Risk assessment plays a crucial role in ensuring the security and resilience of modern computer systems. Existing methods for conducting risk assessments often suffer from tedious and time-consuming processes, making it challenging to maintain a comprehensive overview of potential security issues. In this paper, we propose a novel approach that leverages attack graphs to enhance the efficiency and effectiveness of risk assessment. Attack graphs visually represent the various attack paths that adversaries can exploit within a system, enabling a systematic exploration of potential vulnerabilities. By extending attack graphs with capabilities to include countermeasures and consequences, they can be leveraged to constitute the complete risk assessment process. Our method offers a more streamlined and comprehensive analysis of system vulnerabilities, where system changes, or environment changes can easily be adapted and the issues exposing the highest risk can easily be identified. We demonstrate the effectiveness of our approach through a case study, as well as the applicability by combining existing risk assessment standards with our method. Our work aims to bridge the gap between risk assessment practices and evolving threat landscapes, offering an improved methodology for managing and mitigating risks in modern computer systems.

翻译：风险评估在确保现代计算机系统的安全性和韧性方面发挥着关键作用。现有风险评估方法通常存在过程繁琐且耗时的问题，难以全面掌握潜在安全威胁。本文提出了一种利用攻击图提升风险评估效率和效力的新颖方法。攻击图以可视化方式呈现攻击者可在系统中利用的各种攻击路径，从而实现对潜在漏洞的系统性探索。通过扩展攻击图使其具备包含防护措施与后果的能力，可将其用于构建完整的风险评估流程。我们的方法提供了更精简、更全面的系统漏洞分析，能够轻松适应系统或环境变更，并快速识别最高风险暴露问题。通过案例研究验证了该方法的有效性，并通过将现有风险评估标准与我们的方法相结合展示了其适用性。本研究旨在弥合风险评估实践与不断演变的威胁格局之间的差距，为现代计算机系统风险管理和缓解提供改进型方法论。