Christian Raspotnig

Learn More
Various techniques have been proposed to model attacks on systems. In order to understand such attacks and thereby propose efficient mitigations, the sequence of steps in the attack should be analysed thoroughly. However, there is a lack of techniques to represent intrusion scenarios across a system architecture. This paper proposes a new technique called(More)
Combined Harm Assessment of Safety and Security for Information Systems (CHASSIS) method defines a unified process for safety and security assessments to address both the safety and security aspects during system development process. CHASSIS applies techniques from safety and security fields-e.g. misuse case and HAZOP-to identify and model hazards, threats(More)
Safety is a system property, hence the high-level safety requirements are incorporated into the implementation of system components. In this paper, we propose an optimized traceability analysis method which is based on the means-ends and whole-part concept of the approach for cognitive systems engineering to trace these safety requirements. A system(More)
Safety and security assessments aim to keep harm away from systems. Although they consider different causes of harm, the mitigations suggested by the assessments are often interrelated and affect each other, either by strengthening or weakening the other. Considering the relations and effects, a combined process for safety and security could save resources.(More)