Risk-aware decision support with constrained goal models

  title={Risk-aware decision support with constrained goal models},
  author={Nikolaos Argyropoulos and Konstantinos Angelopoulos and Haralambos Mouratidis and Andrew Fish},
  journal={Inf. Comput. Secur.},
Purpose The selection of security configurations for complex information systems is a cumbersome process. Decision-making regarding the choice of security countermeasures has to take into consideration a multitude of, often conflicting, functional and non-functional system goals. Therefore, a structured method to support crucial security decisions during a system’s design that can take account of risk whilst providing feedback on the optimal decisions within specific scenarios would be… 

Figures and Tables from this paper

CVSS-based Estimation and Prioritization for Security Risks
A risk estimation and evaluation method for information security based on the Common Vulnerability Scoring System (CVSS) that enables security engineers to focus on the most servere risks right from the beginning.
Designing secure business processes from organisational goal models
This work introduces a framework for the design of secure business process models that uses security-oriented goal models as its starting point to capture a socio-technical view of the system to-be and its security requirements during its early design stages.
Model-Based Risk Analysis and Evaluation Using CORAS and CVSS
Following the principle of security-by-design, this work aims at providing methods to develop secure software right from the beginning, i.e. methods for an application during requirements engineering.
Optimization Modulo Theories with OptiMathSAT
A variety of techniques that deal with the identified issues and advance both the expressiveness and the efficiency of OMT are presented, including implementation of these techniques inside OptiMathSAT, a state-of-the-art OMT solver based on MathSAT5, along with its high-level architecture, Input/Output interfaces and configurable options.
Evaluation of Novel Approaches to Software Engineering: 14th International Conference, ENASE 2019, Heraklion, Crete, Greece, May 4–5, 2019, Revised Selected Papers
A sequence of processing steps and initial results of their application for two examples of a description of system’s functionality showed that variability of language constructs in descriptions affects an amount of implicitly expressed knowledge.


Decision-Making in Security Requirements Engineering with Constrained Goal Models
This work extends Secure Tropos, a security requirements engineering methodology, by introducing the concept of Risk in order to facilitate the elicitation and analysis of security requirements and also support a systematic risk assessment process during the system’s design time.
A probabilistic framework for goal-oriented risk analysis
The paper presents a probabilistic framework for goal specification and obstacle assessment and shows how the computed information can be used to prioritize obstacles for countermeasure selection towards a more complete and robust goal model.
Automating trade-off analysis of security requirements
A novel approach to automate security requirements analysis in order to determine maximum achievable satisfaction level for security requirements and identify trade-offs between security and other requirements is proposed.
Adapting Secure Tropos for Security Risk Management in the Early Phases of Information Systems Development
This paper analyzes Secure Tropos, the language supporting the eponymous agent-based IS development, and suggests improvements in the light of an existing reference model for IS security risk management, thereby improving the conceptual appropriateness of the language.
A Goal Oriented Approach for Modeling and Analyzing Security Trade-Offs
An extension to the i* framework for security trade-off analysis is proposed, taking advantage of its multi-agent and goal orientation, and was applied to several case studies used to exemplify existing approaches.
A Semi-Automatic Approach for Eliciting Cloud Security and Privacy Requirements
An approach is presented that takes as input abstract security and privacy requirements and produces through a semi-automatic process various alternative implementation options for cloud services to create a mapping between the organisational and the operational level of the system's analysis.
A multi-objective genetic algorithm for minimising network security risk and cost
A model of quantitative risk analysis, where an optimisation routine is developed to help a human decision maker to determine the preferred trade-off between investment cost and resulting risk, and shows that the MOGA approach provides high quality solutions, resulting in better knowledge for decision making.
Security Requirements Engineering for Cloud Computing: The Secure Tropos Approach
This work introduces Secure Tropos by discussing its main concepts, their relations and the main diagrams used to capture the different aspects of a software system, and discusses future work on expanding the functionalities offered by Secure Tropo.
A Semi-Automated Tool for Requirements Trade-off Analysis
A semi-automated decision aid tool which allows the use of available but potentially incomplete quantitative and qualitative requirements and risk measures and extends the Even Swap method with formally defined rules for suggesting the next swap to decision stakeholders.
Secure Tropos: a Security-Oriented Extension of the Tropos Methodology
Extensions to the Tropos methodology are introduced to enable it to model security concerns throughout the whole development process to help towards the development of more secure multiagent systems.