Johannes Viehmann 2012: Reusing Risk Analysis Results - An Extension for the CORAS Risk Analysis Method, 4th IEEE International Conference on Information Privacy, Security, Risk and Trust (PASSAT 2012), Amsterdam 2012, pp. 742-751, IEEE 2012
Print ISBN: 978-1-4673-5638-1, Digital Object Identifier: 10.1109/SocialCom-PASSAT.2012.91
Abstract: This paper shows how the results of CORAS risk analysis can be reused and combined. It introduces new models, diagram types and procedures as an extension of the CORAS method. Taking risk analysis artifacts generated for the individ-ual base components as input, probability values for unwanted incidents of complex systems can be calculated if the relations between these artifacts are modeled correctly. Initially developed for the S-Network, a trustworthy repository, this extension is predestined for analyzing large scale systems consisting of heter-ogeneous components, which no single analyst team could handle.
Download the full paper:
http://surn.net/Viehmann 2012 - Reusing Risk Analysis Results.pdf