[SystemSafety] Notions of Risk
Christopher Johnson
Christopher.Johnson at glasgow.ac.uk
Wed Jan 13 12:56:43 CET 2016
Part of the problem also is that your opponents may not share your notions of value or negative utility.
Hence predicting a target is not an objectively defined exercise and this in turn affects the probability
of an attack. Other issues include the barriers to reporting and disclosure that mean we rarely can use
a frequentist approach even in actuarial work.
All the best,
Chris.
________________________________
From: systemsafety-bounces at lists.techfak.uni-bielefeld.de [systemsafety-bounces at lists.techfak.uni-bielefeld.de] on behalf of Martyn Thomas [martyn at thomas-associates.co.uk]
Sent: 13 January 2016 10:28
To: systemsafety at lists.techfak.uni-bielefeld.de
Subject: Re: [SystemSafety] Notions of Risk
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
I agree that a frequentist probability approach to security is inappropriate and that uncertainty is a better word. The likelihood that a security vulnerability will be exploited is not stochastic, but it makes good sense to talk about relative likelihoods (if there is a mass escape from your neighbouring prison then it is more likely that someone will try to break into your house).
Martyn
On 13/01/2016 06:12, Peter Bernard Ladkin wrote:
> There is some move to consider safety and security together in engineered systems and as a result
> I have come across - again - various informal notions of risk. I thought it worth while to perform
> a quick (but incomplete) survey of current standards and to try to elucidate the components
> currently thought to go together to constitute risk.
> http://www.abnormaldistribution.org/2016/01/12/risk/
>
> In a nutshell, the project-management idea of risk as the chance that things will go badly wrong
> is on the way out (it's been replaced in ISO/IEC Guide 73). That's something to applaud, in my
> view. But there are often things wrong with the probability/likelihood component of our favored
> notion, and visible suggestions it be generalised into something like a measure of uncertainty.
>
> PBL
>
> Prof. Peter Bernard Ladkin, Faculty of Technology, University of Bielefeld, 33594 Bielefeld, Germany
> Je suis Charlie
> Tel+msg +49 (0)521 880 7319 www.rvs.uni-bielefeld.de<http://www.rvs.uni-bielefeld.de>
>
>
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE<mailto:systemsafety at TechFak.Uni-Bielefeld.DE>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBCgAGBQJWlibJAAoJEAev1z3Tv8QLisUIAINbjCBsHXCLFmeWfFdxq+Er
vSbwRYtMvM5ptrv0T3Sgwaq7qQVkj71z/hQzCBt9yfE2IbRZ+/tgJeAj4bbwxcq5
m6yDzTRDQkSPWvMzD2EqHkSHT7RNhaizNk+LtkWt6jFXrdUrliC29yAOakM/v4xj
Bg+2U+Rv8RU7SyhxN/25uhmfzdhA//5nK29SY03mbYSck+xv0/Rfv2eKJceHN6qX
6mbRLXZ5LBvhKSh3SjygKLHLOFxw5t2PP7KFSrau3+IeO8/a9gm8pKMnHd66e4N+
lWKpzc0MJ7figxzBdDa7Ct/xSfRHbwxZ41pM5ZWOeu/aAEXQj3FsYonoiPXfKyE=
=q0+j
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20160113/6bf641d6/attachment.html>
More information about the systemsafety
mailing list