Differences

This shows you the differences between two versions of the page.

--- emfase [2016/03/03 15:19]
katsiaryna.labunets@unitn.it [Experiments]
+++ emfase [2021/01/29 10:58]
@@ Line 1: / Line 1: @@
-====== The EMFASE Project ======
-EMFASE (//Empirical Framework for Security Design and Economic Trade-Off//) is funded by **SESAR Joint Undertaking** (WPE Call for Tender) and is managed by Eurocontrol.
-===== Topic =====
-Evaluation and validation methodologies are integral parts of Air Traffic Management (ATM). They are
-well understood for safety, environmental and other business cases – for which operational validation
-guidelines exist which are well defined and widely used. In contrast, the effectiveness of risk
-assessment practices for security, as well as comparative evaluation of such practices, is largely
-uncharted territory. We don't know to what degree the practices and their activities provide security
-and whether or not they give return on investment. Furthermore, we currently don't know how to
-evaluate or compare security practices; there are no accepted metrics to decide that activity X works
-better than activity Y in a given setting. This becomes even more true in an uncertain and rapidly
-changing environment with changing demands by users and changing threats.
-The question is: //How can SESAR stakeholders know that their methods for ensuring security in
-the complex ATM domain really work? Would additional expensive security analysis and
-measures be worth the cost?//
-One cannot simply use proven techniques from safety and just replace "safety" with “security”: safety
-risk analysis assumes a game against Nature (including involuntary human errors), while security
-risks are a game against Man. Nature might not deliberately trigger two faults; while Man can. On the
-opposite side, Nature is never running short of budget or motivation, while Man does.
-The purpose of this project is to provide ways of evaluating and comparing risk assessment methods
-for security in ATM, especially in relation to human factors. The goal is to provide relevant
-stakeholders with the means to select the risk assessment methods are best suited for the task at hand,
-for example security assessment in relation to introduction of a particular new system by taking into
-account the specific aspect of security.
-The only way to know the actual effectiveness of a risk assessment activity is to empirically investigate
-it. In this project we will therefore subject risk assessment methods to scientific empirical methods. It
-is obviously unfeasible to investigate all existing methods, so a selection of methods to investigate will
-be made. While the project will evaluate this selection of existing methods, the overall framework
-(concepts, terminology, study designs and metrics) that must be developed to do this evaluation will
-be of a general nature so as to enable later replications and comparable studies.
-===== Partners =====
-University of Trento (Coordinator), SINTEF and DeepBlue.
-===== Project Internal Information =====
-Please check [[https://trinity.disi.unitn.it/emfase/|SVN Repository]] (Restricted Access)
-===== Current Activities =====
-Below is the list of experiments and related activities.
-Trento's results are also reported in [[validation_of_risk_and_security_requirements_methodologies|Empirical Validation of Risk and Security Methodologies]].
-==== Criteria identification and validation ====
-  - SESAR Jamboree Nov 2013
-    * Participants: ATM experts
-    * Feedback: questionnaire, focus group interview
-==== Experiments ====
-  * Comparison of Security Risk Assessment (SRA) methods
-  - UNITN Security Engineering course 2013-14:
-    * Participants: 29 MSc students enrolled to Security Engineering course at the University of Trento
-    * Method: CORAS vs Eurocontrol SECRAM (*)
-    * Case Study: SmartGrid
-    * Final result: excel file with threats and controls, presentations, report
-    * Feedback: questionnaire, interview
-  - First International Week with Italian Post on Cyber Security in Complex Information Systems (Rome, Italy) 2014:
-    * Participants: students - around 60 sort of controlled participants
-    * Method: CORAS vs SESAR SECRAM (*)
-    * Case Study: Online Banking
-    * Final result: excel file with threats and controls, report
-    * Feedback: questionnaire
-  - UNITN Security Engineering course 2014-15:
-    * Participants: MSc students - around 30 sort of controlled participants
-    * Method: CORAS vs SESAR SecRAM (*)
-    * Case Study: Remotely Operated Tower (ATM) (*)
-    * Final result: excel file with threats and controls, presentations, report
-    * Feedback: questionnaire, focus groups interview
-  - UNITN Security Engineering course 2015-16:
-    * Participants: MSc students - around 50 sort of controlled participants
-    * Method: CORAS vs SESAR SecRAM (*)
-    * Case Study: Unmanned Aerial System Traffic Management (UTM)
-    * Final result: excel file with threats and controls, presentations, report
-    * Feedback: questionnaire, focus groups interview
-* Effectiveness of Catalogues of Threats and Security Controls in Security Risk Assessment
-  - EIT Winter School 2014:
-    * Participants: students around 20 sort of controlled participants
-    * Method: SESAR SecRAM (*) + [ BSI Catalog vs SECRAM Catalog (*) ]
-    * Case Study: Remotely Operated Tower (*)
-    * Final result: excel file with requirements, hand-drawn poster for result presentation, report
-    * Feedback: questionnaire
-  - EMFASE SecRAM Evaluation Workshop  2014:
-    * Participants: professionals around 15 sort of controlled participants
-    * Method: SESAR SecRAM (*) + [ BSI Catalog vs SECRAM Catalog (*) ]
-    * Case Study: Remotely Operated Tower (*)
-    * Final result: excel file with requirements, report
-    * Feedback: questionnaire, focus groups interview
-In part (*) means confidential documents are distributed
-===== Deliverables =====
-  - {{:projects:emfase:e.02.32_d1.1_selection_of_risk_assessment_methods_object_of_study_00.01.03.pdf|Selection of risk assessment methods object of study}}
-===== Publications =====
-  * K. Labunets, F. Paci, F. Massacci. **Which Security Catalogue Is Better for Novices?** In //Proc. of EmpiRE Workshop at IEEE RE'15.// {{:research_activities:experiments:2014-winter-school:labunets-etal-empire-re15-preprint.pdf|PDF (preprint)}}
-  * M. de Gramatica, K. Labunets, F. Massacci, F. Paci, and A. Tedeschi. **The Role of Catalogues of Threats and Security Controls in Security Risk Assessment: An Empirical Study with ATM Professionals.** In //Proc. of REFSQ'15//. {{:research_activities:experiments:2014-rome-deepblue:gramatica-etal-refsq2015.pdf|PDF}}
-  * M. Giacalone, R. Mammoliti, F. Massacci, F. Paci, R. Perugino, and C. Selli. **Security Triage: A Report of a Lean Security Requirements Methodology for Cost-Effective Security Analysis.** A short summary appears In //Proc. of EmpiRE Workshop at IEEE RE'14//. {{:research_activities:experiments:giacalone-etal-re14-preprint.pdf|3 pages PDF}}. A longer Industry report appears in //Proc. of ESEM'2014//. {{:research_activities:security_requirements_engineering:paper-207-esem-2014.pdf|PDF (preprint)}}
-  * K. Labunets, F. Paci, F. Massacci, and R. Ruprai. **An Experiment on Comparing Textual vs. Visual Industrial Methods for Security Risk Assessment.** In //Proc. of EmpiRE Workshop at IEEE RE'14// {{:research_activities:experiments:labunets-etal-empire-re14-preprint.pdf|PDF}}

DISI Security Research Group Wiki

User Tools

Site Tools

Differences

Page Tools