Developing Cost And Risk Assessment Tool For Hybrid Approach In Information Security Risk Analysis
Identifying potential information security risk is a challenging task which is due to modernization and new technologies which introduce possible threats to various type of digital system. Many studies proved that the current risk analysis tools are not able to analyze the threats well. It is a must...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English English |
| Published: |
2019
|
| Subjects: | |
| Online Access: | http://eprints.utem.edu.my/id/eprint/24697/1/Developing%20Cost%20And%20Risk%20Assessment%20Tool%20For%20Hybrid%20Approach%20In%20Information%20Security%20Risk%20Analysis.pdf http://eprints.utem.edu.my/id/eprint/24697/2/Developing%20Cost%20And%20Risk%20Assessment%20Tool%20For%20Hybrid%20Approach%20In%20Information%20Security%20Risk%20Analysis.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my-utem-ep.24697 |
|---|---|
| record_format |
uketd_dc |
| institution |
Universiti Teknikal Malaysia Melaka |
| collection |
UTeM Repository |
| language |
English English |
| topic |
QA Mathematics QA76 Computer software |
| spellingShingle |
QA Mathematics QA76 Computer software Mohd Zabawi, Ahmed Yaser Developing Cost And Risk Assessment Tool For Hybrid Approach In Information Security Risk Analysis |
| description |
Identifying potential information security risk is a challenging task which is due to modernization and new technologies which introduce possible threats to various type of digital system. Many studies proved that the current risk analysis tools are not able to analyze the threats well. It is a must for an organization to choose the suitable methods for better analysis. There are four key elements that need to be considered which are security threats, business impact, security measures and their cost. There are many existing risk analysis tools that were developed such as ISRAM and CORAS that have same purpose, which is to reduce the risk of causing a threat, however these tools used different approach to analyses the risk. The main focus of this study is to develop a new risk analysis tool based on hybrid approach and compare it with the existing tool. The proposed risk analysis tool is known as Cost and Risk Assessment tool (CARA) aims to trace the threats by combining both qualitative and quantitative methods, where both of these methods have their respective advantages for analyzing the information. CARA used Monte Carlo method where it applied probability theory in cost estimation. The results from the study show that the qualitative information could increase the dimension of risk factors and produce better accuracy in the analysis. |
| format |
Thesis |
| qualification_name |
Master of Philosophy (M.Phil.) |
| qualification_level |
Master's degree |
| author |
Mohd Zabawi, Ahmed Yaser |
| author_facet |
Mohd Zabawi, Ahmed Yaser |
| author_sort |
Mohd Zabawi, Ahmed Yaser |
| title |
Developing Cost And Risk Assessment Tool For Hybrid Approach In Information Security Risk Analysis |
| title_short |
Developing Cost And Risk Assessment Tool For Hybrid Approach In Information Security Risk Analysis |
| title_full |
Developing Cost And Risk Assessment Tool For Hybrid Approach In Information Security Risk Analysis |
| title_fullStr |
Developing Cost And Risk Assessment Tool For Hybrid Approach In Information Security Risk Analysis |
| title_full_unstemmed |
Developing Cost And Risk Assessment Tool For Hybrid Approach In Information Security Risk Analysis |
| title_sort |
developing cost and risk assessment tool for hybrid approach in information security risk analysis |
| granting_institution |
Universiti Teknikal Malaysia Melaka |
| granting_department |
Faculty of Information and Communication Technology |
| publishDate |
2019 |
| url |
http://eprints.utem.edu.my/id/eprint/24697/1/Developing%20Cost%20And%20Risk%20Assessment%20Tool%20For%20Hybrid%20Approach%20In%20Information%20Security%20Risk%20Analysis.pdf http://eprints.utem.edu.my/id/eprint/24697/2/Developing%20Cost%20And%20Risk%20Assessment%20Tool%20For%20Hybrid%20Approach%20In%20Information%20Security%20Risk%20Analysis.pdf |
| _version_ |
1747834091102797824 |
| spelling |
my-utem-ep.246972021-10-05T11:52:28Z Developing Cost And Risk Assessment Tool For Hybrid Approach In Information Security Risk Analysis 2019 Mohd Zabawi, Ahmed Yaser QA Mathematics QA76 Computer software Identifying potential information security risk is a challenging task which is due to modernization and new technologies which introduce possible threats to various type of digital system. Many studies proved that the current risk analysis tools are not able to analyze the threats well. It is a must for an organization to choose the suitable methods for better analysis. There are four key elements that need to be considered which are security threats, business impact, security measures and their cost. There are many existing risk analysis tools that were developed such as ISRAM and CORAS that have same purpose, which is to reduce the risk of causing a threat, however these tools used different approach to analyses the risk. The main focus of this study is to develop a new risk analysis tool based on hybrid approach and compare it with the existing tool. The proposed risk analysis tool is known as Cost and Risk Assessment tool (CARA) aims to trace the threats by combining both qualitative and quantitative methods, where both of these methods have their respective advantages for analyzing the information. CARA used Monte Carlo method where it applied probability theory in cost estimation. The results from the study show that the qualitative information could increase the dimension of risk factors and produce better accuracy in the analysis. 2019 Thesis http://eprints.utem.edu.my/id/eprint/24697/ http://eprints.utem.edu.my/id/eprint/24697/1/Developing%20Cost%20And%20Risk%20Assessment%20Tool%20For%20Hybrid%20Approach%20In%20Information%20Security%20Risk%20Analysis.pdf text en public http://eprints.utem.edu.my/id/eprint/24697/2/Developing%20Cost%20And%20Risk%20Assessment%20Tool%20For%20Hybrid%20Approach%20In%20Information%20Security%20Risk%20Analysis.pdf text en validuser https://plh.utem.edu.my/cgi-bin/koha/opac-detail.pl?biblionumber=116960 mphil masters Universiti Teknikal Malaysia Melaka Faculty of Information and Communication Technology 1. Abdul Rahman, A. A., 2013. Approach for Integrating Predictive-Reactive Job Shop Scheduling with PLC-Controlled Material Flow. Technischen Universitat Berlin. 2. An, K., Trewyn, A., Gokhale, A. and Sastry, S., 2011. Model-Driven Performance Analysis Of Reconfigurable Conveyor Systems Used In Material Handling Applications. Proceedings of the 2011 IEEE/ACM Second International Conference on Cyber-Physical Systems, pp. 141-150. 3. Assaf, R. and Haddad, T., 2017. An Application of Single Minute Exchange of Die Approach in an Aluminium Profiles Extrusion Production System : Case Study. International Journal of Scientific Research and Innovative Technology, 4/7, pp. 14-22. 4. Batka, J., 2011. What to Look for in a Modular, Reconfigurable Conveyor System [Online]. Available at: http://www.ptonline.com/articles/what-to-look-for-ina-modular-reconfigurable-conveyor-system (Accessed: 20 April 2016). 5. Baver, L., Shafique, M. and Henkel, J., 2011. Concepts, Architectures and Runtime Systems for Efficient and Adaptive Reconfigurable Processors. Proceedings of the NASA/ESA 6th Conference on Adaptive Hardware and Systems (AHS), San Diego, USA, pp. 80 – 87. 6. Bela G. L., 2006. Instrument Engineers' Handbook, Fourth Edition, Volume Two: Process Control and Optimization, Taylor & Francis Group, New York. 7. Bolton, W., 2006. Ladder and Functional Block Programming [Online]. Available at: https://booksite.elsevier.com/9781856176217/appendices/01~Ch11.pdf (Accessed: 19 May 2016). 8. Components, RS., 2015. Automation and Control Gear – Omron [Online]. Available at: https://my.rs-online.com/web/c/automation-control-gear/?intcmp=MY-WEB-_-HP-TC1-_-201711-_-automation_control_gear (Accessed: 9 May 2016). 9. Corporation, D. C., 2010. Reconfigurable Modular Conveyors_ Equipment that Unites Controllers and Engineers [Online]. Available at: https://www.ptonline.com/articles/what-to-look-for-in-a-modular-reconfigurable-conveyor-system (Accessed: 9 June 2016). 10. Dave, Y and Sohani, N., 2012. Single Minute Exchange of Dies: Literature Review. International Journal of Lean Thinking, 3/2, pp. 27-37. 11. Dematic, 2014. Conveyor Systems-Cost-Effective Conveyor Systems that Give Years of Reliable Service [Online]. Available at: http://www.dematic.com/en/Supply-Chain-Solutions/By-Technology/Conveyor-Systems (Accessed: 16 June 2016). 12. Deshpande, V. A., 2007. MOST – The Most Advanced Work Measurement Technique. Journal of Engineering and Technology, 20, pp. 109-113. 13. ElMaraghy, H. and Wiendahl, H. P., 2009. Changeable and Reconfigurable Manufacturing Systems: Chapter 1 - Changeability. Springer Series in Advanced Manufacturing. Springer-Verlag, London. 14. Feldmann, K., Weber, M. and Wolf, W., 2007. Design of a Theoretical Holistic System Model as base of Construction Kits for Building Plug & Produce-able Modular Production Systems. Journal of Production Engineering – Research and Development, 1 (3), pp. 329-336. 15. Heisel, U. and Meitzner, M., 2006. Progress in Reconfigurable Manufacturing Systems. In: Dashchenko A.I. (eds) Reconfigurable Manufacturing Systems and Transformable Factories. Springer-Verlag, Berlin, Heidelberg. 16. Herakovic, N., 2007. Computer and Machine Vision in Robot-Based Assembly. Strojniški vestnik - Journal of Mechanical Engineering, 53(12), pp. 858-873. 17. Interroll Automation GmbH, 2014. Catalog Conveyor Modules [Online]. Available at: https://www.uvotec.eu/sites/uvo.be/files/product_attachments/interroll_cata_conveyor_modules_en_09092014.pdf (Accessed: 25 July 2016). 18. Indrawati, S., Pratiwi, M. E., Sunaryo and Azzam, A., 2018. The effectiveness of single minute exchange of dies for lean changeover process in printing industries. Proceedings of MATEC Web Conference, the Second International Conference on Engineering and Technology for Sustainable Development, 154, pp. 1-5. 19. Itoh Denki, Corp., 2014. Moteur de vos performance: Power Moller 24DC [Online]. Available at: http://itohdenki.com/power-moller-plus (Accessed: 3 July 2016). 20. Joshi, R. R. and Naik, G. R., 2012. Application of SMED methodology–a case study in small scale industry. International Journal of Scientific and Research Publications, 2(8), pp. 1-4. 21. Kalo, R. K., 2011. Design Of Reconfigurable Manufacturing System. Journal Advance Manufacturing Technology. National Institute of Technology Rourkela, pp. 130-141. 22. Karim, A. N. M., Emrul Kays, H. M., Amin, A. K. M. N. and Hasan, M. H., 2014. Improvement of Workflow and Productivity through Application of Maynard Operation Sequence Technique (MOST). Proceedings of the 2014 International Conference on Industrial Engineering and Operations Management, pp. 2163-2171. 23. Kim, J. W., Kang, K. K. and Lee, J. H., 2014. Survey On Automated LEGO Assembly Construction. Proceedings of the WSCG 2014 – Conference on Computer Graphics, Visualization and Computer Vision, pp. 89-96. 24. Koren, Y. and Shpitalni, M., 2010. Design of Reconfigurable Manufacturing Systems. Journal of Manufacturing Systems, 29(4), pp 130–141. 25. Kramer, J. and Magee, J., 1985. Dynamic Configuration For Distributed System, IEEE Transactions on Software Engineering, SE-11(4), pp. 424-435. 26. Kumar, V. And Bajaj. A., 2015. The Implementation of Single Minute Exchange of Die with 5’S in Machining Processes for Reduction of Setup Time. International Journal on 27. Recent Technologies in Mechanical and Electrical Engineering (IJRMEE), 2 (2), pp. 32-39. 28. Lasrado, V. and Nazzal, D., 2011. Design of a Manufacturing Facility Layout with a Closed Loop Conveyor with Shortcuts Using Queueing Theory and Genetic Algorithms. Proceedings of the IEEE Simulation Conference – WSC, pp. 1959-1970. 29. Makinde, O. A., K. Mpofu, and Popoola, A. P. I., 2014. Review of the Status of Reconfigurable Manufacturing Systems (RMS) Application in South Africa Mining Machinery Industries. Proceeding of the Procedia CIRP, 17, pp. 136 – 141. 30. Mishra, A., Agnihotri, V. And Mahindru D. V., 2014. Application of Maynard Operation Sequence Technique (M.O.S.T) at Tata Motors and Adithya Automotive Application Pvt Ltd. Lucknow for Enhancement of Productivity-A Case Study. Global Journal of Researches in Engineering: B Automotive Engineering, 14(2), pp. 1-8. 31. Muskegon, M., 2014. DynaCon Modular Conveyor Systems Help Compostable Plastics Molder Achieve Rapid Growth [Online]. Available at: https://www.plasticsnet.com/doc/dynacon-modular-conveyor-plastics-molder-achieve-rapid-growth-0001 (Accessed: 22 September 2016). 32. Nazzal, D. and El-Nashar, A., 2007. Survey of Research in Modeling Conveyor-Based Automated Material Handling Systems in Wafer Fabs. Proceedings of The Winter Simulation Conference, pp. 1781–1788. 33. NIOSH., 2006. Ergonomic Guidelines for Manual Material Handling [Online]. Available at: https://ohsonline.com/articles/2007/04/niosh-offers-ergonomic-guidelines-for-manual-material-handling.aspx?m=1 (Accessed: 15 September 2016). 34. OECD, 2015. Industrial Production (Indicator) [Online]. Available at: https:// data.oecd.org/industry/industrial-production.html (Accessed: 13 Mac 2016). 35. PISA, C., 2013. PISA – Flexible Assembly Systems through Workplace-Sharing and Time-Sharing Human-Machine Cooperation. Funded European Integrated Project [Online]. Available at: https://www.mf.tuberlin.de/menue/forschung_und_industrie/abgeschlossene_ projekte/pisa_flexible_assembly_systems/ (Accessed: 11 October 2016). 36. Pritschow, G., Altintas, Y., Jvane, F., Koren, Y., Mitsuishi, M., Takata, S., Van Brussel, H., Weck, M. and Yamazaki, K., 2001. Open Controller Architecture – Past, Present and Future. CIRP Annals – Manufacturing Technology, 50(2), pp. 463-470. 37. Pritschow, G., Wurst, K-H., Kircher, C. and Seyfarth, M., 2012. Changeable and Reconfigurable Manufacturing Systems, Springer, London, pp. 97–99. 38. Rahman, M. S., Karim, R., Mollah, J. and Miah, S., 2018. Implementation of Maynard Operation Sequence Technique (MOST) to Improve Productivity and Workflow – A Case Study. Journal of Emerging Technologies and Innovative Research (JETIR), 5(6), pp. 270-274. 39. Raymond A.K., 1985. Materials Handling Handbook, John Wiley & Sons, Inc., 2nd Edition, Canada. 40. Remstar, K., 2014. Importance of Good Materials Handling-Warehouse Management System [Online]. Available at: https://www.kardexremstar.com/us/materials-handling-storage-solutions.html (Accessed: 11 August 2016). 41. Siemen AG., 2015. STEP7 MicroWin para S7-200 - Industria – Siemens [Online]. Available at: https://w3.siemens.com/mcms/simatic-controller-software/en/step7/step7-micro-win/pages/default.aspx (Accessed: 6 February 2016). 42. Siemens AG., 2008. SIMATIC S7-200 [Online]. Available at: https://cache.industry.siemens.com/dl/files/582/1109582/att_22063/v1/s7200_system_manual_en-US.pdf (Accessed: 5 February 2016). 43. Siemen AG., 2007. System Manual S7-200 [Online]. Available at: https://cache.industry.siemens.com/dl/files/582/1109582/att_22063/v1/s7200_system_manual_en-US.pdf (Accessed: 6 February 2016). 44. Siemens AG., 2006. Sinumerik 840d sl sinamics 5120 [Online]. Available at: https://support.industry.siemens.com/cs/document/109760821/sinumerik-840d-sl-sinamics-s120-machine-data-and-parameters?dti=0&lc=en-WW (Accessed: 10 February 2016). 45. Ten Hompel, M. and Schmidt, T., 2008. Warehouse Management : Automation and Organisation of Warehiuse and Order Picking Systems. Springer Verlag, Berlin, Heidelberg, New York. 46. UNIDO 2016. World Manufacturing Production: Statistics for Quarter II, 2016. International Yearbook of Industrial Statistics. United Nations Industrial Development Organization. 47. UNIDO 2015. World Manufacturing Production: Statistics for Quarter II, 2015. International Yearbook of Industrial Statistics. United Nations Industrial Development Organization. 48. VDMA 15276, 1994. Datenschnittstellen in Materialflusssystemen, Beuth Verlag, Berlin. 49. Wentzel, M. and Mueck, B., 2012. Conveyor with Dynamic Logical Queuing [Online]. Available at: https://patents.google.com/patent/US20120185085 (Accessed: 12 Mac 2016). 50. Wiendahl, H. P., ElMaraghy, H. A., Nyhuis, P., Zäh, M. F., Wiendahl, H. H., Duffie, N. and Brieke, M., 2007. Changeable Manufacturing - Classification, Design and Operation. CIRP Annals - Manufacturing Technology, 56(2), pp.783–809. 51. Yang, G., 2007. Life Cycle Reliability Engineering. John Wiley & Sons, Inc, Canada. 52. Yilmaz, E. and Katrancioglu, S., 2011. Designing Programmable Logic Controller (PLC) Experiment Set with Internal Experiment Blocks. Procedings of The Social and Behavioral Sciences, 28, pp. 494–498. 53. Zelenovic D., 2009. Design of Production Systems, Faculty of Technical Sciences, Novi Sad, Serbia. 54. Zhou, M., Wan, H., Wang, R., Song, X., Su, C., Gu, M. and Sun, J., 2013. Formal Component-Based Modeling and Synthesis For PLC Systems. Journal of Computers in Industry, 64(8), pp. 1022–1034. |