Skip to Main content Skip to Navigation
New interface
Conference papers

How IT Infrastructures Break: Better Modeling for Better Risk Management

Benjamin Somers 1, 2, 3 Jean-Christophe Bach 1, 2 Fabien Dagnat 1, 2 
2 Lab-STICC_P4S - Equipe Processes for Safe and Secure Software and Systems
Lab-STICC - Laboratoire des sciences et techniques de l'information, de la communication et de la connaissance : UMR6285
Abstract : IT infrastructures break. Whether it be computer attacks or software, human or hardware failures, IT safety and security risk is present in many technical and organizational domains. Risk management is therefore essential to ensure infrastructure resilience, compliance with legal and contractual requirements and a better knowledge of what causes what. But risk management is hard to automate, sometimes because criteria are subject to human appreciation, sometimes because of an incomplete or wrong knowledge of the infrastructure itself. And this latter factor has become more evident with the advent of modern cloudnative architectures: complex and dynamic infrastructures make risk assessment difficult. In this article, we propose an approach based on infrastructure modeling to help automate the risk assessment process for IT infrastructures. Instead of focusing first on hazard analysis, our approach attempts to consider (most of) such an analysis as a consequence of infrastructure modeling. By deciding to focus on the infrastructure modeling itself and by involving as many of the company's stakeholders as possible in the process, we intend to make risk assessment more collaborative and thorough, by taking advantage of everyone's expertise.
Document type :
Conference papers
Complete list of metadata
Contributor : Jean-Christophe Bach Connect in order to contact the contributor
Submitted on : Thursday, October 6, 2022 - 5:44:35 PM
Last modification on : Friday, October 14, 2022 - 10:26:15 AM


Files produced by the author(s)


  • HAL Id : hal-03801086, version 1


Benjamin Somers, Jean-Christophe Bach, Fabien Dagnat. How IT Infrastructures Break: Better Modeling for Better Risk Management. 17th International Conference on Risks and Security of Internet and Systems ( CRiSIS 2022 )), Dec 2022, Sousse, Tunisia. ⟨hal-03801086⟩



Record views


Files downloads