A graph theory based generic risk assessment framework for internet of things (IoT)

AbstractThe Internet-of-Things (IoT) triggers data protection questions and new types of cyber risks. Cyber risk regulations for the IoT, however, are still in their infancy. This is concerning, because companies integrating IoT devices and services need to perform a self-assessment of its IoT cyber security posture. At present, there are no self-assessment methods for quantifying IoT cyber risk posture. It is considered that IoT represent a complex system with too many uncontrollable risk states for quantitative risk assessment. To enable quantitative risk assessment of uncontrollable risk states in complex and coupled IoT systems, a new epistemological equation is designed and tested though comparative and empirical analysis. The comparative analysis is conducted on national digital strategies, followed by an empirical analysis of cyber risk assessment approaches. The results from the analysis present the current and a target state for IoT systems, followed by a transformation roadmap, describing how IoT systems can achieve the target state with a new epistemological analysis model. The new epistemological analysis approach enables the assessment of uncontrollable risk states in complex IoT systems—which begin to resemble artificial intelligence—and can be used for a quantitative self-assessment of IoT cyber risk posture.

Download Full-text

Risk Assessment Framework to Avoid Serial Failure for New Technical Solutions Applied to the Construction of a CLT Structure Resilient to Climate

Buildings ◽

10.3390/buildings11060247 ◽

2021 ◽

Vol 11 (6) ◽

pp. 247

Author(s):

Charlotte Svensson Tengberg ◽

Carl-Eric Hagentoft

Keyword(s):

Risk Assessment ◽

Success Factors ◽

Real Life ◽

Qualitative Assessment ◽

Technical Solution ◽

Functional Requirements ◽

Assessment Framework ◽

Construction Period ◽

Design Build ◽

Technical Solutions

Design-build contractors are challenged with the task of minimizing failure risks when introducing new technical solutions or adapting technical solutions to new conditions, e.g., climate change. They seem to have a disproportional trust in suppliers and their reference cases and might not have adequate resources or methodologies for sufficient evaluation. This creates the potential for serial failures to spread in the construction industry. To mitigate this, it was suggested that a predefined risk assessment framework should be introduced with the aim of providing a prequalification and requirements for the use of the technical solution. The objectives of this paper are to develop a comprehensive risk assessment framework and to explore the framework’s potential to adequately support the design-build contractor’s decisions. The framework uses qualitative assessment, relying on expert workshops and quantitative assessments, with a focus on simulation and probabilities. Tollgates are used to communicate risk assessments to the contractor. The framework is applied to a real-life case study of construction with a CLT-structure for a Swedish design-build contractor, where exposure to precipitation during construction is a key issue. In conclusion, the chosen framework was successful in a design-build contractor context, structuring the process and identifying difficulties in achieving the functional requirements concerning moisture. Three success factors were: documentation and communication, expert involvement, and the use of tollgates. Recommendations to the design-build contractor on construction of CLT structure are to keep construction period short and to use full weather protection on site.

Download Full-text