Analyzing Risk-Countermeasure in Organizations: a Quantitative Approach

Asnar, Yudistira and Giorgini, Paolo (2007) Analyzing Risk-Countermeasure in Organizations: a Quantitative Approach. UNSPECIFIED. (Unpublished)

Download (831Kb) | Preview


    Risk is one of inherent problems in all software systems. It becomes more significant if the software system is operated in a critical system (e.g., air traffic control, nuclear plant). It is because in this domain the software system is expected to be always dependable all the time of its operation. The system is dependable when all its risks are suppressed until acceptable level. Therefore, in such setting analysts must carefully analyze the socio-technical system (i.e., organizational-setting and software systems) and understand how uncertain events may affect the systems. By means of the Tropos Goal-Risk, we model the socio-technical system including its risks. Essentially, the framework consists of goal, event, and treatment modeling. The goal layer represents what the stakeholders' interests are and how to achieve them. The event layer depicts how uncertain events occur and impact the goals of stakeholders. The treatment layer represents what the possible measures that are available to treat the events. By quantifying the evidence value of the model, analysts can reason about the level of risk and choose the most appropriate alternative to achieve the stakeholders' interests and the necessary treatment that should be employed to mitigate the risks. We use a case study on Air Traffic Management to illustrate the proposal.

    Item Type: Departmental Technical Report
    Department or Research center: Information Engineering and Computer Science
    Subjects: Q Science > QA Mathematics > QA075 Electronic computers. Computer science
    Q Science > QA Mathematics > QA076 Computer software
    Uncontrolled Keywords: risk analysis quantitative assessment risk assessment
    Report Number: DIT-07-047
    Repository staff approval on: 30 May 2008

    Actions (login required)

    View Item