Risk Propagation (RP) is a central technique that allows the calculation of the cascading effect of risk within a system. At the current state, there is a lack of risk propagation solutions that can be used to assess the impact of risk at different levels of abstraction, accounting for actors, processes, physical-digital objects, and their relations. To fill this gap, in this paper, we propose a process-aware risk propagation approach that builds on two main components: i. an ontology, which supports functionalities typical of Semantic Web technologies (SWT), and ii. an ad hoc method to calculate the propagation of risk within the given system. We implemented our approach in a proof-of-concept tool, which was validated in the cybersecurity domain.
|Title of host publication||Proceedings of the 38th ACM/SIGAPP Symposium on Applied Computing, SAC 2023|
|Publisher||Association for Computing Machinery|
|Number of pages||4|
|State||Published - 27 Mar 2023|
|Event||38th Annual ACM Symposium on Applied Computing, SAC 2023 - Tallinn, Estonia|
Duration: 27 Mar 2023 → 31 Mar 2023
|Name||Proceedings of the 38th ACM/SIGAPP Symposium on Applied Computing|
|Conference||38th Annual ACM Symposium on Applied Computing, SAC 2023|
|Period||27/03/23 → 31/03/23|
Bibliographical notePublisher Copyright:
© 2023 Owner/Author(s).
- ontology-driven risk propagation
- risk analytics
- risk propagation
ASJC Scopus subject areas