{"title":"威胁效应分析:应用FMEA对计算机系统威胁进行建模","authors":"J. Bowles, W. Hanczaryk","doi":"10.1109/RAMS.2008.4925840","DOIUrl":null,"url":null,"abstract":"As the 21st century progresses, computer systems have become a target for a new type of criminal who attacks software with malicious intent. Failure Modes and Effects Analysis, which is normally used to improve system reliability by identifying and mitigating the effects of potential system failures, provides a basic framework that can be applied to counter the threats a computer system will encounter in its operational environment. The process consists of: 1) becoming familiar with the system and system components; 2) developing a threat model by identifying external dependencies and security assumptions; 3) identifying and classifying the types of threats to the system; 4) determining the effects of the threat; and 5) making changes to counter the potential threats. This approach ensures that the assessment of the threat will be done in a systematic and meticulous manner that is more likely to result in a secure and reliable system.","PeriodicalId":143940,"journal":{"name":"2008 Annual Reliability and Maintainability Symposium","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2008-01-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Threat effects analysis: Applying FMEA to model computer system threats\",\"authors\":\"J. Bowles, W. Hanczaryk\",\"doi\":\"10.1109/RAMS.2008.4925840\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As the 21st century progresses, computer systems have become a target for a new type of criminal who attacks software with malicious intent. Failure Modes and Effects Analysis, which is normally used to improve system reliability by identifying and mitigating the effects of potential system failures, provides a basic framework that can be applied to counter the threats a computer system will encounter in its operational environment. The process consists of: 1) becoming familiar with the system and system components; 2) developing a threat model by identifying external dependencies and security assumptions; 3) identifying and classifying the types of threats to the system; 4) determining the effects of the threat; and 5) making changes to counter the potential threats. This approach ensures that the assessment of the threat will be done in a systematic and meticulous manner that is more likely to result in a secure and reliable system.\",\"PeriodicalId\":143940,\"journal\":{\"name\":\"2008 Annual Reliability and Maintainability Symposium\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-01-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 Annual Reliability and Maintainability Symposium\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/RAMS.2008.4925840\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 Annual Reliability and Maintainability Symposium","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/RAMS.2008.4925840","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Threat effects analysis: Applying FMEA to model computer system threats
As the 21st century progresses, computer systems have become a target for a new type of criminal who attacks software with malicious intent. Failure Modes and Effects Analysis, which is normally used to improve system reliability by identifying and mitigating the effects of potential system failures, provides a basic framework that can be applied to counter the threats a computer system will encounter in its operational environment. The process consists of: 1) becoming familiar with the system and system components; 2) developing a threat model by identifying external dependencies and security assumptions; 3) identifying and classifying the types of threats to the system; 4) determining the effects of the threat; and 5) making changes to counter the potential threats. This approach ensures that the assessment of the threat will be done in a systematic and meticulous manner that is more likely to result in a secure and reliable system.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
