Full Text

Softw Syst Model (2011) 10:553580 DOI 10.1007/s10270-010-0166-8

REGULAR PAPER

Model-based qualitative risk assessment for availability of IT infrastructures

Emmanuele Zambon Sandro Etalle

Roel J. Wieringa Pieter Hartel

Received: 29 June 2009 / Revised: 6 May 2010 / Accepted: 6 June 2010 / Published online: 22 June 2010 The Author(s) 2010. This article is published with open access at Springerlink.com

Abstract For todays organisations, having a reliable information system is crucial to safeguard enterprise revenues (think of on-line banking, reservations for e-tickets etc.). Such a system must often offer high guarantees in terms of its availability; in other words, to guarantee business continuity, IT systems can afford very little downtime. Unfortunately, making an assessment of IT availability risks is difcult: incidents affecting the availability of a marginal component of the system may propagate in unexpected ways to other more essential components that functionally depend on them. General-purpose risk assessment (RA) methods do not provide technical solutions to deal with this problem. In this paper we present the qualitative time dependency (QualTD) model and technique, which is meant to be employed together with standard RA methods for the qualitative assessment of availability risks based on the propagation of availability incidents in an IT architecture. The QualTD model is based on our previous quantitative time dependency (TD) model (Zambon et al. in BDIM 07: Second IEEE/IFIP international

Communicated by Prof. Ketil Stlen.

E. Zambon (B) S. Etalle R. J. Wieringa P. Hartel

University of Twente, Enschede, The Netherlands e-mail: [email protected]

S. Etallee-mail: [email protected]

R. J. Wieringae-mail: [email protected]

P. Hartele-mail: [email protected]

S. EtalleTechnical University of Eindhoven, Eindhoven, The Netherlands e-mail: [email protected]

workshop on business-driven IT management. IEEE Computer Society Press, pp 7583, 2007), but provides more exible modelling capabilities for the target of assessment. Furthermore, the previous model required quantitative data which is often too costly to acquire, whereas QualTD applies only qualitative scales, making it more applicable to industrial practice. We validate our model and technique in a real-world case by performing a risk assessment on the authentication and authorisation system of a large multinational company and by evaluating the results with respect to the goals of the stakeholders of the system. We also perform a review of the most popular standard RA methods and discuss which type...