Abstract
The CORAS security risk modelling language is a customised graphical language for com-
munication, documentation and analysis of security threat and risk scenarios. We present a
textual syntax and a structured semantics for each of the five different types of CORAS di-
agrams, together with step-by-step instructions on how to translate a graphical diagram via
the textual syntax into a readable paragraph of English, using the structured semantics. This
enables users of the CORAS language to easily extract the precise meaning of a given diagram.
The semantics is modular in the sense that the semantics of a diagram can be deduced from
the semantics of its elements and relations.
Oppdragsgiver: n/a
munication, documentation and analysis of security threat and risk scenarios. We present a
textual syntax and a structured semantics for each of the five different types of CORAS di-
agrams, together with step-by-step instructions on how to translate a graphical diagram via
the textual syntax into a readable paragraph of English, using the structured semantics. This
enables users of the CORAS language to easily extract the precise meaning of a given diagram.
The semantics is modular in the sense that the semantics of a diagram can be deduced from
the semantics of its elements and relations.
Oppdragsgiver: n/a
