Towards Automating the Construction & Maintenance of Attack Trees: a Feasibility Study

Security risk management can be applied on well-defined or existing systems; in this case, the objective is to identify existing vulnerabilities, assess the risks and provide for the adequate countermeasures. Security risk management can also be applied very early in the system's development life-cycle, when its architecture is still poorly defined; in this case, the objective is to positively influence the design work so as to produce a secure architecture from the start. The latter work is made difficult by the uncertainties on the architecture and the multiple round-trips required to keep the risk assessment study and the system architecture aligned. This is particularly true for very large projects running over many years. This paper addresses the issues raised by those risk assessment studies performed early in the system's development life-cycle. Based on industrial experience, it asserts that attack trees can help solve the human cognitive scalability issue related to securing those large, continuously-changing system-designs. However, big attack trees are difficult to build, and even more difficult to maintain. This paper therefore proposes a systematic approach to automate the construction and maintenance of such big attack trees, based on the system's operational and logical architectures, the system's traditional risk assessment study and a security knowledge database.Comment: In Proceedings GraMSec 2014, arXiv:1404.163

Picking battles: The impact of trust assumptions on the elaboration of security requirements

This position paper describes work on trust assumptions in the con-text of security requirements. We show how trust assumptions can affect the scope of the analysis, derivation of security requirements, and in some cases how functionality is realized. An example shows how trust assumptions are used by a requirements engineer to help define and limit the scope of analysis and to document the decisions made during the process

Estimating ToE Risk Level using CVSS

Security management is about calculated risk and requires continuous evaluation to ensure cost, time and resource effectiveness. Parts of which is to make future-oriented, cost-benefit investments in security. Security investments must adhere to healthy business principles where both security and financial aspects play an important role. Information on the current and potential risk level is essential to successfully trade-off security and financial aspects. Risk level is the combination of the frequency and impact of a potential unwanted event, often referred to as a security threat or misuse. The paper presents a risk level estimation model that derives risk level as a conditional probability over frequency and impact estimates. The frequency and impact estimates are derived from a set of attributes specified in the Common Vulnerability Scoring System (CVSS). The model works on the level of vulnerabilities (just as the CVSS) and is able to compose vulnerabilities into service levels. The service levels define the potential risk levels and are modelled as a Markov process, which are then used to predict the risk level at a particular time

Towards an integrated perspective on fleet asset management: engineering and governance considerations

The traditional engineering perspective on asset management concentrates on the operational performance the assets. This perspective aims at managing assets through their life-cycle, from technical specification, to acquisition, operation including maintenance, and disposal. However, the engineering perspective often takes for granted organizational-level factors. For example, a focus on performance at the asset level may lead to ignore performance measures at the business unit level. The governance perspective on asset management usually concentrates on organizational factors, and measures performance in financial terms. In doing so, the governance perspective tends to ignore the engineering considerations required for optimal asset performance. These two perspectives often take each other for granted. However experience demonstrates that an exclusive focus on one or the other may lead to sub-optimal performance. For example, the two perspectives have different time frames: engineering considers the long term asset life-cycle whereas the organizational time frame is based on a yearly financial calendar. Asset fleets provide a relevant and important context to investigate the interaction between engineering and governance views on asset management as fleets have distributed system characteristics. In this project we investigate how engineering and governance perspectives can be reconciled and integrated to enable optimal asset and organizational performance in the context of asset fleets

Exploring the intellectual capital and financial capital interface: an artefact-based criteria approach to the recognition of ‘organisational’ assets

This article was submitted to and presented at the 32nd European Accounting Association Annual Conference.Design: Normative, conceptually based. Purpose: The paper presents asset recognition criteria based on the idea that an asset should be functional, separable and measurable and that financial recognition should be triggered by the recognition of an artefact. We apply these criteria to four organisational assets, that is, those intangible assets that are unlikely to be reported in the accounting domain. Findings: We do so in order to show how one may expand the basis on which assets can be reported financially to elements of intellectual capital as well as financial capital. Originality: The criteria have never been applied to organisational asset

Differentiating KMS Strategy from Business Strategy, KM Strategy and IS/IT Strategy

The era of the new millennium has witnessed a wide range of the revolutionized technology that affects our lives and the way an organization is conducted. The contemporary business sectors start to recognize the potential use of knowledge management in the new organizational processes. As a result, increasing numbers of organizations pay attention to the creative value of leveraging knowledge as one of their potential assets. Therefore, organizations start to focus on knowledge as one of the important elements in competitive advantage that needs to be utilized efficiently and effectively. They have shown a great attention of knowledge management in their business strategy incorporated with technology. The role of technological tools and applications is essential in supporting and enhancing knowledge management strategy. There has been a transition from traditional information system to new a concept of knowledge management system employed by organization to sustain competitive advantage in dynamic and unstable environment. Further, to shift the paradigm of knowledge management systems concept from business sectors, this study focused on the KMS applications and tools particularly in Institutions of Higher Education (IHE) environment. The purpose of this study is to (a) identify the relationship of business strategy, knowledge management (KM) Strategy, knowledge management systems (KMS) strategy, information system (IS) strategy and information technology (IT) strategy, particularly in the context of IHE, (b) describe those strategies and their relationship based on the context of IHE. This will provide guidance and effective methods for formulating the KMS strategy with the aim to align it with business strategies and ensuring success of its implementation