-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add more uncertainty classification information.
- Loading branch information
Showing
7 changed files
with
40 additions
and
40 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
12 changes: 6 additions & 6 deletions
12
UncertaintySourceArchive/src/model/categories/options/ImpactOnConfidentialityStaticData.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,20 +1,20 @@ | ||
{ | ||
"Direct": { | ||
"name": "Direct", | ||
"description": "Direct impact on confidentiality.", | ||
"exampleText": "Directly affecting personal user data.", | ||
"description": "The uncertainty has a direct impact on the software system's confidentiality.", | ||
"exampleText": "Uncertainty related to the input, processing, or storage of sensitive data like user data.", | ||
"exampleImages": [] | ||
}, | ||
"Indirect": { | ||
"name": "Indirect", | ||
"description": "Impact only in conjunction with contextual factors.", | ||
"exampleText": "Architectural Design Decisions (ADDs), Uncertainties", | ||
"description": "The uncertainty only has an indirect impact on the software system's confidentiality that usually relies on other uncertainties or other contextual factors.", | ||
"exampleText": "Uncertainty related to architectural design decisions, or security measures.", | ||
"exampleImages": [] | ||
}, | ||
"impactNone": { | ||
"name": "None", | ||
"description": "No impact on confidentiality", | ||
"exampleText": "If only publicly available data is affected", | ||
"description": "The uncertainty is expected to have no impact on confidentiality at all.", | ||
"exampleText": "Uncertainty related to handling non-sensitive data or within well-secured system parts.", | ||
"exampleImages": [] | ||
} | ||
} |
12 changes: 6 additions & 6 deletions
12
UncertaintySourceArchive/src/model/categories/options/ManageabilityStaticData.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,20 +1,20 @@ | ||
{ | ||
"Fully": { | ||
"name": "Fully Reducible", | ||
"description": "Reducible", | ||
"exampleText": "By acquiring more knowledge, Comprehensive simulation", | ||
"description": "The uncertainty can be fully resolved with appropriate means that mitigate its potential impact.", | ||
"exampleText": "Acquiring more knowledge, making an informed architectural design decision, or applying comprehensive simulation.", | ||
"exampleImages": [] | ||
}, | ||
"Partially": { | ||
"name": "Partially Reducible", | ||
"description": "At least partially reducible.", | ||
"exampleText": "By applying scenario-based mitigation strategies.", | ||
"description": "The uncertainty is at least partially reducible which reduces the potential impact severity or limits critical outcomes by appropriate mitigation techniques.", | ||
"exampleText": "Applying scenario-based mitigation strategies, or system-wide constraints and policies.", | ||
"exampleImages": [] | ||
}, | ||
"Irreducible": { | ||
"name": "Irreducible", | ||
"description": "Uncertainty cannot be further reduced.", | ||
"exampleText": "Due to its aleatory nature.", | ||
"description": "The uncertainty cannot be further reduced as there is no reasonable way to achieve the required knowledge at this point in time, or at all.", | ||
"exampleText": "Uncertainty with an aleatory nature, that cannot be resolved at all.", | ||
"exampleImages": [] | ||
} | ||
} |
8 changes: 4 additions & 4 deletions
8
UncertaintySourceArchive/src/model/categories/options/ReducibleByAddStaticData.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,14 +1,14 @@ | ||
{ | ||
"Yes": { | ||
"name": "Yes", | ||
"description": "Uncertainty can be reduced by taking an ADD.", | ||
"exampleText": "By designing the system in a way that the impact of the uncertainty is (partially) mitigated.", | ||
"description": "The uncertainty can be reduced by taking an architectural design decision.", | ||
"exampleText": "Uncertainty that can be addressed by designing the system in a way that the impact of the uncertainty is (partially) mitigated.", | ||
"exampleImages": [] | ||
}, | ||
"No": { | ||
"name": "No", | ||
"description": "Uncertainty is not resolvable or treatable by taking an ADD.", | ||
"exampleText": "The behavior of a user with a software system.", | ||
"description": "The uncertainty is not resolvable or treatable by taking an architectural design decision.", | ||
"exampleText": "Uncertainty that is outside the scope of the designed software system, and cannot be properly addressed within the design process, e.g., the behavior of a third-party.", | ||
"exampleImages": [] | ||
} | ||
} |
16 changes: 8 additions & 8 deletions
16
UncertaintySourceArchive/src/model/categories/options/ResolutionTimeStaticData.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,26 +1,26 @@ | ||
{ | ||
"Requirements": { | ||
"name": "Requirements Time", | ||
"description": "As soon as requirements are defined, the uncertainty is resolved.", | ||
"exampleText": "Confidentiality requirements", | ||
"description": "The uncertainty is expected to be resolved as soon as the requirements are defined.", | ||
"exampleText": "Uncertainty related to confidentiality requirements or security policies.", | ||
"exampleImages": [] | ||
}, | ||
"Design": { | ||
"name": "Design Time", | ||
"description": "As soon as the system is designed, the uncertainty is resolved", | ||
"exampleText": "System structure, System Componets", | ||
"description": "The uncertainty is expected to be resolved as soon as the software system is designed.", | ||
"exampleText": "Uncertainty related to architectural design decisions, the system structure, or components.", | ||
"exampleImages": [] | ||
}, | ||
"Realization": { | ||
"name": "Realization Time", | ||
"description": "As soon as the system or parts of it are implemented and deployed, the uncertainty is resolved.", | ||
"exampleText": "Where a software system is deployed and used.", | ||
"description": "The uncertainty is expected to be resolved as soon as the software system or parts of it are implemented and deployed.", | ||
"exampleText": "Uncertainty related to implementation or deployment details.", | ||
"exampleImages": [] | ||
}, | ||
"Runtime": { | ||
"name": "Runtime", | ||
"description": "As knowledge is gained from testing and system operations, the uncertainty is resolved.", | ||
"exampleText": "Monitoring", | ||
"description": "The uncertainty is expected to be resolved as knowledge is gained from testing and system operations, or not at all.", | ||
"exampleText": "Uncertainty related to runtime properties that can be inspected using dynamic analysis, e.g., using monitoring, or profiling.", | ||
"exampleImages": [] | ||
} | ||
} |
12 changes: 6 additions & 6 deletions
12
UncertaintySourceArchive/src/model/categories/options/SeverityOfTheImpactStaticData.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,20 +1,20 @@ | ||
{ | ||
"High": { | ||
"name": "High", | ||
"description": "Total loss of confidentiality, or sensitive data.", | ||
"exampleText": "An admin's password might get leaked", | ||
"description": "The uncertainty can cause a total loss of confidentiality, e.g. due to a data breach.", | ||
"exampleText": "Uncertainty either related to highly sensitive data like certificate or encryption keys, or an admin password or uncertainty related to central security measures like sanitization.", | ||
"exampleImages": [] | ||
}, | ||
"Low": { | ||
"name": "Low", | ||
"description": "Access to restricted information could be obtained but the damage is limited.", | ||
"exampleText": "User input is not validated before being processed by a software system.", | ||
"description": "The uncertainty can cause access to restricted information but the damage is limited.", | ||
"exampleText": "Uncertainty in the input validation that has limited effects due to proper security policies.", | ||
"exampleImages": [] | ||
}, | ||
"severityNone": { | ||
"name": "None", | ||
"description": "No loss of confidentiality expected at all.", | ||
"exampleText": "The user somehow gets access to metadata when interacting with a system.", | ||
"description": "The uncertainty is expected to cause no loss of confidentiality at all.", | ||
"exampleText": "Uncertainty related to parts of a software system that does not deal with sensitive information.", | ||
"exampleImages": [] | ||
} | ||
} |
12 changes: 6 additions & 6 deletions
12
UncertaintySourceArchive/src/model/categories/options/TypeStaticData.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,20 +1,20 @@ | ||
{ | ||
"Statistical": { | ||
"name": "Statistical Uncertainty", | ||
"description": "Uncertainty describable with statistical means.", | ||
"exampleText": "Stochastic expressions", | ||
"description": "The uncertainty can be described with statistical means, e.g., related to the probability of certain outcomes.", | ||
"exampleText": "Expressing uncertainty using stochastic expressions, or probability distributions.", | ||
"exampleImages": [] | ||
}, | ||
"Scenario": { | ||
"name": "Scenario Uncertainty", | ||
"description": "Distinct scenarios depending on the uncertain outcome, no statistical means", | ||
"exampleText": "Handling different types of input data in a software system.", | ||
"description": "The uncertainty can be described with distinct scenarios but there is a lack of knowledge to apply statistical means.", | ||
"exampleText": "Expressing uncertainty using enumerations of scenarios, e.g., depending on the potential outcome or form.", | ||
"exampleImages": [] | ||
}, | ||
"Recognized": { | ||
"name": "Recognized Ignorance", | ||
"description": "Awareness of the uncertainty but no mitigation or description strategy is in place.", | ||
"exampleText": "The trustworthiness of partner companies that are included in the software engineering process.", | ||
"description": "There is awareness of the uncertainty but no knowledge about potential scenarios or lack of a description strategy. This is the most general form of a known unknown.", | ||
"exampleText": "Only collecting potential uncertainty sources without considering their form.", | ||
"exampleImages": [] | ||
} | ||
} |