Issue 7815: The RiskTheme suggests a grouping, but this is different to packaging (uml-qos-ft-ftf) Source: BAE SYSTEMS (Mr. Kevin Dockerill, kevin.dockerill@baesystems.com) Nature: Clarification Severity: Significant Summary: The RiskTheme suggests a grouping, but this is different to packaging. For example, we would define a theme (e.g. user input), but package risks according to a different criteria (e.g. user groups). Following this definition, it seems unnecessary to define RiskTheme as a specialisation of AbstractRisk. A RiskTheme sounds like a theme. It enables the user to categorise risks in some way. Values are held for each risk (frequency and consequence). It may thus be useful to consider having threshold values within the RiskTheme (for Frequency and Consequence). So, a 'user input' theme has a threshold 'low' so that you can run checks to see that all risks of this theme are also low. Resolution: Revised Text: Actions taken: September 30, 2004: received issue March 8, 2006: closed issue Discussion: Risk themes are categorizations of risks without any constraints on the categorization. The reason for this is to have full flexibility in the categorization. The reason for defining RiskTheme as specialization of AbstractRisk is that it sometimes is useful to define treatment relative to risk themes, while insisting that a theme is related to a single asset is too constraining. Risk evaluation criteria are related to abstract risk, but are in general underspecified in the meta model, so they may be defined with full flexibility. Disposition: Closed, no change End of Annotations:===== m: webmaster@omg.org Date: 30 Sep 2004 06:29:38 -0400 To: Subject: Issue/Bug Report -------------------------------------------------------------------------------- Name: Kevin Dockerill Company: BAE SYSTEMS, Warton, Lancs UK mailFrom: Kevin.dockerill@baesystems.com Notification: No Specification: UML Profile for Modeling Quality of Service and Fault Tolerance Characteristics and Mechanisms Section: fig 12.5 FormalNumber: Ptc/2004-06-01 Version: Draft RevisionDate: 7/21/2004 Page: 56 Nature: Clarification Severity: Significant HTTP User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Description The RiskTheme suggests a grouping, but this is different to packaging. For example, we would define a theme (e.g. user input), but package risks according to a different criteria (e.g. user groups). Following this definition, it seems unnecessary to define RiskTheme as a specialisation of AbstractRisk. A RiskTheme sounds like a theme. It enables the user to categorise risks in some way. Values are held for each risk (frequency and consequence). It may thus be useful to consider having threshold values within the RiskTheme (for Frequency and Consequence). So, a 'user input' theme has a threshold 'low' so that you can run checks to see that all risks of this theme are also low.