The CORAS Methodology: Model-based Risk Assessment Using UML and UP

The CORAS Methodology: Model-based Risk Assessment Using UML and UP

Folker den Braber (SINTEF Telecom and Informatics, Norway), Theo Dimitrakos (CLRC Rutherford Appleton Laboratory, UK), Bjorn A. Gran (Institute for Energy Technology, Norway), Mass S. Lund (SINTEF Telecom and Informatics, Norway), Ketil Stolen (SINTEF Telecom and Informatics, Norway) and Jan O. Aagedal (SINTEF Telecom and Informatics, Norway)
Copyright: © 2003 |Pages: 26
DOI: 10.4018/978-1-93177-744-5.ch017
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

This chapter introduces the CORAS methodology in which Unified Modeling Language (UML) and Unified Process (UP) are combined to support a model-based risk assessment on security-critical systems. The hypothesis is that modeling techniques like UML contribute to increased understanding for the different stakeholders involved during a risk assessment. In the CORAS methodology, a traditional risk management process is integrated with UP, which is a well-accepted system development process. CORAS tries to show how UML can contribute to better understanding, documentation, and communicating during the different phases of the risk management process. CORAS addresses both systems under development and systems already in use.

Complete Chapter List

Search this Book:
Reset