Using an assurance case framework to develop security strategy and policies

Bloomfield, R. E., Bishop, P. G., Butler, E. & Netkachova, K. (2017). Using an assurance case framework to develop security strategy and policies. Lecture Notes in Computer Science, 10489, pp. 27-38. doi: 10.1007/978-3-319-66284-8_3

[img]
Preview
Text - Accepted Version
Download (693kB) | Preview

Abstract

Assurance cases have been developed to reason and communicate about the trustworthiness of systems. Recently we have also been using them to support the development of policy and to assess the impact of security issues on safety regulation. In the example we present in this paper, we worked with a safety regulator (anonymised as A Regulatory Organisation (ARO) in this paper) to investigate the impact of cyber-security on safety regulation.

Item Type: Article
Additional Information: The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-66284-8_3
Uncontrolled Keywords: Security-Informed Safety, Assurance Cases, Regulation, Risk Assessment
Divisions: School of Informatics > Department of Computing
URI: http://openaccess.city.ac.uk/id/eprint/18331

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics