This book constitutes revised selected papers from the 4th International Workshop on Graphical Models for Security, GraMSec 2017, held in Santa Barbara, CA, USA, in August 2017. The 5 full and 4 short papers presented in this volume were carefully reviewed and selected from 19 submissions. The book also contains one invited paper from the WISER project. The contributions deal with the latest research and developments on graphical models for security.

The term "risk" is known from many fields, and we are used to references to contractual risk, economic risk, operational risk, legal risk, security risk, and so forth. We conduct risk analysis, using either offensive or defensive approaches to identify and assess risk. Offensive approaches are concerned with balancing potential gain against risk of investment loss, while defensive approaches are concerned with protecting assets that already exist. In this book, Lund, Solhaug and Stolen focus on defensive risk analysis, and more explicitly on a particular approach called CORAS. CORAS is a model-driven method for defensive risk analysis featuring a tool-supported modelling language specially designed to model risks. Their book serves as an introduction to risk analysis in general, including the central concepts and notions in risk analysis and their relations. The authors' aim is to support risk analysts in conducting structured and stepwise risk analysis. To this end, the book is divided into three main parts. Part I of the book introduces and demonstrates the central concepts and notation used in CORAS, and is largely example-driven. Part II gives a thorough description of the CORAS method and modelling language. After having completed this part of the book, the reader should know enough to use the method in practice. Finally, Part III addresses issues that require special attention and treatment, but still are often encountered in real-life risk analysis and for which CORAS offers helpful advice and assistance. This part also includes a short presentation of the CORAS tool support. The main target groups of the book are IT practitioners and students at graduate or undergraduate level. They will appreciate a concise introduction into the emerging field of risk analysis, supported by a sound methodology, and completed with numerous examples and detailed guidelines.

This book constitutes the thoroughly refereed conference proceedings of the First International Workshop on Risk Assessment and Risk-driven Testing, RISK 2013, held in conjunction with 25th IFIP International Conference on Testing Software and Systems, ICTSS 2013, in Istanbul, Turkey, in November 2013. The revised full papers were carefully reviewed and selected from 13 submissions. The papers are organized in topical sections on risk analysis, risk modeling and risk-based testing.

A mathematical and logical foundation for the specification and development of interactive systems based on a model that describes systems in terms of their input/output behavior. Based on this model, the authors build a basic method, called FOCUS, that enables interactive systems to be described by characterizing their histories of message interaction. The book progresses from an introduction and guided tour of FOCUS through streams, specifications and their properties, and behavioral, interface, and conditional refinements.

The term risk is known from many fields, and we are used to references to contractual risk, economic risk, operational risk, legal risk, security risk, and so forth. We conduct risk analysis, using either offensive or defensive approaches to identify and assess risk. Offensive approaches are concerned with balancing potential gain against risk of investment loss, while defensive approaches are concerned with protecting assets that already exist. In this book, Lund, Solhaug and Stolen focus on defensive risk analysis, and more explicitly on a particular approach called CORAS. CORAS is a model-driven method for defensive risk analysis featuring a tool-supported modelling language specially designed to model risks. Their book serves as an introduction to risk analysis in general, including the central concepts and notions in risk analysis and their relations. The authors' aim is to support risk analysts in conducting structured and stepwise risk analysis. To this end, the book is divided into three main parts. Part I of the book introduces and demonstrates the central concepts and notation used in CORAS, and is largely example-driven. Part II gives a thorough description of the CORAS method and modelling language. After having completed this part of the book, the reader should know enough to use the method in practice. Finally, Part III addresses issues that require special attention and treatment, but still are often encountered in real-life risk analysis and for which CORAS offers helpful advice and assistance. This part also includes a short presentation of the CORAS tool support. The main target groups of the book are IT practitioners and students at graduate or undergraduate level. They will appreciate a concise introduction into the emerging field of risk analysis, supported by a sound methodology, and completed with numerous examples and detailed guidelines.

This book constitutes the refereed proceedings of the 4th International Conference on Trust Management, iTrust 2006. 30 revised full papers and 4 revised short papers are presented together with 1 keynote paper and 7 trust management tool and systems demonstration reports. Besides technical issues in distributed computing and open systems, topics from law, social sciences, business, and philosophy are addressed.

Today's distributed systems are characterized by interactions-often complex-between many different hardware and software components cooperating and exchanging information. To simplify development of interactive systems and facilitate communication and documentation, experts of varying disciplines employ descriptions, or specifications, of a given system's behavior and/or structure. Specification and Development of Interactive Systems offers a unique approach to program and software development suitable for large distributed systems, with an emphasis on modular system development and systems engineering. The authors build a basic method, called FOCUS, that enables interactive systems to be described by characterizing their histories of message interaction. The method covers functional requirements, timing, structure, and implementation issues of systems. In addition, the book describes how to connect the models and techniques to tables and diagram-based methods popular in practical systems engineering. Topics and features: * Specification of interface behavior and modular top-down system development * Specification of time and the modeling of hardware/software systems * Interface refinement and the modeling of development steps leading from one level of abstraction to the next * State transition diagrams and tables and the usage of common description techniques, such as found in UML This book provides a mathematical and logical foundation for the specification and development of interactive systems based on a model that describes systems in terms of their input/output behavior. The reader gains a comprehensive understanding of all fundamental models, techniques, and methods for interactive system design. The book is an essential resource for all researchers and professionals in computer science, software systems engineering and computer engineering.

This book aims to help research practitioners in technology science avoid some of the most common pitfalls or at least make them easier to overcome. Many technology scientists put too little weight on how they conduct their work and should be able to become significantly better at what they do by being more aware of methodological issues. The book differs from other related works in two main respects: First, by focusing on creating, producing, or inventing new artifacts - in other words, technology science. Second, by describing a general approach to technology science linking together specialized research methods. The book consists of 14 chapters. Following the first introductory chapter are two chapters providing the foundation for the rest of the book. These chapters clarify the meaning of key concepts and describe an overall process for technology science. The subsequent chapters 4-11 are about this process. Chapters 4, 5, and 6 concern problem analysis, research planning, and hypothesis formulation. The following five chapters then aim at evaluation. Chapter 7 introduces the concept of prediction, which plays a fundamental role in evaluating hypotheses. Chapters 8-10 address the evaluation of universal, existential, and statistical hypotheses. Chapter 11 concerns quality assurance and introduces the concepts of validity and reliability. Next, in chapters 12 and 13, we address publishing with an emphasis on the specifics of technology science. Eventually the last chapter, chapter 14, briefly introduces the philosophy of science. The book systematically collects in the form of suggestions, recommendations, and guidelines the author's 35-year experience as a researcher, author and reviewer in technology science. It is written for anyone working in technology science, from master's students to researchers and supervisors.

This book provides a brief and general introduction to cybersecurity and cyber-risk assessment. Not limited to a specific approach or technique, its focus is highly pragmatic and is based on established international standards (including ISO 31000) as well as industrial best practices. It explains how cyber-risk assessment should be conducted, which techniques should be used when, what the typical challenges and problems are, and how they should be addressed. The content is divided into three parts. First, part I provides a conceptual introduction to the topic of risk management in general and to cybersecurity and cyber-risk management in particular. Next, part II presents the main stages of cyber-risk assessment from context establishment to risk treatment and acceptance, each illustrated by a running example. Finally, part III details four important challenges and how to reasonably deal with them in practice: risk measurement, risk scales, uncertainty, and low-frequency risks with high consequence. The target audience is mainly practitioners and students who are interested in the fundamentals and basic principles and techniques of security risk assessment, as well as lecturers seeking teaching material. The book provides an overview of the cyber-risk assessment process, the tasks involved, and how to complete them in practice.