Skip to content
Snippets Groups Projects
Select Git revision
  • 92bdca3e77d88f6e6ce76ad1611298c7c1a43996
  • main default protected
2 results

requirements.txt

Blame
    • Code owners
    Assign users and groups as approvers for specific file changes. Learn more.
    This project manages its dependencies using pip. Learn more
    requirements.txt 2.28 KiB
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29 
    

    

    

    Har komponenter 
Lagt til lokale metrics i hver komponent
1. Må nå lage en global metric liste FERDIG
2. Må lage ER dynamikk liste 
3. Må koble dynamic komponenter til trusselkomponent 



# Thesis problem description 
Problem description:

The thesis aims to innovate in risk modeling through the use of bowtie diagrams and the identification and documentation of dynamic indicators of software supply chain risk.
The goal of the thesis is to research the possibilities of graphical linkage between bow tie risk models and entity relationship diagrams and to develop a method for this linkage.
This is all in an effort to facilitate dynamic risk management for software supply chains.

The thesis proposes a method for linking bow tie risk diagrams and entity relationship diagrams through dynamic indicators. 
The method will use new annotations on bow tie risk models and matrices containing indicators which can be observed for both ER architecture diagrams and bow tie risk models.
To analyze the modeled diagrams and matrices, a analysis tool will be developed to facilitate the analysis and scoring of the modeled risk image. 
The scoring will be based on amount of indicators observed for critical components and their status.

Method formulation and scorecard developement is being done using Technology research. This methodology splits the research into problem definition where a literature mapping was leveraged to understand state of the art. 
The next step is innovation where the method and prototype is developed.
For evaluation the method and tool will be tested on two cases provided by partners.
Preceeding the evaluation a new iteration of technology research will be started to improve the method and tool according to the evaluation.

The focus of the annotation will be on risks and aspects related to software supply chains. 
The method will use specialized Entity relationship components to annotate the bow tie risk models and architecture diagram, this annotation will facilitate linkage between an entity relationship diagram of a software supply chain and the bow tie risk models associated with it. 
All resulting in a method which can help in determine which metrics one should observe to pick up on changes in the risk landscape of the software supply chain facilitating dynamic risk management.