On Hierarchical Composition of the Risk Management Evaluation in the Computer Information Systems


       Dariusz Dymek, eidymek@cyf-kr.edu.pl
Department of Computer Science Cracow University of Economics, 31-510 Cracow, Poland

       Leszek Kotulski, kotulski(at)ii.uj.edu.pl 
       Jagiellonian University, Institute of Computer Science, Nawojki 11, 30-072 Cracow, Poland

Abstract.  Large computer systems consist of many components, which create few (software and hardware) layers. Analyzing accessibility of the given system function we should consider accessibility of connected functions of many components. We pay attention to singular functions, because during system failure we often lose access not to whole component, but only to some of its functions. So, analyzing an enterprise risk of a system failure, we consider not only the accessibility of the components (objects) but also of their functions (methods). UML help us to model a system, but the information necessary for a risk evaluation are located in different types of UML diagram (i.e. deployment and class diagrams). Thus we have decided to maintain own graph structure generated (from UML diagrams) and evaluated under aedNLC graph grammar. We show how a formal graph structures enables us to manage the risk associated with any level of the software hierarchy.

Pages: 8

Available Files:

prep_2_06.ps (275 Kbyte),  prep_2_06.pdf (157 Kbyte)