User Tools

Site Tools


erise

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
erise [2013/04/05 18:33]
federica.paci@unitn.it [Research Question]
erise [2021/01/29 10:58] (current)
Line 1: Line 1:
-===== Engineering of Risk and Security Requirement ​Challenge ====+===== eRISE Challenge ====
  
-The eRISE challenge is a series of empirical studies that aim to compare security engineering methods sponsored by [[http://​www.nessos-project.eu|NESSoS]] European Project and [[http://​www.eitictlabs.eu|EIT ICT Labs]]. ​Two editions of eRISE challenge has been held [[eRISE 2011]] ​and [[eRISE 2012]].The organization of the third edition ​[[eRISE 2013]] ​is currently ongoing.+The eRISE (engineering RIsks and SEcurity Requirements) ​challenge is a series of empirical studies that aim to compare security engineering methods sponsored by [[http://​www.nessos-project.eu|NESSoS]] European Project and [[http://​www.eitictlabs.eu|EIT ICT Labs]]. ​Three editions of eRISE challenge has been held [[eRISE 2011]][[eRISE 2012]], and [[eRISE 2013]]. See the [[validation_of_risk_and_security_requirements_methodologies|main page]] for our work on empirical validation of security risk assessment methods and other experiments.
  
 The idea of eRISE challenge is to bring together researchers,​ young students and practitioners to understand if security methods are effective and what features determine their effectiveness. The idea of eRISE challenge is to bring together researchers,​ young students and practitioners to understand if security methods are effective and what features determine their effectiveness.
  
-With eRISE we want to be able to tell whether //it is not a method to find security recommendations..it helps us to represent the model but does not help in finding solution// or //it helps to find out specific security requirement//​.  ​+With eRISE we want to be able to tell whether ​"//it is not a method to find security recommendations..//", or at least "//it helps us to represent the model but does not help in finding solution//", ​or hopefully "//it helps to find out specific security requirement//​." (quoting some of the participants of our experiments).  ​
  
 **eRISE provides ​ method designer with**:  ​ **eRISE provides ​ method designer with**:  ​
-  * Empirical evaluation and Benchmarking ​of security engineering methods;  +  * Empirical evaluation and benchmarking ​of security engineering methods; 
-  * Knowledge of how and why participants intend to adopt a method; +  * Understand if the proposed ​method ​works in practice ​ 
-  * Feedback to improve a security method by investigating strengths, weakness and   ​limitations ​of the   ​method+  * Feedback to improve a security method by investigating ​its strengths, weakness and limitations. ​
  
 **eRISE aims to provide the participants with the benefit of:**  **eRISE aims to provide the participants with the benefit of:** 
  
   * Knowledge about various state-of-the art methods in the research field, on analyzing security risks  and requirements of a system;   * Knowledge about various state-of-the art methods in the research field, on analyzing security risks  and requirements of a system;
-   * Opportunity to participate and work on an international collaborative project ​remotely.  +   * Opportunity to participate and work in international collaborative project.  
-==== Research ​Question ​====+==== Research ​Questions ​====
  
-  * **RQ1**//​Are security requirements and risk methods effective when applied by someone different than their own inventor?//+  * **RQ1** //Are security requirements and risk methods effective when applied by someone different than their own inventor?//
  
   * **RQ2** //Why are the methods effective? Why they are not?//   * **RQ2** //Why are the methods effective? Why they are not?//
erise.1365179639.txt.gz · Last modified: 2021/01/29 10:58 (external edit)