Now showing 1 - 3 of 3
  • Publication
    FUNCTIONAL MODELLING OF IT RISK ASSESSMENT SUPPORT SYSTEM
    (2011) ;
    Andrejs Romanovs
    ;
    Yuri Merkuryev
    ;
    Arnis Kleins
    ;
    Pjotrs Dorogovs
    ;
    Ojars Krasts
    Information technology systems represent the backbone of a company's operational infrastructure. A company's top management typically ensures that computer software and hardware mechanisms are adequate, functional and in adherence with regulatory guidelines and industry practices. Nowadays, due to depressed economic and increased intensity of performed operations, business highly recognizes the influence of effective Information Technology risk management on profitability. The purpose of this paper is to develop IT risks assessment systems support functional model, based on analysis of IT risks and assessment mechanisms, IT governance and risk management frameworks, functional analysis of IT risks assessment and management software, and, finally, to develop IT risk management domain specification language with a metamodel that defines an abstract UML based language for supporting model-based risk assessment. Usage of UML based domain specific language achieves synergy from in IT industry widely used UML modelling technique and the domain specific risk management extensions.
  • Publication
    Assessment of Cyber Physical System Risks with Domain Specific Modelling and Simulation
    (2018) ;
    Romanovs, Andrejs
    ;
    Merkuryev, Yuri
    ;
    Dorogovs, Pjotrs
    ;
    Kleins, Arnis
    ;
    Potryasaev, Semyon
    Nowadays, the systems developed to integrate real physical processes and virtual computational processes — the cyber-physical systems (CPS), are used in multiple areas of industry and critical national infrastructure, such as manufacturing, medicine, traffic management and security, automotive engineering, industrial process control, energy saving, ecological management, industrial robots, technical infrastructure management, distributed robotic systems, protection target systems, nanotechnology and biological systems technology. With wide use, the level of IT and cyberrisks increases drastically and successful attacks against the CPS will lead to unmanageable and unimaginable consequence. Thus, the need in well-designed risk assessment system of CPS is clear and such system can provide an overall view of CPS security status and support efficient allocations of safeguard resources. The nature of CPS differs from IT mainly with the requirement for real-time operations, thus, traditional risk assessment method for IT system can be adopted in CPS. Design of a unified modelling language based domain specific language described in this paper achieves synergy from in IT industry widely used UML modelling technique and the domain specific risk management extensions. As a novelty for UML modelling, especially for simulation purposes, the presented DSL is enriched by a set of stochastic attributes of modelled activities. Such stochastic attributes are usable for further implementation of discrete-event system simulators.
    Scopus© Citations 16
  • Publication
    CORAS for Threat and Risk Modeling in Social Networks
    (2015)
    Aleksandrs Larionovs
    ;
    ;
    As more users joining social networks possibility of threats is growing, as the information can be reached by expanding number of individuals that increases the possibility that the information “package” will find way to subjects with the appropriate degree of sensitivity to the information – vulnerability. Therefore, the risk management process and, in particular, the risk identification and analysis of key characteristics should be performed. Presented paper describes usage of CORAS methodology for modelling of social network risks.
    Scopus© Citations 6