1 research outputs found
Formalized Risk Assessment for Safety and Security
The manifold interactions between safety and security aspects makes it
plausible to handle safety and security risks in an unified way. The paper
develops a corresponding approach based on the discrete event systems (DEVS)
paradigm. The simulation-based calculation of an individual system evolution
path provides the contribution of this special path of dynamics to the overall
risk of running the system. Accidentally and intentionally caused failures are
distinguished by the way, in which the risk contributions of the various
evolution paths are aggregated to the overall risk.
The consistency of the proposed risk assessment method with 'traditional'
notions of risk shows its plausibility. Its non-computability, on the other
hand, makes the proposed risk assessment better suitable to the IT security
domain than other concepts of risk developed for both safety and security.
Power grids are discussed as an application example and demonstrates some of
the advantages of the proposed method