Quantitative assessment for organisational security & dependability

Y. Asnar, M. Felici, F. Massacci, A. Tedeschi, A. Yautsiukhin

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

There are numerous metrics proposed to assess security and dependability of technical systems (e.g., number of defects per thousand lines of code). Unfortunately, most of these metrics are too low-level, and lack on capturing high-level system abstractions required for organisation analysis. The analysis essentially enables the organisation to detect and eliminate possible threats by system re-organisations or re-configurations. In other words, it is necessary to assess security and dependability of organisational structures next to implementations and architectures of systems. This paper focuses on metrics suitable for assessing security and dependability aspects of a socio-technical system and supporting decision making in designing processes. We also highlight how these metrics can help in making the system more effective in providing security and dependability by applying socio-technical solutions (i.e., organisation design patterns). © 2009 IEEE.
Original languageEnglish
Title of host publicationProceedings - 2009 2nd International Conference on Dependability, DEPEND 2009
Pages40-45
DOIs
Publication statusPublished - 2009
Externally publishedYes
Event2009 2nd International Conference on Dependability, DEPEND 2009 - , Greece
Duration: 18 Jun 200923 Jun 2009

Publication series

NameProceedings - 2009 2nd International Conference on Dependability, DEPEND 2009

Conference

Conference2009 2nd International Conference on Dependability, DEPEND 2009
Country/TerritoryGreece
Period18/06/0923/06/09

Fingerprint

Dive into the research topics of 'Quantitative assessment for organisational security & dependability'. Together they form a unique fingerprint.

Cite this