Comparison of STS and ArchiMate Risk and Security Overlay
Name
Artem Zaitsev
Abstract
Nowadays ArchiMate is widely used in enterprise architecture modelling of the various business domains and briefly could be described as something in between UML and BPMN with main focus in architectural perspective. STS in its turn is focusing on socio-technical perspective and taking into consideration social interactions betwen actors. Current state of the art is talking about Secure Socio-Technical Systems and ArchiMate separately. This is perfectly fine because this two approaches are quite different. Still, they have a lot in common. Based on the state described above problem could be identified as an absence of tools or approaches which will combine these two approaches into a new one, which will take into consideration both architectural and socio-technical perspectives of modelling. This combination could be beneficial because ArchiMate risk and security overlay models risk management and STS models how actors involved in this system interact with each other from social point of view and highlights “human factor” in security. Thus, combination of them could potentially result in security modelling approach which will cover both architecture and social points of view. Ideally, this approach will create some workarounds over weak places in both initial approaches and heavily use their best parts. We will also validate this approach in terms of completeness with respect to ISSRM. In this paper we will describe this combined approach.
Graduation Thesis language
English
Graduation Thesis type
Master - Software Engineering
Supervisor(s)
Raimundas Matulevičius
Defence year
2018