Efficiently computing the likelihoods of cyclically interdependent risk scenarios - Publications Télécom Bretagne de l’IRISA
Article Dans Une Revue Computers & Security Année : 2017

Efficiently computing the likelihoods of cyclically interdependent risk scenarios

Résumé

Quantitative risk assessment provides a holistic view of risk in an organisation, which is, however, often biased by the fact that risk shared by several assets is encoded multiple times in a risk analysis. An apparent solution to this issue is to take all dependencies between assets into consideration when building a risk model. However, existing approaches rarely support cyclic dependencies, although assets that mutually rely on each other are encountered in many organisations, notably in critical infrastructures. To the best of our knowledge, no author has provided a provably efficient algorithm (in terms of the execution time) for computing the risk in such an organisation, notwithstanding that some heuristics exist. This paper introduces the dependency-aware root cause (DARC) model, which is able to compute the risk resulting from a collection of root causes using a poly-time randomised algorithm, and concludes with a discussion on real-time risk monitoring, which DARC supports by design.
Fichier principal
Vignette du fichier
Muller2017.pdf (663.63 Ko) Télécharger le fichier
Origine Fichiers produits par l'(les) auteur(s)

Dates et versions

hal-01427488 , version 1 (26-04-2024)

Identifiants

Citer

Steve Muller, Carlo Harpes, Yves Le Traon, Sylvain Gombault, Jean-Marie Bonnin. Efficiently computing the likelihoods of cyclically interdependent risk scenarios. Computers & Security, 2017, 64, pp.59 - 68. ⟨10.1016/j.cose.2016.09.008⟩. ⟨hal-01427488⟩
632 Consultations
30 Téléchargements

Altmetric

Partager

More