The University of Southampton
University of Southampton Institutional Repository

Run-time risk management in adaptive ICT systems

Run-time risk management in adaptive ICT systems
Run-time risk management in adaptive ICT systems
We will present results of the SERSCIS project related to risk management and mitigation strategies in adaptive multi-stakeholder ICT systems. The SERSCIS approach involves using semantic threat models to support automated design-time threat identification and mitigation analysis. The focus of this paper is the use of these models at run-time for automated threat detection and diagnosis. This is based on a combination of semantic reasoning and Bayesian inference applied to run-time system monitoring data. The resulting dynamic risk management approach is compared to a conventional ISO 27000 type approach, and validation test results presented from an Airport Collaborative Decision Making (A-CDM) scenario involving data exchange between multiple airport service providers.
9781479910977
102-110
Surridge, Mike
3bd360fa-1962-4992-bb16-12fc4dd7d9a9
Nasser, Bassem
d601c873-8295-44e3-a4e1-d363a26ee086
Chen, Xiaoyu
dde6db8e-1cb1-4de4-87e9-64bab6e0220c
Chakravarthy, Ajay
d5f40fb2-e262-49e1-9fcc-e1368e764d03
Melas, Panos
bf7a965b-691f-4380-96d1-f2f8eb319c89
Surridge, Mike
3bd360fa-1962-4992-bb16-12fc4dd7d9a9
Nasser, Bassem
d601c873-8295-44e3-a4e1-d363a26ee086
Chen, Xiaoyu
dde6db8e-1cb1-4de4-87e9-64bab6e0220c
Chakravarthy, Ajay
d5f40fb2-e262-49e1-9fcc-e1368e764d03
Melas, Panos
bf7a965b-691f-4380-96d1-f2f8eb319c89

Surridge, Mike, Nasser, Bassem, Chen, Xiaoyu, Chakravarthy, Ajay and Melas, Panos (2013) Run-time risk management in adaptive ICT systems. IEEE Eighth International Conference on Availability, Reliability & Security (ARES), Germany. 02 - 06 Sep 2013. pp. 102-110 .

Record type: Conference or Workshop Item (Paper)

Abstract

We will present results of the SERSCIS project related to risk management and mitigation strategies in adaptive multi-stakeholder ICT systems. The SERSCIS approach involves using semantic threat models to support automated design-time threat identification and mitigation analysis. The focus of this paper is the use of these models at run-time for automated threat detection and diagnosis. This is based on a combination of semantic reasoning and Bayesian inference applied to run-time system monitoring data. The resulting dynamic risk management approach is compared to a conventional ISO 27000 type approach, and validation test results presented from an Airport Collaborative Decision Making (A-CDM) scenario involving data exchange between multiple airport service providers.

Text
370577.pdf - Other
Download (440kB)

More information

Published date: 2 September 2013
Venue - Dates: IEEE Eighth International Conference on Availability, Reliability & Security (ARES), Germany, 2013-09-02 - 2013-09-06
Organisations: IT Innovation

Identifiers

Local EPrints ID: 370577
URI: http://eprints.soton.ac.uk/id/eprint/370577
ISBN: 9781479910977
PURE UUID: c742af58-21c1-4b6f-bfa2-dadba399a7e0

Catalogue record

Date deposited: 03 Nov 2014 11:51
Last modified: 09 Dec 2019 19:56

Export record

Contributors

Author: Mike Surridge
Author: Bassem Nasser
Author: Xiaoyu Chen
Author: Ajay Chakravarthy
Author: Panos Melas

University divisions

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×