Lowis, LutzHöhn, SebastianGilliot, MaikeAlkassar, AmmarSiekmann, Jörg2019-04-032019-04-032008978-3-88579-222-2https://dl.gi.de/handle/20.500.12116/21499Software vulnerabilities put automated business processes at risk. In service- oriented architectures (SOA), where business processes are implemented as potentially highly complex service compositions, the exploit of a software vulnerability can have far reaching effects on the confidentiality, integrity, and availability of business processes. In this paper, we report on our ongoing work which combines business process models with vulnerability information to automatically determine those effects. This determination is required in the identification phase in risk management.enText/Conference Paper1617-5468