D.3.3 ALGORITHMS FOR INCREMENTAL ... - SecureChange
D.3.3 ALGORITHMS FOR INCREMENTAL ... - SecureChange
D.3.3 ALGORITHMS FOR INCREMENTAL ... - SecureChange
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Noname manuscript No.<br />
(will be inserted by the editor)<br />
Dealing with Known Unknowns: A Goal-based<br />
Approach for Understanding Complex Systems<br />
Evolution ⋆<br />
Fabio MASSACCI, Le Minh Sang TRAN<br />
Università degli Studi di Trento, I-38100 Trento, Italy<br />
e-mail: surname@disi.unitn.it<br />
The date of receipt and acceptance will be inserted by the editor<br />
Abstract Enterprises must cope with evolution to addresses changing business<br />
objectives, changing regulations and changing threats. In many cases such changes<br />
are not completely unknown: the ongoing discussion of a standard body can show<br />
that 2-3 proposals might emerge, albeit might not be clear which one will finally<br />
win.<br />
In this paper we tackle the fundamental issue of modeling and reasoning about<br />
the future evolution of the business and security goals of an organization in presence<br />
of uncertainty of known outcomes.<br />
This work describes a generic approach explicitly representing goal evolutions<br />
in terms of controllable and observable rules and in which probability estimates<br />
can be validated by a game-theoretic semantics between stakeholders and nature.<br />
In this setting it is important to identify which are the business activities that<br />
must be implemented to guarantee the best chances of success (maximum belief)<br />
or minimize the risk of wasting money (residual risk). We specialize the set-up<br />
for a goal-based language where we provide a graphical language but also efficient<br />
algorithm that allows to reason about the unrolling of probabilities without a<br />
combinatorial explosion.<br />
In order to illustrate the applicability of the approach we discuss a case study<br />
from Air Traffic Management for the deployment of AMAN in air-traffic control<br />
procedures.<br />
⋆<br />
It is an extended and revised version of [38]. It is partly supported by the European<br />
Commission under projects EU-FET-IP-SECURECHANGE, and EU-IP-NESSOS.<br />
We would like to thank F. Paci at the University of Trento, A. Tedeschi, V. Meduri, M.<br />
Felici, S. Pozzi at DBL Srl and the other participants to the ATM validation sessions for<br />
many useful comments. The numbers presented in this paper are only provided as examples<br />
and do not represent in any way the opinion of the experts’ organizations.