Predicting Availability of Systems using BBN in Aspect-Oriented Risk-Driven Development (AORDD)
作者: Siv Hilde Houmb , James Bieman , Geri Georg , Raghu Reddy
DOI:
关键词:
摘要: Several standards exist that target security assessment and certification. However, these support qualitative evaluation according to predefined levels. To trade-off between treatment strategies, we also need quantitative estimates of operational security. Quantitative evaluation, such as probabilistic analysis, is frequently used within the dependability domain. The quantify attributes has recently been raised. This relates both requirements in Quality Service (QoS) architectures, input decisions regarding design choice mechanisms. measure make mechanisms, separate treatments from primary functionality model, model strategies aspects using Aspect-Oriented Modeling (AOM). In this paper, develop a Bayesian Belief Network (BBN) based prediction system for estimating availability. Availability estimated variables mean time mis-use (MTTM), effort (METM), impact misuse (MI), frequency (MF). Misuses are addressed strategies. quality cost (TC) effect (TE).
colostate.edu 参考文章(20)
Indrakshi Ray, Geri Georg, An Aspect-Based Approach to Modeling Security Concerns ,(2007)
Siv Hilde Houmb, Combining Disparate Information Sources when Quantifying Security Risks ,(2004)
J. C. Laprie, Dependability: Basic Concepts and Terminology Dependable Computing and Fault-Tolerant Systems. pp. 3- 245 ,(1992) , 10.1007/978-3-7091-9170-5_1
Siv Hilde Houmb, Geri Georg, Dan Matheson, Using Aspects to Manage Security Risks in Risk-Driven Development ,(2004)
Tomas Olovsson, Erland Jonsson, On the Integration of Security and Dependability in Computer Systems IASTED International Conference on Reliability, Quality Control and Risk Assessment Washington DC, USA, 1992, ISBN 0-88986-171-4. pp. 93- 97 ,(1992)
David Vose, Risk Analysis: A Quantitative Guide ,(2000)
Dazhi Wang, Bharat B. Madan, Kishor S. Trivedi, Security analysis of SITAR intrusion tolerance system computer and communications security. pp. 23- 32 ,(2003) , 10.1145/1036921.1036924
B. A. Gran, Use of Bayesian Belief Networks when combining disparate sources of information in the safety assessment of software-based systems International Journal of Systems Science. ,vol. 33, pp. 529- 542 ,(2002) , 10.1080/00207720210133589
N.E. Fenton, M. Neil, A critique of software defect prediction models IEEE Transactions on Software Engineering. ,vol. 25, pp. 675- 689 ,(1999) , 10.1109/32.815326
B.B. Madan, K. Gogeva-Popstojanova, K. Vaidyanathan, K.S. Trivedi, Modeling and quantification of security attributes of software systems dependable systems and networks. pp. 505- 514 ,(2002) , 10.1109/DSN.2002.1028941