User Tools
erise
Differences
This shows you the differences between two versions of the page.
|
erise [2013/04/04 17:04] katsiaryna.labunets@unitn.it |
erise [2021/01/29 10:58] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ===== Engineering of Risk and Security Requirement Challenge ==== | ||
| - | The eRISE challenge is a series of empirical studies that aim to compare security engineering methods. Two editions of eRISE challenge has been held [[eRISE 2011]] and [[eRISE 2012]].The organization of the third edition [[eRISE 2013]] is currently ongoing. | ||
| - | |||
| - | //"The idea of eRISE challenge is to bring together methods designers, practitioners and students, and try them to apply the security methods and see if they really work." --- Fabio Massacci// | ||
| - | |||
| - | **eRISE provides method designer with**: | ||
| - | * Empirical evaluation and Benchmarking of security engineering methods; | ||
| - | * Knowledge of how and why participants intend to adopt a method; | ||
| - | * Feedback to improve a security method by investigating strengths, weakness and limitations of the method. | ||
| - | |||
| - | **eRISE aims to provide the participants with the benefit of:** | ||
| - | |||
| - | * Knowledge about various state-of-the art methods in the research field, on analyzing security risks and requirements of a system; | ||
| - | * Opportunity to participate and work on an international collaborative project remotely. | ||
| - | |||
| - | ==== Research Question ==== | ||
| - | ==== Research Approach ==== | ||
| - | |||
| - | ==== Experimental Protocol ==== | ||
| - | |||
| - | ===Participants=== | ||
| - | |||
| - | The eRISE Experimental Protocol of eRISE 2012 involves five types of actors: | ||
| - | - **Method Designer** is the researcher who has proposed one of the method under evaluation. His main responsibility is to train participants in the method and to answer participants' questions during the Application phase. S/he also contributes to the assessment of the methods'effectiveness by analyzing groups' reports. | ||
| - | - **Customer** is an industrial partner who introduces the industrial application scenario to the participants. S/he also has to be available during the Application phase to answers all possible questions that participants may raise during analysis. | ||
| - | - **Observer** plays an important role during the Application phase because they supplement audio-video recording with information about the behavior of participants e.g (if the Participants work in group vs work alone) and the difficulties that they face during the application of the method. The observer also interviews the groups and leads the post-it notes sessions. | ||
| - | - **Researcher** takes care of the organization, sets the research questions, selects the participants, invites the method designers and the customers, and analyzes the data collected during the study. | ||
| - | - **Participant** is the most important role. Participants work in group and apply a method provided by one of the method designers to analyze the risk and security issues of the scenario provided by the customer. | ||
erise.txt ยท Last modified: 2021/01/29 10:58 (external edit)
Page Tools
