Reference : Efficiently computing the likelihoods of cyclically interdependent risk scenarios
Scientific journals : Article
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/33377
Efficiently computing the likelihoods of cyclically interdependent risk scenarios
English
Muller, Steve mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) >]
Harpes, Carlo [itrust consulting s.à r.l., Luxembourg]
Le Traon, Yves mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)]
Gombault, Sylvain mailto [Telecom Bretagne, France]
Bonnin, Jean-Marie mailto [Telecom Bretagne, France]
2017
Computers & Security
An Imprint of Elsevier Science
64
59-68
Yes (verified by ORBilu)
International
0167-4048
[en] Cyclic causal graphs ; Cyclic dependencies ; Dependency graph ; Quantitative assessment ; Risk analysis ; Risk assessment ; Risk management ; Risk perception ; Causal graph ; Dependency graphs ; Quantitative assessments ; Quantitative risk assessment ; Randomised algorithms ; Risk monitoring ; Risk scenarios
[en] Quantitative risk assessment provides a holistic view of risk in an organisation, which is, however, often biased by the fact that risk shared by several assets is encoded multiple times in a risk analysis. An apparent solution to this issue is to take all dependencies between assets into consideration when building a risk model. However, existing approaches rarely support cyclic dependencies, although assets that mutually rely on each other are encountered in many organisations, notably in critical infrastructures. To the best of our knowledge, no author has provided a provably efficient algorithm (in terms of the execution time) for computing the risk in such an organisation, notwithstanding that some heuristics exist. This paper introduces the dependency-aware root cause (DARC) model, which is able to compute the risk resulting from a collection of root causes using a poly-time randomised algorithm, and concludes with a discussion on real-time risk monitoring, which DARC supports by design. © 2016 Elsevier Ltd
10239425, FNR, Fonds National de la Recherche Luxembourg
http://hdl.handle.net/10993/33377
10.1016/j.cose.2016.09.008

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Limited access
master.pdfAuthor preprint400.26 kBRequest a copy

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.