Title :
Threat effects analysis: Applying FMEA to model computer system threats
Author :
Bowles, John B. ; Hanczaryk, William
Author_Institution :
Comput. Sci. & Eng., Univ. of South Carolina, Columbia, SC
Abstract :
As the 21st century progresses, computer systems have become a target for a new type of criminal who attacks software with malicious intent. Failure Modes and Effects Analysis, which is normally used to improve system reliability by identifying and mitigating the effects of potential system failures, provides a basic framework that can be applied to counter the threats a computer system will encounter in its operational environment. The process consists of: 1) becoming familiar with the system and system components; 2) developing a threat model by identifying external dependencies and security assumptions; 3) identifying and classifying the types of threats to the system; 4) determining the effects of the threat; and 5) making changes to counter the potential threats. This approach ensures that the assessment of the threat will be done in a systematic and meticulous manner that is more likely to result in a secure and reliable system.
Keywords :
authorisation; computer crime; invasive software; software reliability; system recovery; computer criminal; computer system threat effect analysis; failure mode-and-effect analysis; malware; sensitive information; software attack; system failure; system reliability; unlawful system access; Cause effect analysis; Computer security; Computer viruses; Counting circuits; Data flow computing; Design for disassembly; Embedded software; Failure analysis; Performance analysis; Reliability; FMEA; computer security; data flow diagram; malware; software FMEA; threat;
Conference_Titel :
Reliability and Maintainability Symposium, 2008. RAMS 2008. Annual
Conference_Location :
Las Vegas, NV
Print_ISBN :
978-1-4244-1460-4
Electronic_ISBN :
0149-144X
DOI :
10.1109/RAMS.2008.4925840
