Tutorial 1
Date/Time: Monday, October 17th, 2011 9:00am - 12:00pm
Duration: 3 hours
Title: Analysing risk in practice: The CORAS approach to model-driven risk Analysis
Presenters: Dr. Atle Refsdal
Abstract:
The term “risk” is known from many fields. On an almost daily basis we face
references to “contractual risk”, “economic risk”, “operational risk”,
“environmental risk”, “health risk”, “political risk”, “legal risk”, “security
risk”, and so forth. In order to identify and assess risks we may conduct risk
analyses.
In this tutorial we present the CORAS approach, which is a self-contained risk
analysis methodology and the first to be truly model-driven in the sense that
modelling is an integrated part in every part of the process. The methodology is
described in detail in the book Model-Driven Risk Analysis. The CORAS Approach,
and has been validated through application in a large number of full-scale
industrial analyses.
The goal of the tutorial is to give the audience an introduction to the basics
of risk analysis and to introduce the audience to the CORAS method and language
for model-driven risk analysis. The intended audience is anyone with an interest
in software engineering, security and risk management. The tutorial should be
suitable both for persons new to risk analysis, as well as people familiar with
risk analysis that are interested in the model-driven approach.
Dr. Atle Refsdal is employed as a research scientist at SINTEF ICT. He received his PhD in informatics from the University of Oslo in 2008. He has done research on methods, languages and tools supporting risk analysis in European as well as national projects, and conducted a number of industrial security risk analyses over the last four years.
Last modified: 2011-09-29 23:33:23 EDT