. In: Lopez, J. (eds) Critical Information Infrastructures Security. CRITIS 2006. Lecture Notes in Computer Science, vol 4347. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11962977_5
Download citation
DOI: https://doi.org/10.1007/11962977_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69083-2
Online ISBN: 978-3-540-69084-9
eBook Packages: Computer ScienceComputer Science (R0)