Evolutionary Risk Analysis: Expert Judgement

Massimo Felici, Valentino Meduri, Bjørnar Solhaug, Alessandra Tedeschi

Research output: Chapter in Book/Report/Conference proceedingConference contribution


New systems and functionalities are continuously deployed in complex domains such as Air Traffic Management (ATM). Unfortunately, methodologies provide limited support in order to deal with changes and to assess their impacts on critical features (e.g. safety, security, etc.). This paper is concerned with how change requirements affect security properties. A change requirement is a specification of changes that are to be implemented in a system. The paper reports our experience to support an evolutionary risk analysis in order to assess change requirements and their impacts on security properties. In particular, this paper discusses how changes to structured risk analysis models are perceived by domain experts by presenting insights from a risk assessment exercise that uses the CORAS model-driven risk analysis in an ATM case study. It discusses how structured models supporting risk analysis help domain experts to analyse and assess the impact of changes on critical system features.
Original languageEnglish
Title of host publicationComputer Safety, Reliability, and Security
Subtitle of host publication30th International Conference,SAFECOMP 2011, Naples, Italy, September 19-22, 2011. Proceedings
PublisherSpringer Berlin Heidelberg
Number of pages14
ISBN (Electronic)978-3-642-24270-0
ISBN (Print)978-3-642-24269-4
Publication statusPublished - 2011

Publication series

NameLecture Notes in Computer Science
PublisherSpringer Berlin Heidelberg
ISSN (Print)0302-9743


  • CORAS, air traffic management, change requirements, evolutionary risk analysis, security requirements


Dive into the research topics of 'Evolutionary Risk Analysis: Expert Judgement'. Together they form a unique fingerprint.

Cite this