A framework for selection of methodology for risk and vulnerability assessments of infrastructures depending on information and communication technology

Proceedings of the European Safety and Reliability Conference 2006, ESREL 2006 - Safety and Reliability for Managing Risk

Volumn 3, Issue , 2006, Pages 2297-2304

  Wiencke, H S ^a   Aven, T ^a   Hagen, J ^b  

^a UNIVERSITY OF STAVANGER   (Norway)

^b NORWEGIAN DEFENCE RESEARCH ESTABLISHMENT FFI   (Norway)

Author keywords

[No Author keywords available]

Indexed keywords

COMMUNICATION; DATA STRUCTURES; PROBLEM SOLVING; RELIABILITY; INFORMATION TECHNOLOGY;

DECISION SITUATIONS; INFORMATION AND COMMUNICATION TECHNOLOGIES; INFRA STRUCTURES; LEVELS OF DETAILS; SECURITY PROBLEMS; VULNERABILITY ASSESSMENTS;

RISK MANAGEMENT;

ACCIDENTAL EVENT; DECISION SITUATION; INFORMATION AND COMMUNICATION TECHNOLOGIES; LEVELS OF DETAIL; SECURITY PROBLEMS; VULNERABILITY ASSESSMENTS;

EID: 54049093345     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (17)

1. Anton, P.S., Anderson, R., Mesic, R., Scheiern, M. 2003. The Vulnerability Assessment & Mitigation Methodology, Rand Report. ISBN 0-8330-3434-0.
2. Amatayakul, M. 2003. Security Risk Analysis and Management: an Overview (AHIMA Practice Brief). Journal of AHIMA 74, no.9: 72A-G.
3. AS/NZS 4360, 2004. Australian/New Zealand Standard: Risk management.
4. Aven, T. & Kristensen, V. 2005. Perspectives on risk- Review and discussion of the basis for establishing a unified and holistic approach. Rel. Engn. System Safety, 90, 1-14.
5. Aven, T., Vinnem, J.E. & Wiencke, H.S. 2006. A decision framework for HES management. Reliability Engineering and System Safety, to appear.
6. Aven, T. 2006. A unified framework for risk and vulnerability analysis and management covering both safety and security. Paper submitted for publication.
7. Aven, T. 2006a. Expressing risk in a security context. Paper to be presented at ESREL 2006, September.
8. Dondossola, G., Lamquet, O. & Masera, M. 2004. Emerging standards and methodological issues for the security analysis of power system information infrastructures. In Proc. Securing Critical Infrastructures, Grenoble, October 2004.
9. Garrick, B.J. et. al. 2004. Confronting the risks of terrorism: making the right decisions. Reliability Engineering and System Safety, 86, 129-176.
10. Gheorghe, A.V. Critical Infrastructure at Risk, Springer 2006
11. ISO 2002. Risk management vocabulary. ISO/IEC Guide 73.
12. IST-2000-25031, The CORAS methodology for model-based risk assessment.
13. Kristensen V, Aven T. & Ford, D. 2006. A new approach on Renn & Klinke's approach to risk evaluation and management. Reliab Eng Syst Safety, 91, 421-432.
14. Peltier, T.R. 2001. Information Security Risk Analysis. Auerback Publications.
15. Renn, O. & Klinke, A. 2002. A New approach to risk evaluation and management: Risk-based precaution-based and discourse-based strategies. Risk Analysis, 22, 1071-1094.
16. Risk Analysis 2004 Special issue on terrorism and security, 24.
17. Wiencke, H. & Aven, T. 2006. An approach for selecting risk and vulnerability methods.