Saved in:
Bibliographic Details
Main Author: Shaked, Avi
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2509.16593
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866912595951222784
author Shaked, Avi
author_facet Shaked, Avi
contents Security risk assessment is essential in establishing the trustworthiness and reliability of modern systems. While various security risk assessment approaches exist, prevalent applications are "pen and paper" implementations that -- even if performed digitally using computers -- remain prone to authoring mistakes and inconsistencies. Computer-aided design approaches can transform security risk assessments into more rigorous and sustainable efforts. This is of value to both industrial practitioners and researchers, who practice security risk assessments to reflect on systems' designs and to contribute to the discipline's state-of-the-art. In this article, we report the application of a model-based security design tool to reproduce a previously reported security assessment. The main contributions are: 1) an independent attempt to reproduce a refereed article describing a real security risk assessment of a system; 2) comparison of a new computer-aided application with a previous non-computer-aided application, based on a published, real-world case study; 3) a showcase for the potential advantages -- for both practitioners and researchers -- of using computer-aided design approaches to analyze reports and to assess systems.
format Preprint
id arxiv_https___arxiv_org_abs_2509_16593
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Reproducing a Security Risk Assessment Using Computer Aided Design
Shaked, Avi
Cryptography and Security
Systems and Control
Security risk assessment is essential in establishing the trustworthiness and reliability of modern systems. While various security risk assessment approaches exist, prevalent applications are "pen and paper" implementations that -- even if performed digitally using computers -- remain prone to authoring mistakes and inconsistencies. Computer-aided design approaches can transform security risk assessments into more rigorous and sustainable efforts. This is of value to both industrial practitioners and researchers, who practice security risk assessments to reflect on systems' designs and to contribute to the discipline's state-of-the-art. In this article, we report the application of a model-based security design tool to reproduce a previously reported security assessment. The main contributions are: 1) an independent attempt to reproduce a refereed article describing a real security risk assessment of a system; 2) comparison of a new computer-aided application with a previous non-computer-aided application, based on a published, real-world case study; 3) a showcase for the potential advantages -- for both practitioners and researchers -- of using computer-aided design approaches to analyze reports and to assess systems.
title Reproducing a Security Risk Assessment Using Computer Aided Design
topic Cryptography and Security
Systems and Control
url https://arxiv.org/abs/2509.16593