Optimal allocation of software resources: A risk management approach

Pei-yu Chen, Gaurav Kataria, Ramayya Krishnan

Research output: Chapter in Book/Report/Conference proceedingConference contribution


While failure of any node, like a desktop or a server, on a firm's information system is detrimental, simultaneous failure of multiple nodes can result in loss of business continuity. Therefore, business information systems are designed to have some resilience against node failures. Despite these measures, firms face significant loss in productivity when many nodes on their network fail simultaneously either due to a malicious attack that exploits software vulnerabilities or due to design errors. In this paper, we focus on risk of failure due to attacks that exploits known software vulnerabilities. Software vulnerabilities arise from software installed on the nodes of the network. When the same software stack is installed on multiple nodes on the network, software vulnerabilities are shared among them. These shared vulnerabilities when exploited can result in correlated failure of multiple nodes. In this paper, we propose a strategy for optimally allocating M software over N nodes, such that the risk of simultaneous failure is bounded from above by an appropriate threshold. The risk management tool that we are developing can be used in practice by IT managers to actively manage risk of correlated failure.

Original languageEnglish (US)
Title of host publicationWITS 2007 - Proceedings, 17th Annual Workshop on Information Technologies and Systems
PublisherSocial Science Research Network
Number of pages6
StatePublished - 2007
Externally publishedYes
Event17th Workshop on Information Technologies and Systems, WITS 2007 - Montreal, QC, Canada
Duration: Dec 8 2007Dec 9 2007


Other17th Workshop on Information Technologies and Systems, WITS 2007
CityMontreal, QC

ASJC Scopus subject areas

  • Information Systems


Dive into the research topics of 'Optimal allocation of software resources: A risk management approach'. Together they form a unique fingerprint.

Cite this