Qualitative and Quantitative Analysis of CFTs Taking Security Causes into Account (bibtex)
by Max Steiner, Peter Liggesmeyer
Abstract:
Component fault trees that contain safety basic events as well as security basic events cannot be analyzed like normal CFTs. Safety basic events are rated with probabilities in an interval [0,1], for security basic events simpler scales such as \low, medium, high\ make more sense. In this paper an approach is described how to handle a quantitative safety analysis with different rating schemes for safety and security basic events. By doing so, it is possible to take security causes for safety failures into account and to rate their effect on system safety.
Reference:
M. Steiner, P. Liggesmeyer, "Qualitative and Quantitative Analysis of CFTs Taking Security Causes into Account", in Computer Safety, Reliability, and Security, F. Koornneef, C. van Gulijk, Eds., Springer International Publishing, 2015, pp. 109-120.
Bibtex Entry:
@InCollection{Steiner15,
  Title                    = {Qualitative and Quantitative Analysis of CFTs Taking Security Causes into Account},
  Author                   = {Steiner, Max and Liggesmeyer, Peter},
  Booktitle                = {Computer Safety, Reliability, and Security},
  Publisher                = {Springer International Publishing},
  Year                     = {2015},
  Editor                   = {Koornneef, Floor and van Gulijk, Coen},
  Pages                    = {109-120},
  Series                   = {Lecture Notes in Computer Science},
  Volume                   = {9338},
  Abstract                 = {Component fault trees that contain safety basic events as well as security basic events cannot be analyzed like normal CFTs. Safety basic events are rated with probabilities in an interval [0,1], for security basic events simpler scales such as \{low, medium, high\} make more sense. In this paper an approach is described how to handle a quantitative safety analysis with different rating schemes for safety and security basic events. By doing so, it is possible to take security causes for safety failures into account and to rate their effect on system safety.},
  Doi                      = {10.1007/978-3-319-24249-1_10},
  ISBN                     = {978-3-319-24248-4},
  Keywords                 = {Safety analysis; Security analysis; Quantitative combined analysis; Component fault trees; Attack trees; Security enhanced component fault trees},
  Language                 = {English},
  Url                      = {http://dx.doi.org/10.1007/978-3-319-24249-1_10}
}
Powered by bibtexbrowser