The cyber security modeling language: A tool for assessing the vulnerability of enterprise system architectures
The cyber security modeling language (CySeMoL) is a modeling language for enterprise-
level system architectures coupled to a probabilistic inference engine. If the computer …
level system architectures coupled to a probabilistic inference engine. If the computer …
Comparing risk identification techniques for safety and security requirements
C Raspotnig, A Opdahl - Journal of systems and software, 2013 - Elsevier
When developing systems where safety and security are important aspects, these aspects
have to be given special attention throughout the development, in particular in the …
have to be given special attention throughout the development, in particular in the …
Attacker profiling in quantitative security assessment based on attack trees
A Lenin, J Willemson, DP Sari - Nordic conference on secure IT systems, 2014 - Springer
Providing meaningful estimations for the quantitative annotations on the steps of complex
multi-step attacks is hard, as they are jointly influenced by the infrastructure and attacker …
multi-step attacks is hard, as they are jointly influenced by the infrastructure and attacker …
Incorporating attacker capabilities in risk estimation and mitigation
The risk exposure of a given threat to an information system is a function of the likelihood of
the threat and the severity of its impacts. Existing methods for estimating threat likelihood …
the threat and the severity of its impacts. Existing methods for estimating threat likelihood …
[PDF][PDF] Evaluation and improvement of internet voting schemes based on legally-founded security requirements
S Neumann - 2016 - core.ac.uk
The first chapter provides the reader an introduction into the content of this thesis. We
motivate our research and define the research questions addressed within the thesis. We …
motivate our research and define the research questions addressed within the thesis. We …
[PDF][PDF] CVSS-based Estimation and Prioritization for Security Risks.
R Wirtz, M Heisel - ENASE, 2019 - scitepress.org
During software development, it is of essential importance to consider security threats. The
number of reported incidents and the harm for organizations due to such incidents highly …
number of reported incidents and the harm for organizations due to such incidents highly …
Towards internet voting security: A threat tree for risk assessment
The Internet is a dangerous place for any critical application and is particularly risky for
binding government elections where every vote must count. The complex interplay of …
binding government elections where every vote must count. The complex interplay of …
Risk Assessment Framework for Evaluation of Cybersecurity Threats and Vulnerabilities in Medical Devices
MS Van Devender - 2023 - search.proquest.com
Medical devices are vulnerable to cybersecurity exploitation and, while they can provide
improvements to clinical care, they can put healthcare organizations and their patients at risk …
improvements to clinical care, they can put healthcare organizations and their patients at risk …
[PDF][PDF] Applying a reusable election threat model at the county level
We describe the first systematic, quantitative threat evaluation in a local election jurisdiction
in the US, Marin County, California, in the November 2010 general election. We made use of …
in the US, Marin County, California, in the November 2010 general election. We made use of …
A threat tree for health information security and privacy
This paper begins a process of organizing knowledge of health information security threats
into a comprehensive catalog. We begin by describing our risk management perspective of …
into a comprehensive catalog. We begin by describing our risk management perspective of …