User Tools
experiment_description
Differences
This shows you the differences between two versions of the page.
|
experiment_description [2014/01/08 21:15] federica.paci@unitn.it [Experimental Design] |
experiment_description [2021/01/29 10:58] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | |||
| - | ====== An experiment on the effect of using a catalog of security requirements on elicitation effectiveness ====== | ||
| - | |||
| - | ==== Research Questions and Hypotheses Formulation ==== | ||
| - | |||
| - | The main research questions of the experiment are the following: | ||
| - | | ||
| - | |||
| - | * **RQ1**: //Does the use of a catalog of security requirements lead to identify more security requirements?// | ||
| - | |||
| - | * **RQ2** //Is participants' perception of using a catalog of security requirements in | ||
| - | security requirements elicitation better than not using it?// | ||
| - | |||
| - | |||
| - | RQ1 concerns the //effectiveness// of | ||
| - | security requirements elicitation. To | ||
| - | answer the research question we will measure //effectiveness// by | ||
| - | counting the number of security requirements identified | ||
| - | by the participants. | ||
| - | The data analysis for RQ1 will be done using the Mann-Whitney test. | ||
| - | Only security requirements specific for the scenario analyzed | ||
| - | by the participants will be considered for statistical analysis. | ||
| - | |||
| - | |||
| - | RQ2 is related to the participants' //perception// of using | ||
| - | the catalog of security requirements in eliciting security requirements. | ||
| - | Participants' perception will be measured through a post-task questionnaire | ||
| - | inspired to the Technology Acceptance Model (TAM). | ||
| - | The data analysis for RQ2 will be done using the Mann-Whitney test. | ||
| - | |||
| - | The null hypotheses coming from the research questions are the following: | ||
| - | |||
| - | H1_0 //There will be no difference in the number of security requirements found with a catalog of security requirements and the one found without//. | ||
| - | |||
| - | H2_0 //There will be no difference in the participants' perception of eliciting | ||
| - | security requirement with a catalog of security requirements and without.// | ||
| - | |||
| - | |||
| - | ==== Experimental Design ==== | ||
| - | |||
| - | Participants to our experiment should have a background in | ||
| - | security and at least two years experience in security | ||
| - | requirements elicitation. A between-subject design will be used where | ||
| - | the participants will be randomly | ||
| - | assigned to two groups denoted as G1 and G2. | ||
| - | The participants in G1 will identify security requirements | ||
| - | for an advanced metering infrastructure scenario with the use | ||
| - | of catalog of security requirements. The participants | ||
| - | in G2 will have to identify security | ||
| - | requirements for the same scenario but without | ||
| - | the support of the catalog. The scenario focuses on a private household | ||
| - | where a smart meter is installed which records consumption of electric energy and | ||
| - | communicates this information daily back to the utility for monitoring and | ||
| - | billing purposes. | ||
| - | ==== Experimental Procedure ==== | ||
experiment_description.txt ยท Last modified: 2021/01/29 10:58 (external edit)
Page Tools
