User Tools
catalogues-rome-2014
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
catalogues-rome-2014 [2017/02/28 12:17] katsiaryna.labunets@unitn.it [Method and Catalogues] |
catalogues-rome-2014 [2021/01/29 10:58] (current) |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== The Role of Catalogues of Threats and Security Controls in Security Risk Assessment: An Empirical Study with ATM Professionals ====== | ====== The Role of Catalogues of Threats and Security Controls in Security Risk Assessment: An Empirical Study with ATM Professionals ====== | ||
| - | This page provides additional resources that enable replication of our work published at {{:research_activities:experiments:2014-rome-deepblue:gramatica-etal-refsq2015.pdf|REFSQ 2015}}. See the [[validation_of_risk_and_security_requirements_methodologies|main page]] for our work on empirical validation of security risk assessment methods and other experiments. | + | This page provides additional resources that enable replication of our work published at {{:research_activities:experiments:2014-rome-deepblue:gramatica-etal-refsq2015.pdf|REFSQ2015}}. See the [[validation_of_risk_and_security_requirements_methodologies|main page]] for our work on empirical validation of security risk assessment methods and other experiments. |
| ===== Goals ===== | ===== Goals ===== | ||
| Line 14: | Line 14: | ||
| To conduct security risk assessment the groups used SESAR ATM Security Risk Assessment Method (SecRAM). As an instance of domain-specific catalogues we used the security catalogue developed by EUROCONTROL which come with SecRAM method. As an instance of domain-general catalogues we chose the threats and security controls catalogues of the [[https://www.bsi.bund.de/EN/Topics/ITGrundschutz/ITGrundschutzCatalogues/itgrundschutzcatalogues_node.html|BSI IT-Grundschutz standard]]. | To conduct security risk assessment the groups used SESAR ATM Security Risk Assessment Method (SecRAM). As an instance of domain-specific catalogues we used the security catalogue developed by EUROCONTROL which come with SecRAM method. As an instance of domain-general catalogues we chose the threats and security controls catalogues of the [[https://www.bsi.bund.de/EN/Topics/ITGrundschutz/ITGrundschutzCatalogues/itgrundschutzcatalogues_node.html|BSI IT-Grundschutz standard]]. | ||
| - | **The materials related to SecRAM method and EUROCONTROL EATM catalogues are confidential and available upon request.** | + | **The materials related to SecRAM method and EUROCONTROL EATM catalogues are confidential.** |
| ==== Application Scenario ==== | ==== Application Scenario ==== | ||
catalogues-rome-2014.1488280669.txt.gz ยท Last modified: 2021/01/29 10:58 (external edit)
Page Tools
