• English
    • norsk
  • English 
    • English
    • norsk
  • Login
View Item 
  •   Home
  • SINTEF
  • Publikasjoner fra CRIStin
  • Publikasjoner fra CRIStin - SINTEF AS
  • View Item
  •   Home
  • SINTEF
  • Publikasjoner fra CRIStin
  • Publikasjoner fra CRIStin - SINTEF AS
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

Visualizing Cyber Security Risks with Bow-Tie Diagrams

Bernsmed, Karin; Frøystad, Christian; Meland, Per Håkon; Nesheim, Dag Atle; Rødseth, Ørnulf Jan
Journal article, Peer reviewed
Accepted version
Thumbnail
View/Open
Visualizing+cyber.pdf (678.3Kb)
Permanent link
http://hdl.handle.net/11250/2490014
Issue date
2018
Metadata
Show full item record
Collections
  • SINTEF Digital [1305]
  • Publikasjoner fra CRIStin - SINTEF AS [2626]
Original version
Lecture Notes in Computer Science. 2018, 10744 38-56.   10.1007/978-3-319-74860-3_3
Abstract
Safety and security risks are usually analyzed independently, by different people using different tools. Consequently, the system analyst may fail to realize cyber attacks as a contributing factor to safety impacts or, on the contrary, design overly secure systems that will compromise the performance of critical operations. This paper presents a methodology for visualizing and assessing security risks by means of bow-tie diagrams, which are commonly used within safety assessments. We outline how malicious activities, random failures, security countermeasures and safety barriers can be visualized using a common graphical notation and propose a method for quantifying risks based on threat likelihood and consequence severity. The methodology is demonstrated using a case study from maritime communication. Our main conclusion is that adding security concepts to the bow-ties is a promising approach, since this is a notation that high-risk industries are already familiar with. However, their advantage as easy-to-grasp visual models should be maintained, hence complexity needs to be kept low.
Journal
Lecture Notes in Computer Science

Contact Us

Privacy policy
Powered by DSpace software

Service from Unit
 

 

Browse this CollectionIssue DateAuthorsTitlesSubjectsDocument TypesJournalsBrowse ArchiveCommunities & CollectionsIssue DateAuthorsTitlesSubjectsDocument TypesJournals

My Account

Login

Statistics

View Usage Statistics

Contact Us

Privacy policy
Powered by DSpace software

Service from Unit