A major challenge for users and vendors of information and communication technology in Europe and world-wide is to implement security in a way that meets business needs cost-effectively, both in the short term and as enterprise needs expand. In order to meet this challenge, we need to improve the existing methods of identifying and analysing possible threats, and of specifying, designing and implementing security policies. CORAS aims to develop a framework or precise, unambiguous, and efficient risk analysis of security critical systems. This framework will be built upon a selective integration of Risk Analysis techniques and semi-formal Object Oriented Modelling to support the formation, rigorous specification and endorsement of security policies. The framework will be obtained through adapting, refining, extending, and combining methods for risk analysis, semi-formal object oriented modelling, and computerized tools (supporting the above mentioned methods). The integration of risk analysis and semiformal modelling will receive special emphasis. In particular, for each analysis scenario considered:

• What are the relevant system properties?
• How should the relevant system properties be modelled using semiformal methods?
• How do we make optimal use of the resulting semiformal models during risk analysis?
• How do we represent the results from risk analysis (intermediate as well as final results)?
• What are the general rules for maintenance and reuse of such results?
• The CORAS framework will be tested and assessed in two major trials, one within telemedicine and one within e-commerce.