Change search
ReferencesLink to record
Permanent link

Direct link
Tool Support for Enterprise Architecture Analysis: with application in cyber security
KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems. (Industrial Information and Control Systems)ORCID iD: 0000-0003-3750-685X
2014 (English)Doctoral thesis, monograph (Other academic)
Abstract [en]

In today’s companies, business processes and information technology areinterwoven. Old and new systems as well as off-the-shelf products and tailoredsolutions are used. This results in heterogeneous, often complex ITlandscapes. The impact of changes and the affected systems are difficult toidentify. However, volatile business environments and changing customer requestsrequire organizations to adapt quickly and to frequently make decisionsabout the modifications of their information technology.

IT management aims at generating value from the usage of informationtechnology. One frequently used IT management approach is Enterprise Architecture.Company-wide models are used to obtain a holistic picture. Thesemodels are usually created using Enterprise Architecture modeling tools.These tools frequently have strong documentation capabilities. However, theyoften lack advanced analysis functionality. Specifically, such tools do not offersufficient support for the analysis of system properties, such as cyber security,availability or interoperability. The ability to analyze a set of possible scenariosand predict the properties of the modeled systems would be valuablefor decision-making. Changes or extensions could be evaluated before theirimplementation. In other domains, for example, in architecture in its classicalmeaning or in the development of machines, the analysis of models is a commonpractice. Typically, CAD tools are used to perform analysis and supportdecision-making. It is thereby possible to investigate the stability of buildingsor the performance of engines without the need for empirical testing.

The contribution of the research work documented in this thesis is a softwaretool with a particular focus on the analysis of Enterprise Architecturemodels and thereby support for decision-making. This tool combines stateof-the-art Enterprise Architecture tooling with advanced analysis capabilitiesthat, until now, were only offered by modeling tools for other domains. Thepresented tool possesses two components. One component allows the creationof a metamodel capturing Enterprise Architecture analysis theory, for example,relevant concepts in the context of cyber security and how they relateto each other. The other component supports the instantiation of the metamodelinto an Enterprise Architecture model. Once a model is in place, itcan be analyzed with regards to the previously specified theory so that, forinstance, a cyber security evaluation can be conducted.

The analysis tool was partly developed within the context of a larger researchproject on cyber security analysis. However, the tool is not restrictedto applications within this field. It can be used for the evaluation of numeroussystem properties. Several authors contributed to the tool both on an implementationlevel and in the development and design of the tool’s features. Theperformed research followed the Design Science methodology. First, the objectivesof a tool for Enterprise Architecture analysis were defined. Next, anartifact was designed and developed in terms of a software tool. This tool wasthen demonstrated and evaluated against the objectives. Lastly, the resultswere communicated to both academic and non-academic audiences.

Place, publisher, year, edition, pages
Stockholm: KTH Royal Institute of Technology , 2014. , xix, 239 p.
TRITA-EE, ISSN 1653-5146 ; 2014:025
Keyword [en]
Enterprise Architecture, Decision-making, Model-based analysis, Property analysis, Cyber security, Software tool, Design Science
National Category
Information Systems
Research subject
Electrical Engineering
URN: urn:nbn:se:kth:diva-144982ISBN: 978-91-7595-159-1OAI: diva2:715425
Public defence
2014-06-11, F3, Lindstedsvägen 26, KTH, Stockholm, 10:00 (English)

QC 20140523

Available from: 2014-05-23 Created: 2014-05-05 Last updated: 2014-05-23Bibliographically approved

Open Access in DiVA

Thesis(9198 kB)760 downloads
File information
File name FULLTEXT01.pdfFile size 9198 kBChecksum SHA-512
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Buschle, Markus
By organisation
Industrial Information and Control Systems
Information Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 760 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 1398 hits
ReferencesLink to record
Permanent link

Direct link