Model-based Qualitative Risk Assessment for Availability of IT Infrastructures

Emmanuele Zambon, Sandro Etalle, Roelf J. Wieringa, Pieter H. Hartel

    Research output: Contribution to journalArticleAcademicpeer-review

    21 Citations (Scopus)
    143 Downloads (Pure)

    Abstract

    For today’s organisations, having a reliable information system is crucial to safeguard enterprise revenues (think of on-line banking, reservations for e-tickets etc.). Such a system must often offer high guarantees in terms of its availability; in other words, to guarantee business continuity, IT systems can afford very little downtime. Unfortunately, making an assessment of IT availability risks is difficult: incidents affecting the availability of a marginal component of the system may propagate in unexpected ways to other more essential components that functionally depend on them. General-purpose risk assessment (RA) methods do not provide technical solutions to deal with this problem. In this paper we present the qualitative time dependency (QualTD) model and technique, which is meant to be employed together with standard RA methods for the qualitative assessment of availability risks based on the propagation of availability incidents in an IT architecture. The QualTD model is based on our previous quantitative time dependency (TD) model (Zambon et al. in BDIM ’07: Second IEEE/IFIP international workshop on business-driven IT management. IEEE Computer Society Press, pp 75–83, 2007), but provides more flexible modelling capabilities for the target of assessment. Furthermore, the previous model required quantitative data which is often too costly to acquire, whereas QualTD applies only qualitative scales, making it more applicable to industrial practice. We validate our model and technique in a real-world case by performing a risk assessment on the authentication and authorisation system of a large multinational company and by evaluating the results with respect to the goals of the stakeholders of the system. We also perform a review of the most popular standard RA methods and discuss which type of method can be combined with our technique.
    Original languageUndefined
    Pages (from-to)553-580
    Number of pages28
    JournalSoftware and systems modeling
    Volume10
    Issue number4
    DOIs
    Publication statusPublished - 21 Jun 2011

    Keywords

    • EWI-18595
    • DIES-Cyber Security
    • SCS-Cybersecurity
    • SCS-Services
    • RISK ASSESSMENT
    • Information risk management
    • METIS-271070
    • IR-73676
    • Availability
    • Information Security
    • System modelling

    Cite this

    @article{e081acb718eb40d9a283361275500109,
    title = "Model-based Qualitative Risk Assessment for Availability of IT Infrastructures",
    abstract = "For today’s organisations, having a reliable information system is crucial to safeguard enterprise revenues (think of on-line banking, reservations for e-tickets etc.). Such a system must often offer high guarantees in terms of its availability; in other words, to guarantee business continuity, IT systems can afford very little downtime. Unfortunately, making an assessment of IT availability risks is difficult: incidents affecting the availability of a marginal component of the system may propagate in unexpected ways to other more essential components that functionally depend on them. General-purpose risk assessment (RA) methods do not provide technical solutions to deal with this problem. In this paper we present the qualitative time dependency (QualTD) model and technique, which is meant to be employed together with standard RA methods for the qualitative assessment of availability risks based on the propagation of availability incidents in an IT architecture. The QualTD model is based on our previous quantitative time dependency (TD) model (Zambon et al. in BDIM ’07: Second IEEE/IFIP international workshop on business-driven IT management. IEEE Computer Society Press, pp 75–83, 2007), but provides more flexible modelling capabilities for the target of assessment. Furthermore, the previous model required quantitative data which is often too costly to acquire, whereas QualTD applies only qualitative scales, making it more applicable to industrial practice. We validate our model and technique in a real-world case by performing a risk assessment on the authentication and authorisation system of a large multinational company and by evaluating the results with respect to the goals of the stakeholders of the system. We also perform a review of the most popular standard RA methods and discuss which type of method can be combined with our technique.",
    keywords = "EWI-18595, DIES-Cyber Security, SCS-Cybersecurity, SCS-Services, RISK ASSESSMENT, Information risk management, METIS-271070, IR-73676, Availability, Information Security, System modelling",
    author = "Emmanuele Zambon and Sandro Etalle and Wieringa, {Roelf J.} and Hartel, {Pieter H.}",
    note = "10.1007/s10270-010-0166-8",
    year = "2011",
    month = "6",
    day = "21",
    doi = "10.1007/s10270-010-0166-8",
    language = "Undefined",
    volume = "10",
    pages = "553--580",
    journal = "Software and systems modeling",
    issn = "1619-1366",
    publisher = "Springer",
    number = "4",

    }

    Model-based Qualitative Risk Assessment for Availability of IT Infrastructures. / Zambon, Emmanuele; Etalle, Sandro; Wieringa, Roelf J.; Hartel, Pieter H.

    In: Software and systems modeling, Vol. 10, No. 4, 21.06.2011, p. 553-580.

    Research output: Contribution to journalArticleAcademicpeer-review

    TY - JOUR

    T1 - Model-based Qualitative Risk Assessment for Availability of IT Infrastructures

    AU - Zambon, Emmanuele

    AU - Etalle, Sandro

    AU - Wieringa, Roelf J.

    AU - Hartel, Pieter H.

    N1 - 10.1007/s10270-010-0166-8

    PY - 2011/6/21

    Y1 - 2011/6/21

    N2 - For today’s organisations, having a reliable information system is crucial to safeguard enterprise revenues (think of on-line banking, reservations for e-tickets etc.). Such a system must often offer high guarantees in terms of its availability; in other words, to guarantee business continuity, IT systems can afford very little downtime. Unfortunately, making an assessment of IT availability risks is difficult: incidents affecting the availability of a marginal component of the system may propagate in unexpected ways to other more essential components that functionally depend on them. General-purpose risk assessment (RA) methods do not provide technical solutions to deal with this problem. In this paper we present the qualitative time dependency (QualTD) model and technique, which is meant to be employed together with standard RA methods for the qualitative assessment of availability risks based on the propagation of availability incidents in an IT architecture. The QualTD model is based on our previous quantitative time dependency (TD) model (Zambon et al. in BDIM ’07: Second IEEE/IFIP international workshop on business-driven IT management. IEEE Computer Society Press, pp 75–83, 2007), but provides more flexible modelling capabilities for the target of assessment. Furthermore, the previous model required quantitative data which is often too costly to acquire, whereas QualTD applies only qualitative scales, making it more applicable to industrial practice. We validate our model and technique in a real-world case by performing a risk assessment on the authentication and authorisation system of a large multinational company and by evaluating the results with respect to the goals of the stakeholders of the system. We also perform a review of the most popular standard RA methods and discuss which type of method can be combined with our technique.

    AB - For today’s organisations, having a reliable information system is crucial to safeguard enterprise revenues (think of on-line banking, reservations for e-tickets etc.). Such a system must often offer high guarantees in terms of its availability; in other words, to guarantee business continuity, IT systems can afford very little downtime. Unfortunately, making an assessment of IT availability risks is difficult: incidents affecting the availability of a marginal component of the system may propagate in unexpected ways to other more essential components that functionally depend on them. General-purpose risk assessment (RA) methods do not provide technical solutions to deal with this problem. In this paper we present the qualitative time dependency (QualTD) model and technique, which is meant to be employed together with standard RA methods for the qualitative assessment of availability risks based on the propagation of availability incidents in an IT architecture. The QualTD model is based on our previous quantitative time dependency (TD) model (Zambon et al. in BDIM ’07: Second IEEE/IFIP international workshop on business-driven IT management. IEEE Computer Society Press, pp 75–83, 2007), but provides more flexible modelling capabilities for the target of assessment. Furthermore, the previous model required quantitative data which is often too costly to acquire, whereas QualTD applies only qualitative scales, making it more applicable to industrial practice. We validate our model and technique in a real-world case by performing a risk assessment on the authentication and authorisation system of a large multinational company and by evaluating the results with respect to the goals of the stakeholders of the system. We also perform a review of the most popular standard RA methods and discuss which type of method can be combined with our technique.

    KW - EWI-18595

    KW - DIES-Cyber Security

    KW - SCS-Cybersecurity

    KW - SCS-Services

    KW - RISK ASSESSMENT

    KW - Information risk management

    KW - METIS-271070

    KW - IR-73676

    KW - Availability

    KW - Information Security

    KW - System modelling

    U2 - 10.1007/s10270-010-0166-8

    DO - 10.1007/s10270-010-0166-8

    M3 - Article

    VL - 10

    SP - 553

    EP - 580

    JO - Software and systems modeling

    JF - Software and systems modeling

    SN - 1619-1366

    IS - 4

    ER -