| Publication type: | Conference paper |
| Type of review: | Peer review (publication) |
| Title: | Enhancement of IT risk assessments by UML |
| Authors: | Mock, Ralf Günter Truninger, Benjamin Brunner, Patrick Hruz, Tomas |
| Proceedings: | Safety and reliability : methodology and applications |
| Page(s): | 1531 |
| Pages to: | 1537 |
| Conference details: | European Safety and Reliability Conference (ESREL 2014), Wroclaw, Poland, 14-18 September 2014 |
| Issue Date: | 2015 |
| Publisher / Ed. Institution: | Taylor & Francis |
| Publisher / Ed. Institution: | London |
| ISBN: | 978-1-138-02681-0 978-1-315-73697-6 |
| Language: | English |
| Subjects: | IT security; Zuverlässigkeit; Unified Modeling Language; Risk assessment |
| Subject (DDC): | 005: Computer programming, programs and data |
| Abstract: | Unified Modeling Language diagrams (UML) are considered as an underestimated knowledge source for risk assessment (RA) approaches. For this, a combination of Class and Sequence Diagrams is used to get relevant information for further risk analysis. In an IT enterprise, existing business processes source code can be used to automatically generate a full process Class Diagram. The paper suggests a way to significantly reduce the size of the Class Diagram. To do this, the most relevant business case of the audited enterprise is selected and used to generate a Sequence Diagram. Tools simplify this approach. The resulting Sequence Diagram only consists of classes and operations relevant to the chosen business case. They can then be matched to the initial full system Class Diagram. Elements in the Class Diagram that do not have a match in the Sequence Diagram can be removed, resulting in a reduced Class Diagram. The reduced Class Diagram is the base for RA heuristics, e.g., many incoming associations of a class suggest that other classes often depend on this class. Therefore, a failure of this class ponts to an increased impact value. |
| URI: | https://digitalcollection.zhaw.ch/handle/11475/13265 |
| Fulltext version: | Published version |
| License (according to publishing contract): | Licence according to publishing contract |
| Departement: | School of Engineering |
| Organisational Unit: | Institute of Computer Science (InIT) |
| Appears in collections: | Publikationen School of Engineering |
Files in This Item:
There are no files associated with this item.
Show full item record
Mock, R. G., Truninger, B., Brunner, P., & Hruz, T. (2015). Enhancement of IT risk assessments by UML [Conference paper]. Safety and Reliability : Methodology and Applications, 1531–1537.
Mock, R.G. et al. (2015) ‘Enhancement of IT risk assessments by UML’, in Safety and reliability : methodology and applications. London: Taylor & Francis, pp. 1531–1537.
R. G. Mock, B. Truninger, P. Brunner, and T. Hruz, “Enhancement of IT risk assessments by UML,” in Safety and reliability : methodology and applications, 2015, pp. 1531–1537.
MOCK, Ralf Günter, Benjamin TRUNINGER, Patrick BRUNNER und Tomas HRUZ, 2015. Enhancement of IT risk assessments by UML. In: Safety and reliability : methodology and applications. Conference paper. London: Taylor & Francis. 2015. S. 1531–1537. ISBN 978-1-138-02681-0
Mock, Ralf Günter, Benjamin Truninger, Patrick Brunner, and Tomas Hruz. 2015. “Enhancement of IT Risk Assessments by UML.” Conference paper. In Safety and Reliability : Methodology and Applications, 1531–37. London: Taylor & Francis.
Mock, Ralf Günter, et al. “Enhancement of IT Risk Assessments by UML.” Safety and Reliability : Methodology and Applications, Taylor & Francis, 2015, pp. 1531–37.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.