This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
erise [2013/11/10 22:53] fabio.massacci@unitn.it |
erise [2021/01/29 10:58] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
===== eRISE Challenge ==== | ===== eRISE Challenge ==== | ||
- | The eRISE (engineering RIsks and SEcurity Requirements) challenge is a series of empirical studies that aim to compare security engineering methods sponsored by [[http://www.nessos-project.eu|NESSoS]] European Project and [[http://www.eitictlabs.eu|EIT ICT Labs]]. Two editions of eRISE challenge has been held [[eRISE 2011]] and [[eRISE 2012]].The organization of the third edition [[eRISE 2013]] is currently ongoing. | + | The eRISE (engineering RIsks and SEcurity Requirements) challenge is a series of empirical studies that aim to compare security engineering methods sponsored by [[http://www.nessos-project.eu|NESSoS]] European Project and [[http://www.eitictlabs.eu|EIT ICT Labs]]. Three editions of eRISE challenge has been held [[eRISE 2011]], [[eRISE 2012]], and [[eRISE 2013]]. See the [[validation_of_risk_and_security_requirements_methodologies|main page]] for our work on empirical validation of security risk assessment methods and other experiments. |
The idea of eRISE challenge is to bring together researchers, young students and practitioners to understand if security methods are effective and what features determine their effectiveness. | The idea of eRISE challenge is to bring together researchers, young students and practitioners to understand if security methods are effective and what features determine their effectiveness. | ||
Line 18: | Line 18: | ||
==== Research Questions ==== | ==== Research Questions ==== | ||
- | * **RQ1**//Are security requirements and risk methods effective when applied by someone different than their own inventor?// | + | * **RQ1** //Are security requirements and risk methods effective when applied by someone different than their own inventor?// |
* **RQ2** //Why are the methods effective? Why they are not?// | * **RQ2** //Why are the methods effective? Why they are not?// |