Logo PTI
Polish Information Processing Society
Logo FedCSIS

Annals of Computer Science and Information Systems, Volume 5

Proceedings of the 2015 Federated Conference on Computer Science and Information Systems

Software Risk Assessment for Measuring Instruments in Legal Metrology

,

DOI: http://dx.doi.org/10.15439/2015F127

Citation: Proceedings of the 2015 Federated Conference on Computer Science and Information Systems, M. Ganzha, L. Maciaszek, M. Paprzycki (eds). ACSIS, Vol. 5, pages 11131123 ()

Full text

Abstract. In Europe, measuring instruments subject to legal control are responsible for an annual turnover of 500 billion Euros and need to pass a conformity assessment with respect to European directives or national legislation before they can be used. Today, measuring instruments are frequently integrated into open networks and even branch into the areas of cloud computing and Internet of Things. Since software is one of the key components of such devices, Germany's national metrology institute, the Physikalisch-Technische Bundesantalt, is developing a method to assess the risks and evaluate current threats associated with software. The method uses the structure of and combines elements from the international ISO/IEC standards 27005 and 15408. It could be helpful for conformity assessment bodies and industry alike and supports the comparability of risk assessment results. Despite its focus on legal metrology, the method is applicable to other areas where software risk assessment is required, too.