Your search keyword '"Johnson, Pontus"' showing total 17 results

1. An Attack Simulation Language for the IT Domain

Author

Katsikeas, Sotirios, Hacks, Simon, Johnson, Pontus, Ekstedt, Mathias, Lagerström, Robert, Jacobsson, J., Wällstedt, B., Eliasson, P., Katsikeas, Sotirios, Hacks, Simon, Johnson, Pontus, Ekstedt, Mathias, Lagerström, Robert, Jacobsson, J., Wällstedt, B., and Eliasson, P.

Abstract

Cyber-attacks on IT infrastructures can have disastrous consequences for individuals, regions, as well as whole nations. In order to respond to these threats, the cyber security assessment of IT infrastructures can foster a higher degree of security and resilience against cyber-attacks. Therefore, the use of attack simulations based on system architecture models is proposed. To reduce the effort of creating new attack graphs for each system under assessment, domain-specific languages (DSLs) can be employed. DSLs codify the common attack logics of the considered domain. Previously, MAL (the Meta Attack Language) was proposed, which serves as a framework to develop DSLs and generate attack graphs for modeled infrastructures. In this article, we propose coreLang as a MAL-based DSL for modeling IT infrastructures and analyzing weaknesses related to known attacks. To model domain-specific attributes, we studied existing cyber-attacks to develop a comprehensive language, which was iteratively verified through a series of brainstorming sessions with domain modelers. Finally, this first version of the language was validated against known cyber-attack scenarios., QC 20210219

Published

2020

2. Empirical assessment of the accuracy of an interoperability prediction language.

Author

Ullberg, Johan and Johnson, Pontus

Subjects

INTERNETWORKING, PREDICTION models, COMPUTER network architectures, SYSTEMS design, COMPUTER systems, SYSTEMS development, INFORMATION resources management

Abstract

Interoperability, defined as the satisfaction of a communication need between two or more actors, is an important aspect in many phases of an enterprise's development. Mastering the field of interoperability is a daunting task so aid in predicting interoperability can be of great benefit. Formalisms capable of such predictions of future information system architectures are however sparse, and when employed, it is essential that the prediction is accurate. In this paper, a previously proposed interoperability modelling and prediction language is subjected to case testing and evaluated toward interoperability predictions made by practitioners and experts in the field. The results show that although there are some areas not currently covered by the framework, in general, it performs better than the intended users, and would thereby provide additional support in various development and design contexts. [ABSTRACT FROM AUTHOR]

Published

2017

3. Business Model Risk Analysis: Predicting the Probability of Business Network Profitability.

Author

Johnson, Pontus, Iacob, Maria Eugenia, Välja, Margus, van Sinderen, Marten, Magnusson, Christer, and Ladhe, Tobias

Published

2013

4. P2AMF: Predictive, Probabilistic Architecture Modeling Framework.

Author

Johnson, Pontus, Ullberg, Johan, Buschle, Markus, Franke, Ulrik, and Shahzad, Khurram

Published

2013

5. Predicting Interoperability in an Environmental Assurance System.

Author

Ullberg, Johan and Johnson, Pontus

Published

2012

6. A Tool for Interoperability Analysis of Enterprise Architecture Models using Pi-OCL.

Author

Ullberg, Johan, Franke, Ulrik, Buschle, Markus, and Johnson, Pontus

Abstract

Decision-making on enterprise-wide information system issues can be furthered by the use of models as advocated by the discipline of enterprise architecture. In order to provide decision-making support, enterprise architecture models should be amenable to analyses. This paper presents a software tool, currently under development, for interoperability analysis of enterprise architecture models. In particular, the ability to query models for structural information is the main focus of the paper. Both the tool architecture and its usage is described and exemplified. [ABSTRACT FROM AUTHOR]

Published

2010

7. Quantifying IT Impacts on Organizational Structure and Business Value with Extended Influence Diagrams.

Author

Gustafsson, Pia, Franke, Ulrik, Höök, David, and Johnson, Pontus

Published

2008

8. The IT Organization Modeling and Assessment Tool for IT Governance Decision Support.

Author

Simonsson, Mårten, Johnson, Pontus, and Ekstedt, Mathias

Abstract

This short paper describes the IT Organization Modeling and Assessment Tool (ITOMAT) and how it can be used for IT governance decision making support. ITOMAT consists of an enterprise architecture metamodel that describes IT organizations. ITOMAT further contains a Bayesian network for making predictions on how changes to IT organization models will affect the IT governance performance as perceived by business stakeholders. In order to make such predictions accurately, the network learns from data on previous experience. Case studies at 35 companies have been utilized for calibration of the network. [ABSTRACT FROM AUTHOR]

Published

2008

9. Formalizing Analysis of Enterprise Architecture.

Author

Doumeingts, Guy, Müller, Jörg, Morel, Gérard, Vallespir, Bruno, Johnson, Pontus, Nordström, Lars, and Lagerström, Robert

Published

2007

10. An architecture modeling framework for probabilistic prediction.

Author

Johnson, Pontus, Ullberg, Johan, Buschle, Markus, Franke, Ulrik, and Shahzad, Khurram

Subjects

PROBABILISTIC inference, UNIFIED modeling language, PROGRAMMING languages, COMPUTER architecture, ARCHITECTURE Analysis & Design Language

Abstract

In the design phase of business and IT system development, it is desirable to predict the properties of the system-to-be. A number of formalisms to assess qualities such as performance, reliability and security have therefore previously been proposed. However, existing prediction systems do not allow the modeler to express uncertainty with respect to the design of the considered system. Yet, in contemporary business, the high rate of change in the environment leads to uncertainties about present and future characteristics of the system, so significant that ignoring them becomes problematic. In this paper, we propose a formalism, the Predictive, Probabilistic Architecture Modeling Framework (PAMF), capable of advanced and probabilistically sound reasoning about business and IT architecture models, given in the form of Unified Modeling Language class and object diagrams. The proposed formalism is based on the Object Constraint Language (OCL). To OCL, PAMF adds a probabilistic inference mechanism. The paper introduces PAMF, describes its use for system property prediction and assessment and proposes an algorithm for probabilistic inference. [ABSTRACT FROM AUTHOR]

Published

2014

11. A method for predicting the probability of business network profitability.

Author

Johnson, Pontus, Iacob, Maria, Välja, Margus, Sinderen, Marten, Magnusson, Christer, and Ladhe, Tobias

Subjects

PROFITABILITY, BUSINESS networks, STRATEGIC alliances (Business), CORPORATE profits, FINANCIAL risk

Abstract

In the design phase of business collaboration, it is desirable to be able to predict the profitability of the business-to-be. Therefore, techniques to assess qualities such as costs, revenues, risks, and profitability have been previously proposed. However, they do not allow the modeler to properly manage uncertainty with respect to the design of the considered business collaboration. In many real collaboration projects today, uncertainty regarding the business' present or future characteristics is so significant that ignoring it becomes problematic. In this paper, we propose an approach based on the predictive, probabilistic architecture modeling framework (PAMF), capable of advanced and probabilistically sound reasoning about profitability risks. The PAMF-based approach for profitability risk prediction is also based on the e-value modeling language and on the object constraint language. The paper introduces the prediction and modeling approach, and a supporting software tool. The use of the approach is illustrated by means of a case study originated from the Stockholm Royal Seaport smart city project. [ABSTRACT FROM AUTHOR]

Published

2014

12. An architecture framework for enterprise IT service availability analysis.

Author

Franke, Ulrik, Johnson, Pontus, and König, Johan

Subjects

*SYSTEMS availability, *MODEL-driven software architecture, *FAULT trees (Reliability engineering), *INFORMATION technology, *SOFTWARE frameworks, *SOFTWARE engineering

Abstract

This paper presents an integrated enterprise architecture framework for qualitative and quantitative modeling and assessment of enterprise IT service availability. While most previous work has either focused on formal availability methods such as fault trees or qualitative methods such as maturity models, this framework offers a combination. First, a modeling and assessment framework is described. In addition to metamodel classes, relationships and attributes suitable for availability modeling, the framework also features a formal computational model written in a probabilistic version of the object constraint language. The model is based on 14 systemic factors impacting service availability and also accounts for the structural features of the service architecture. Second, the framework is empirically tested in nine enterprise information system case studies. Based on an initial availability baseline and the annual evolution of the 14 factors of the model, annual availability predictions are made and compared with the actual outcomes as reported in SLA reports and system logs. The practical usefulness of the method is discussed based on the outcomes of a workshop conducted with the participating enterprises, and some directions for future research are offered. [ABSTRACT FROM AUTHOR]

Published

2014

13. Availability of enterprise IT systems: an expert-based Bayesian framework.

Author

Franke, Ulrik, Johnson, Pontus, König, Johan, and Marcks von Würtemberg, Liv

Subjects

COMPUTER software quality control standards, SOURCE code, COMPUTER networks in business enterprises, INFORMATION technology, BAYESIAN analysis, DECISION making, STOCK exchanges, ELECTRONIC trading of securities

Abstract

Ensuring the availability of enterprise IT systems is a challenging task. The factors that can bring systems down are numerous, and their impact on various system architectures is difficult to predict. At the same time, maintaining high availability is crucial in many applications, ranging from control systems in the electric power grid, over electronic trading systems on the stock market to specialized command and control systems for military and civilian purposes. This paper describes a Bayesian decision support model, designed to help enterprise IT system decision-makers evaluate the consequences of their decisions by analyzing various scenarios. The model is based on expert elicitation from 50 experts on IT systems availability, obtained through an electronic survey. The Bayesian model uses a leaky Noisy-OR method to weigh together the expert opinions on 16 factors affecting systems availability. Using this model, the effect of changes to a system can be estimated beforehand, providing decision support for improvement of enterprise IT systems availability. The Bayesian model thus obtained is then integrated within a standard, reliability block diagram-style, mathematical model for assessing availability on the architecture level. In this model, the IT systems play the role of building blocks. The overall assessment framework thus addresses measures to ensure high availability both on the level of individual systems and on the level of the entire enterprise architecture. Examples are presented to illustrate how the framework can be used by practitioners aiming to ensure high availability. [ABSTRACT FROM AUTHOR]

Published

2012

14. Architecture analysis of enterprise systems modifiability: a metamodel for software change cost estimation.

Author

Lagerström, Robert, Johnson, Pontus, and Ekstedt, Mathias

Subjects

BUSINESS development program administration, SOFTWARE architecture, SOFTWARE productivity, PROBABILITY theory, MODELS & modelmaking

Abstract

Enterprise architecture models can be used in order to increase the general understanding of enterprise systems and specifically to perform various kinds of analysis. The present paper proposes a metamodel for enterprise systems modifiability analysis, i.e. assessing the cost of making changes to enterprise-wide systems. The enterprise architecture metamodel is formalized using probabilistic relational models, which enables the combination of regular entity-relationship modeling aspects with means to perform enterprise architecture analysis. The content of the presented metamodel is validated based on survey and workshop data and its estimation capability is tested with data from 21 software change projects. To illustrate the applicability of the metamodel an instantiated architectural model based on a software change project conducted at a large Nordic transportation company is detailed. [ABSTRACT FROM AUTHOR]

Published

2010

15. Enterprise architecture analysis with extended influence diagrams.

Author

Johnson, Pontus, Lagerström, Robert, Närman, Per, and Simonsson, Mårten

Subjects

ENTERPRISE application integration (Computer systems), INFORMATION resources management, DECISION support systems, DECISION making, FORMAL languages, COMMUNICATION in management

Abstract

The discipline of enterprise architecture advocates the use of models to support decision-making on enterprise-wide information system issues. In order to provide such support, enterprise architecture models should be amenable to analyses of various properties, as e.g. the level of enterprise information security. This paper proposes the use of a formal language to support such analysis. Such a language needs to be able to represent causal relations between, and definitions of, various concepts as well as uncertainty with respect to both concepts and relations. To support decision making properly, the language must also allow the representation of goals and decision alternatives. This paper evaluates a number of languages with respect to these requirements, and selects influence diagrams for further consideration. The influence diagrams are then extended to fully satisfy the requirements. The syntax and semantics of the extended influence diagrams are detailed in the paper, and their use is demonstrated in an example. [ABSTRACT FROM AUTHOR]

Published

2007

16. A survey on CIO concerns-do enterprise architecture frameworks support them?

Author

Lindström, Åsa, Johnson, Pontus, Johansson, Erik, Ekstedt, Mathias, and Simonsson, Mårten

Subjects

INFORMATION architecture, INFORMATION science, CHIEF information officers, INFORMATION resources management, BUSINESS enterprises

Abstract

The challenge of IT management is today considerable. In industry, the organizational role of the Chief Information Officer (CIO) has been promoted as the owner of these challenges. In spite of a general acceptance of the problems associated with the responsibilities of the CIO, very little academic research has been conducted on the issues and constraints of this role. In order to address these shortcomings, this article presents the results of a survey in which Swedish CIOs have prioritized their most important concerns. In academia, a response to the IT system management challenges has presented itself in the discipline of Enterprise Architecture. The article argues that the CIO role is the primary stakeholder of Enterprise Architecture, so his/her need for decision support should guide Enterprise Architecture research and framework development. Therefore, the article presents a brief review over how well two existing Enterprise Architecture frameworks address the surveyed concerns of the CIO. Results from the survey indicate that the three highest prioritized concerns of CIOs are to decrease the cost related to the business organization, to improve the quality of the interplay between the IT organization and the business organization and to provide new computer-aided support to the business organization. The comparison between the CIOs' prioritization and the foci of the frameworks shows some discrepancies. The largest disharmony lies in the lack of decision support for issues related to the IT organization. Furthermore, support for explicitly estimating and managing costs is lacking within the frameworks. [ABSTRACT FROM AUTHOR]

Published

2006

17. Introduction: Third Workshop on Trends in Enterprise Architecture Research (TEAR 2008).

Author

Aier, Stephan, Johnson, Pontus, and Schelp, Joachim

Abstract

The field of enterprise architecture attracted the attention of the research community for the first time when Zachman introduced the Framework for Information Systems Architecture in 1987. However, it was not until 1996 that enterprise architecture emerged as an active field of business activity and research. Enterprise architecture (EA) is important because organizations need to adapt with increasing speeed to changing customer requirements and business goals. This need influences the entire chain of activities of an enterprise, from business processes to IT support. To keep the enterprise architecture coherent and aligned with business goals, the relations between the different architectures must be clearly defined and consistent. [ABSTRACT FROM AUTHOR]

Published

2009