An approach for model-based risk assessment

Abstract

Traditional risk analysis and assessment is based on failure-oriented models of the system. In contrast to this, model-based risk assessment (MBRA) utilizes success-oriented models describing all intended system aspects, including functional, operational and organisational aspects of the target. The target models are then used as input sources for complementary risk analysis and assessment techniques, as well as a basis for the documentation of the assessment results. The EU-funded CORAS project developed a tool-supported methodology for model-based risk analysis of security-critical systems. The methodology has been tried out within the telemedicine and e-commerce areas, and provided through a series of seven trials a sound basis for risk assessments. This paper gives an overview of the results with focus on how the approach can be applied for addressing security aspects in a safety critical application and discusses how the methodology can be applied as a part of a trust case development. © Springer-Verlag 2004.