Using risk analysis to manage software maintenance
Journal of Software Maintenance: Research and Practice
Maintaining Results from Security Assessments
CSMR '03 Proceedings of the Seventh European Conference on Software Maintenance and Reengineering
Large engineering project risk management using a Bayesian belief network
Expert Systems with Applications: An International Journal
Modular analysis and modelling of risk scenarios with dependencies
Journal of Systems and Software
Model-Driven Risk Analysis: The CORAS Approach
Model-Driven Risk Analysis: The CORAS Approach
Orchestrating security and system engineering for evolving systems
ServiceWave'11 Proceedings of the 4th European conference on Towards a service-based internet
Hi-index | 0.00 |
Risk analysis is the identification and documentation of risks with respect to an organisation or a target system. Established risk analysis methods and guidelines typically focus on a particular system configuration at a particular point in time. The resulting risk picture is then valid only at that point in time and under the assumptions made when it was derived. However, systems and their environments tend to change and evolve over time. In order to appropriately handle change, risk analysis must be supported with specialised techniques and guidelines for modelling, analysing and reasoning about changing risks. In this paper we introduce general techniques and guidelines for managing risk in changing systems, and then instantiate these in the CORAS approach to model-driven risk analysis. The approach is demonstrated by a practical example based on a case study from the Air Traffic Management (ATM) domain.