Security risk analysis of system changes exemplified within the oil and gas domain

  title={Security risk analysis of system changes exemplified within the oil and gas domain},
  author={Atle Refsdal and B. Solhaug and K. St{\o}len},
  journal={International Journal on Software Tools for Technology Transfer},
Changes, such as the introduction of new technology, may have considerable impact on the risk to which a system or organization is exposed. For example, in the oil and gas domain, introduction of technology that allows offshore installations to be operated from onshore means that fewer people are exposed to risk on the installation, but it also introduces new risks and vulnerabilities. We need suitable methods and techniques to understand how a change will affect the risk picture. This paper… Expand
From Risk Analysis to the Expression of Security Requirements for Systems Information
  • Nabil Laoufi
  • Business, Computer Science
  • 2015 Fourth International Conference on Cyber Security, Cyber Warfare, and Digital Forensic (CyberSec)
  • 2015
A process for mastering security evolution in the development lifecycle
  • M. Felderer, Basel Katt
  • Computer Science
  • International Journal on Software Tools for Technology Transfer
  • 2015
Traceability in cyber risk assessment: A design science approach


Model-driven risk analysis of evolving critical infrastructures
Risk Analysis of Changing and Evolving Systems Using CORAS
Beyond Traceability: Compared Approaches to Consistent Security Risk Assessments
Model-Driven Risk Analysis - The CORAS Approach
The CORAS Language – why it is designed the way it is
An Approach to Select Cost-Effective Risk Countermeasures Exemplified in CORAS
Tool-Supported Risk Modeling and Analysis of Evolving Critical Infrastructures
A graphical approach to risk identification, motivated by empirical investigations
Using an Enterprise Architecture for IT Risk Management