TY - UNPB
T1 - Towards an Ontology-Driven Approach for Process-Aware Risk Propagation
AU - Engelberg, Gal
AU - Fumagalli, Mattia
AU - Kuboszek, Adrian
AU - Klein, Dan
AU - Soffer, Pnina
AU - Guizzardi, Giancarlo
PY - 2022/12/22
Y1 - 2022/12/22
N2 - The rapid development of cyber-physical systems creates an increasing demand for a general approach to risk, especially considering how physical and digital components affect the processes of the system itself. In risk analytics and management, risk propagation is a central technique, which allows the calculation of the cascading effect of risk within a system and supports risk mitigation activities. However, one open challenge is to devise a process-aware risk propagation solution that can be used to assess the impact of risk at different levels of abstraction, accounting for actors, processes, physical-digital objects, and their interrelations. To address this challenge, we propose a process-aware risk propagation approach that builds on two main components: i. an ontology, which supports functionalities typical of Semantic Web technologies (SWT), and semantics-based intelligent systems, representing a system with processes and objects having different levels of abstraction, and ii. a method to calculate the propagation of risk within the given system. We implemented our approach in a proof-of-concept tool, which was validated and demonstrated in the cybersecurity domain.
AB - The rapid development of cyber-physical systems creates an increasing demand for a general approach to risk, especially considering how physical and digital components affect the processes of the system itself. In risk analytics and management, risk propagation is a central technique, which allows the calculation of the cascading effect of risk within a system and supports risk mitigation activities. However, one open challenge is to devise a process-aware risk propagation solution that can be used to assess the impact of risk at different levels of abstraction, accounting for actors, processes, physical-digital objects, and their interrelations. To address this challenge, we propose a process-aware risk propagation approach that builds on two main components: i. an ontology, which supports functionalities typical of Semantic Web technologies (SWT), and semantics-based intelligent systems, representing a system with processes and objects having different levels of abstraction, and ii. a method to calculate the propagation of risk within the given system. We implemented our approach in a proof-of-concept tool, which was validated and demonstrated in the cybersecurity domain.
KW - Risk propagation
KW - Risk assessment
KW - Ontology-driven risk propagation
KW - Risk
KW - Ontology
M3 - Preprint
SP - 1
EP - 8
BT - Towards an Ontology-Driven Approach for Process-Aware Risk Propagation
PB - ArXiv.org
ER -