TY - GEN
T1 - From trust to dependability through risk analysis
AU - Asnar, Y.
AU - Giorgini, P.
AU - Massacci, F.
AU - Zannone, N.
PY - 2007
Y1 - 2007
N2 - The importance of critical systems has been widely recognized and several efforts are devoted to integrate dependability requirements in their development process. Such efforts result in a number of models, frameworks, and methodologies that have been proposed to model and assess the dependability of critical systems. Among them, risk analysis considers the likelihood and severity of failures for evaluating the risk affecting the system. In our previous work, we introduced the Tropos GoalRisk framework, a formal framework for modeling, assessing, and treating risks on the basis of the likelihood and severity of failures. In this paper, we refine this framework introducing the notion of trust for assessing risks on the basis of the organizational setting of the system. The assessment process is also enhanced to analyze risks along trust relations among actors. To make the discussion more concrete, we illustrate the framework with a case study on partial airspace delegation in Air Traffic Management system. © 2007 IEEE.
AB - The importance of critical systems has been widely recognized and several efforts are devoted to integrate dependability requirements in their development process. Such efforts result in a number of models, frameworks, and methodologies that have been proposed to model and assess the dependability of critical systems. Among them, risk analysis considers the likelihood and severity of failures for evaluating the risk affecting the system. In our previous work, we introduced the Tropos GoalRisk framework, a formal framework for modeling, assessing, and treating risks on the basis of the likelihood and severity of failures. In this paper, we refine this framework introducing the notion of trust for assessing risks on the basis of the organizational setting of the system. The assessment process is also enhanced to analyze risks along trust relations among actors. To make the discussion more concrete, we illustrate the framework with a case study on partial airspace delegation in Air Traffic Management system. © 2007 IEEE.
U2 - 10.1109/ARES.2007.93
DO - 10.1109/ARES.2007.93
M3 - Conference contribution
T3 - Proceedings - Second International Conference on Availability, Reliability and Security, ARES 2007
SP - 19
EP - 26
BT - Proceedings - The Second International Conference on Availability, Reliability and Security, ARES 2007
T2 - 2nd International Conference on Availability, Reliability and Security, ARES 2007
Y2 - 10 April 2007 through 13 April 2007
ER -