Computer systems & information SSR: A unified approach for decision making

Dov Shirtz, Zigmund Bluvb, , Yuval Elovici, Peretz Shoval

2007 Annual Reliability and Maintainability Symposium, 427-433, 2007

Safety, security and reliability (SSR) of complex systems are the three interacting and most important risk related factors. In many cases of failure events, the security function assumes charge, and manages the failure event and its resolution. But does the security function consistently apply the optimal failure resolution methods? This paper proposes that several organizational functions, including information security (IS), should analyze, manage, and resolve each failure case in a coordinated effort, based on the failure classification and prioritization, and then apply appropriate corrective actions (CA). Such coordination may result in applying a CA that is sub-optimal by Security standards, yet optimal from the organization’s perspective. An innovative composite methodology for identifying, prioritizing and selecting failures and incidents for appropriate treatment is suggested. The methodology is based on …