Impact of Critical Infrastructure Requirements on Service Migration Guidelines to the Cloud

Wagner, Christian; Hudic, Aleksandar; Maksuti, Silia; Tauber, Markus; Pallas, Frank

doi:10.1109/ficloud.2015.79

Cited by 5 publications

(1 citation statement)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To deal with them, as stressed by Aven [24], further research is needed to develop risk assessment procedures tailored for the management of "critical infrastructures", whose vulnerability is related to threats due to human actions that cannot be properly managed using traditional risk assessment approaches, as in the case of security infrastructures and the reliability of IT services [25,26]. It must be noted that also in the latter context, recent cases of failures and malfunctioning have caused significant problems: for example, the fire that seriously damaged Europe's largest cloud services firm, OVHcloud, in 2021 [27], or the outage that occurred in 2021, which involved one of the major Content Delivery Network (CDN) providers [28].…”

Section: Introductionmentioning

confidence: 99%

A Resilience Engineering Approach for the Risk Assessment of IT Services

Fargnoli,

Murgianu

2023

Applied Sciences

View full text Add to dashboard Cite

Nowadays, services related to IT technologies have assumed paramount importance in most sectors, creating complex systems involving different stakeholders. Such systems are subject to unpredictable risks that differ from what is usually expected and cannot be properly managed using traditional risk assessment approaches. Consequently, ensuring their reliability represents a critical task for companies, which need to adopt resilience engineering tools to reduce the occurrence of failures and malfunctions. With this goal in mind, the current study proposes a risk assessment procedure for cloud migration processes that integrates the application of the Functional Resonance Analysis Method (FRAM) with tools aimed at defining specific performance requirements for the suppliers of this service. In particular, the Critical-To-Quality (CTQ) method was used to define the quality drivers of the IT platform customers, while technical standards were applied to define requirements for a security management system, including aspects relevant to the supply chain. Such an approach was verified by means of its application to a real-life case study, which concerns the analysis of the risks inherent to the supply chain related to cloud migration. The results achieved can contribute to augmenting knowledge in the field of IT systems’ risk assessment, providing a base for further research.

show abstract

Section: Introductionmentioning

confidence: 99%