This is an old revision of the document!
Emfase conf call – 07/11/2014 Participants: UNITN: FP, MDG, FM SINTEF: BS, KS DBL: MR
Points to be discussed:
Discussion for comprehension questionnaire
Main hypothesis: - There is no difference between the comprehension levels of graphical and textual risk models Sub-hypothesis: - Visual graphs are better than tables for understanding how separate paths/rows are related - Visual graphs are better than tables for calculation and consistency checking - Tables are better than visual graphs filtering out specific information
Discussion about the definition of graphical model: nodes and edges definition is not exhaustive; a working definition which specifies which are the elements of the graphical models is needed. We need to understand which are the features of the graphic model, in order to identify if these features work or not. The scenario identified in Oslo was Poste Italiane Home Banking.
Direct observation
MR explains how they defined criteria (according to MEM), sub-categories (according to success criteria), categories (as defined in Oslo) and indicators (defined by DBL)that can be measured and direct observed. A brief description of the experimental protocol is needed: how are you going to do the direct observation? How are you going to measure what you are observing? Consider that only partial observability will be available, how are you going to solve this problem?
Actions list FP: share paper about comprehensibility by 11/07 UNITN, SINTEF: provide semi-final Comprehension Questionnaire by 8th August DBL: provide a short description on the added-value for the project and for the participants and the protocol for the observation by End of July UNITN: provide 1 page with protocol for Section 4 of D2.1
Some interesting article for the experiments Zip Files with experimental Articles
Everybody should submit their slides in the SVN.
Day 1:
Day 2:
Timeline
Hypothesis to be tested is Comprehensibility Tentative experiments
Case study
Schedule
Proposal is to perform the observation of the SESAR assessment
Decisions
FM contacted RK who said that he will talk to IANS tutorial manager to see whether he will agree.
Oct 2014 – Jan 2015 - Interviews with Security Experts (Raminder Ruprai - NGRID, Ivonne Herrera – SINTEF, Birgit Goelz – DFS, Lorenzo Falciani – PwC, Gianluca Gargiulo - NAIS Solutions, etc.)
D1.1 (State of the Art). No major issue internally.
RK's Comment: there is a presentation problem: we discuss the existence of the standards but don't discuss whether they complete or not and wat is missing and why tey are different, section 3 describe the criteria, and 4 are well done but the end of chapter 4 explain about verification and we instantiate immediately instantiated to an empirical verification of a subset, why the oter ave not been selected. The revision should address the one to assess of what is missing in the state of the art, how the criteria linked back to SOA or how they help us selecting the case studies).
D2.1 (Case study) The case study deliverable is essentially rephrased from SESAR deliverables. Question of access has been raised with RK (see later).
RK's comment: First 3 chapters ok, with section 4 have some yellow markers, conclusions are empty. migt be a problem of right version of the document.
D1.1 RK to send comment so far. BS to address them and We send it back by Friday 28 March.
D2.1. EC to send back the right version immediately and wait for feedback
RK comment: a SJU Memo is in preparation for granting access to SESAR documents (at least without IPR claims as foreground). We will foll tat procedure when it is ready.
In the cases where official access is not possible we will use a disclaimer about expert opinion and use an agreed procedure to collect confidential material.UNITN has already used it for the SECRAM list of pre- and post- controls at the WINTER experiment.
Disclaimer to be used in case study descriptions:
The case study description is based from interviews of experts familiar the Remote Virtual Tower development at SESAR. Its content should not be taken in any way as officially endorsed by SESAR SJU or SESAR's participants
The procedure for handling confidential material for the experiments is the following:
In part (*) means confidential document is distributed according to the process above.
RK reported a good feedback from Martin Hawley.
Only three groups produced a report in te SESAR format. The other have not done it. We will only evaluate the excel file.
FP to save the excel file produced by the students in the repository and then share the google doc wit Hans De Han, Martin Hawley, AT and BS. Evaluation to be done by them. Internal deadline for feedback to be aligned wit Hans availability.
The next experiment is Rome
MDG will prepare a draft description of these experiments (who, what, when) to be circulated and posted on the SVN (one directory per experiment).
BS to prepare a draft of the CORAS Material to follow te step by step process. FP to prepare draft of the SeCRAM material from Martin Hawley's material from Winter Experiment
EC to set a conference call one for organizing the May experiment
Presentation at SESAR Jamborre (20-22 May) of results to EMFASE activities. RK suggests a slot on Monday.
RK suggest to prepare a White paper to be distributed in advance.
Deadline end of April.