This shows you the differences between two versions of the page.
emfase [2016/03/03 14:12] fabio.massacci@unitn.it [Current Activities] |
emfase [2021/01/29 10:58] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== The EMFASE Project ====== | ||
- | |||
- | EMFASE (//Empirical Framework for Security Design and Economic Trade-Off//) is funded by **SESAR Joint Undertaking** (WPE Call for Tender) and is managed by Eurocontrol. | ||
- | |||
- | ===== Topic ===== | ||
- | |||
- | Evaluation and validation methodologies are integral parts of Air Traffic Management (ATM). They are | ||
- | well understood for safety, environmental and other business cases – for which operational validation | ||
- | guidelines exist which are well defined and widely used. In contrast, the effectiveness of risk | ||
- | assessment practices for security, as well as comparative evaluation of such practices, is largely | ||
- | uncharted territory. We don't know to what degree the practices and their activities provide security | ||
- | and whether or not they give return on investment. Furthermore, we currently don't know how to | ||
- | evaluate or compare security practices; there are no accepted metrics to decide that activity X works | ||
- | better than activity Y in a given setting. This becomes even more true in an uncertain and rapidly | ||
- | changing environment with changing demands by users and changing threats. | ||
- | |||
- | The question is: //How can SESAR stakeholders know that their methods for ensuring security in | ||
- | the complex ATM domain really work? Would additional expensive security analysis and | ||
- | measures be worth the cost?// | ||
- | |||
- | One cannot simply use proven techniques from safety and just replace "safety" with “security”: safety | ||
- | risk analysis assumes a game against Nature (including involuntary human errors), while security | ||
- | risks are a game against Man. Nature might not deliberately trigger two faults; while Man can. On the | ||
- | opposite side, Nature is never running short of budget or motivation, while Man does. | ||
- | The purpose of this project is to provide ways of evaluating and comparing risk assessment methods | ||
- | for security in ATM, especially in relation to human factors. The goal is to provide relevant | ||
- | stakeholders with the means to select the risk assessment methods are best suited for the task at hand, | ||
- | for example security assessment in relation to introduction of a particular new system by taking into | ||
- | account the specific aspect of security. | ||
- | |||
- | The only way to know the actual effectiveness of a risk assessment activity is to empirically investigate | ||
- | it. In this project we will therefore subject risk assessment methods to scientific empirical methods. It | ||
- | is obviously unfeasible to investigate all existing methods, so a selection of methods to investigate will | ||
- | be made. While the project will evaluate this selection of existing methods, the overall framework | ||
- | (concepts, terminology, study designs and metrics) that must be developed to do this evaluation will | ||
- | be of a general nature so as to enable later replications and comparable studies. | ||
- | |||
- | ===== Partners ===== | ||
- | |||
- | University of Trento (Coordinator), SINTEF and DeepBlue. | ||
- | |||
- | ===== Project Internal Information ===== | ||
- | |||
- | Please check [[https://trinity.disi.unitn.it/emfase/|SVN Repository]] (Restricted Access) | ||
- | |||
- | |||
- | |||
- | |||
- | ===== Current Activities ===== | ||
- | |||
- | Below is the list of experiments and related activities. | ||
- | |||
- | |||
- | ==== Criteria identification and validation ==== | ||
- | |||
- | - SESAR Jamboree Nov 2013 | ||
- | * Participants: ATM experts | ||
- | * Feedback: questionnaire, focus group interview | ||
- | |||
- | ==== Experiments ==== | ||
- | - UNITN Security Engineering course 2013-14: | ||
- | * Participants: students around 60 sort of controlled participants | ||
- | * Method: Coras vs Eurocontrol SECRAM (*) | ||
- | * Case Study: SmartGrid | ||
- | * Final result: excel file with threats and controls, presentations, report | ||
- | * Feedback: questionnaire, interview | ||
- | - EIT Winter School 2014: | ||
- | * Participants: students around 20 sort of controlled participants | ||
- | * Method: SESAR SecRAM (*) + [ BSI Catalog vs SECRAM Catalog (*) ] | ||
- | * Case Study: Remotely Operated Tower (*) | ||
- | * Final result: excel file with requirements, hand-drawn poster for result presentation, report | ||
- | * Feedback: questionnaire | ||
- | |||
- | In part (*) means confidential documents are distributed | ||
- | |||
- | ==== Deliverables ==== | ||
- | - {{:projects:emfase:e.02.32_d1.1_selection_of_risk_assessment_methods_object_of_study_00.01.03.pdf|Selection of risk assessment methods object of study}} | ||
- | |||
- | ==== Publications ==== | ||
- | - | ||