Publications Details

Understanding and managing risk in software systems

Fletcher, S.K.; Jansma, R.; Lim, J.; Murphy, M.; Wyss, G.

When software is used in safety-critical, security-critical, or mission-critical situations, it is imperative to understand and manage the risks involved. A risk assessment methodology and toolset have been developed which are specific to software systems. This paper describes the concepts of the methodology, with emphasis on the experience of designing a toolset to support the methodology. Also presented are results of applying the methodology to two real software-based products: the software toolset itself, and a network firewall.