Special Issue "Risk Management for Software Intensive Systems"

A special issue of Systems (ISSN 2079-8954).

Deadline for manuscript submissions: 30 June 2018

Special Issue Editors

Guest Editor
Dr. Shareeful Islam

School of Architecture Computing and Engineering (ACE), University of East London, 4-6 University Way, London, E16 2RD, UK
Website | E-Mail
Phone: +442082237273
Interests: Risk Management; Cloud Computing; Requirements Engineering
Guest Editor
Dr. Reza Alavi

Managing Director, Information Security Audit and Control Consultancy Limited (ISACC); Chairman, Information Risk Management and Assurance (IRMA) Specialist Group @Charted Institute of IT (BCS); Member, Risk Management Committee (RM/1), British Standard Institution (BSI)
Website | E-Mail
Interests: information securit; risk management; GDPR, business continuity and IT governance
Guest Editor
Dr. Michalis Pavlidis

School of Computing, Engineering and Mathematics, University of Brighton
Website | E-Mail
Interests: Security, Trust, Privacy, Software Engineering, Requirements Engineering

Special Issue Information

Dear Colleagues,

Software systems exist in every part of society, from individuals to business. Business is now heavily dependent on such system to process and manage information. However, systems are becoming more complex, assets within systems are widely dispersed and are liable to continuous change and evolution to support business needs. Due to the complexity of systems and interdependences among computers, communications and various software components, risks are likely to increase. These risks can be sudden and unexpected, and may pose potential damage to businesses.

Risk management is a key discipline for making effective decisions and communicating results within organizations. The purpose of risk management is to identify potential managerial and technical problems before they occur so that actions can be taken to reduce or eliminate the probability and/or impact of these problems, should they occur. Risk, in theory, is the product of the probably of the occurrence of an event and its impacts. However, sometimes it is challenging to determine these values within a domain. Therefore, academics and industries are using their own practices for assessing risks.

The purpose of this Special Issue is to enhance knowledge for both industry and the research community in the area of risk assessment and management practices. Authors are encouraged to submit both theoretical and applied articles, addressing the topics of this Special Issue by offering new approaches, research results, case studies, and best practices. The Guest Editors will select high-quality research to proceed, and reviewers will be selected from among researchers active in the field.

Potential topics include, but are not limited to: 

  • Finding innovative ways to assess and manage risk for software and/or cyber physical system
  • Quantitatively and/or qualitatively analyzing and assessing risks
  • Determining appropriate control measures in response to risk assessments
  • Impact of cascading risk scenarios
  • Cyber security risk management
  • Risk-based decision making
  • Evolution of risk
  • Risk perception and communications
  • Modelling and management of risk
  • Risk management processes
  • Case studies

Dr. Shareeful Islam
Dr. Reza Alavi
Dr. Michalis Pavlidis
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Systems is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 350 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • Risk assessment and management
  • Cyber security risk management
  • Risk control strategy
  • Software system
  • Cascading risk
  • Risk evolution
  • Decision making
  • Risk modeling
  • Case studies

Published Papers

This special issue is now open for submission, see below for planned papers.

Planned Papers

The below list represents only planned manuscripts. Some of these manuscripts have not been received by the Editorial Office yet. Papers submitted to MDPI journals are subject to peer-review.

Title: Asset and Vulnerability assessment for Critical Infrastructure Risk Management

Author: Kure Halima and Siv Hilde Houmb

Abstract: Risk management is an important aspect for the protection of any Critical Infrastructure. Critical Infrastructure is very vital to the growth of the economy and contains assets that are essential for any organization to function effectively. However, when such assets are negatively impacted by risks, they are likely to have debilitating impact on organizational functions. Several literature have proposed frameworks and methodologies for identifying assets, quantifying and analyzing vulnerabilities. However, most of these literature's have not considered the need for a systematical approach that takes into account critical assets and link them to vulnerabilities. This paper attempts to bridge that gap by presenting a novel approach to risk management for critical infrastructure. It presents a systematic methodology for identifying and analyzing critical assets, their potential vulnerabilities, threats and risks facing critical infrastructure of any organisation. An important contribution of our approach is that it takes into account cascading vulnerability impacts on assets leading to other threats to the critical assets of an organisation. 

Back to Top