GIRA: a general model for incident risk analysis |
| |
Authors: | Aitor Couce-Vieira David Rios Insua Siv Hilde Houmb |
| |
Institution: | 1. Universidad Rey Juan Carlos, Madrid, Spain;2. Instituto de Ciencias Matemáticas (ICMAT), Consejo Superior de Investigaciones Científicas (CSIC), Madrid, Spain;3. Instituto de Ciencias Matemáticas (ICMAT), Consejo Superior de Investigaciones Científicas (CSIC), Madrid, Spain;4. Secure-NOK AS, Hamar, Norway |
| |
Abstract: | Most existing risk analysis methods focus on analysing risks that a system might face throughout its life. However, there is no explicit method for risk analysis during incidents. Approaches such as bow-ties and attack trees provide reliable information about triggers and escalation of incidents, but do not cover risk evaluation. Risk matrices include the entire risk analysis process; however, their risk evaluation approach is oversimplified. This paper presents a General Model for Incident Risk Analysis, which formalises the incident risk analysis process through an influence diagram. Our aim is to provide a decision support model that generates reliable risk information and enhances incident risk evaluation. |
| |
Keywords: | Incident risk analysis risk evaluation decision support influence diagram |
|
|