Rune Fredriksen
Organisation for Economic Co-operation and Development
Network
Latest external collaboration on country level. Dive into details by clicking on the dots.
Publication
Featured researches published by Rune Fredriksen.
international conference on computer safety, reliability, and security | 2004
Bjørn Axel Gran; Rune Fredriksen; Atoosa P-J Thunem
Traditional risk analysis and assessment is based on failure-oriented models of the system. In contrast to this, model-based risk assessment (MBRA) utilizes success-oriented models describing all intended system aspects, including functional, operational and organisational aspects of the target. The target models are then used as input sources for complementary risk analysis and assessment techniques, as well as a basis for the documentation of the assessment results. The EU-funded CORAS project developed a tool-supported methodology for model-based risk analysis of security-critical systems. The methodology has been tried out within the telemedicine and e-commerce areas, and provided through a series of seven trials a sound basis for risk assessments. This paper gives an overview of the results with focus on how the approach can be applied for addressing security aspects in a safety critical application and discusses how the methodology can be applied as a part of a trust case development.
international conference on computer safety reliability and security | 2007
Bjørn Axel Gran; Rune Fredriksen; Atoosa P-J Thunem
Abstract This paper describes how an approach for model-based risk assessment (MBRA) can be applied for addressing different dependability factors in a critical application. Dependability factors, such as availability, reliability, safety and security, are important when assessing the dependability degree of total systems involving digital instrumentation and control (I&C) sub-systems. In order to identify risk sources their roles with regard to intentional system aspects such as system functions, component behaviours and intercommunications must be clarified. Traditional risk assessment is based on fault or risk models of the system. In contrast to this, MBRA utilizes success-oriented models describing all intended system aspects, including functional, operational and organizational aspects of the target. The EU-funded CORAS project developed a tool-supported methodology for the application of MBRA in security-critical systems. The methodology has been tried out within the telemedicine and e-commerce areas, and provided through a series of seven trials a sound basis for risk assessments. In this paper the results from the CORAS project are presented, and it is discussed how the approach for applying MBRA meets the needs of a risk-informed Man–Technology–Organization (MTO) model, and how methodology can be applied as a part of a trust case development.
international conference on computer safety reliability and security | 2002
Rune Fredriksen; Monica Kristiansen; Bjørn Axel Gran; Ketil Stølen; Tom Arthur Opperud; Theodosis Dimitrakos
CORAS is a research and technological development project under the Information Society Technologies (IST) Programme (Commission of the European Communities, Directorate-General Information Society). One of the main objectives of CORAS is to develop a practical framework, exploiting methods for risk analysis, semiformal methods for object-oriented modelling, and computerised tools, for a precise, unambiguous, and efficient risk assessment of security critical systems. This paper presents the CORAS framework and the related conclusions from the CORAS project so far.
Archive | 2003
Ketil Stølen; Folker den Braber; Theo Dimitrakos; Rune Fredriksen; Bjørn Axel Gran; Siv Hilde Houmb; Yannis C. Stamatiou; Jan Øyvind Aagedal
The EU-funded CORAS project (IST-2000–25031) is developing a framework for model-based risk assessment of security-critical systems. This framework is characterised by: (1) A careful integration of techniques and features from partly complementary risk assessment methods. (2) Patterns and methodology for UML oriented modelling targeting the different risk assessment methods. (3) A risk management process based on AS/NZS 4360. (4) A risk documentation framework based on RM-ODP. (5) An integrated risk management and system development process based on UP. (6) A platform for tool-inclusion based on XML. This chapter describes and explains the CORAS approach to model-based risk assessment. The ability to aid risk assessment in a component-based software engineering process receives particular attention. We consider maintenance, composition as well as reuse of risk assessment results.
international conference on computer safety reliability and security | 2005
Terje Sivertsen; Rune Fredriksen; Atoosa P-J Thunem; Jan-Erik Holmberg; Janne Valkonen; Olli Ventä; Jan-Ove Andersson
This paper outlines the main achievements of the TACO project. The overall objective of the TACO project was to improve the knowledge about principles and best practices related to the issues concretised in the TACO preproject. On the basis of experiences in the Nordic countries, the project aimed at identifying the best practices and most important criteria for ensuring effective communication in relation to requirements elicitation and analysis, understandability of requirements to all parties, and traceability of requirements through the different design phases. It is expected that the project will provide important input to the development of guidelines and establishment of recommended practices related to these activities.
Archive | 2004
Atoosa P-J Thunem; Rune Fredriksen; Bjørn Axel Gran
This paper proposes a terminology for information and knowledge retrieval, to be used in the management of knowledge incorporated into the results of a Model-Based Risk Assessment. The terminology is especially applicable when such results are computerised in terms of a tool supporting the MBRA.
Lecture Notes in Computer Science | 2002
Rune Fredriksen; Monica Kristiansen; Bjørn Axel Gran; Ketil Stølen; Tom Arthur Opperud; Theo Dimitrakos
Archive | 2003
Ketil St; Folker den Braber; Theo Dimitrakos; Rune Fredriksen; Axel Gran; Siv-Hilde Houmb; Yannis C. Stamatiou
Archive | 2008
Rune Fredriksen; Vikash Katta; Christian Raspotnig; Janne Valkonen
Archive | 2008
Rune Fredriksen; Vikash Katta; Christian Raspotnig; Janne Valkonen