This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | |||
seceng-course-exp-2012 [2014/07/17 11:50] martina.degramatica@unitn.it [Additional Material] |
seceng-course-exp-2012 [2015/11/05 18:50] katsiaryna.labunets@unitn.it [An Experimental Comparison of Two Risk-Based Security Methods] |
||
---|---|---|---|
Line 3: | Line 3: | ||
An experiment by Katsyarina Labunets, Fabio Massacci, Federica Paci, Le Minh Sang Tran. | An experiment by Katsyarina Labunets, Fabio Massacci, Federica Paci, Le Minh Sang Tran. | ||
- | This page provides additional resources that enable replication of our work published at {{:research_activities:experiments:2013-seceng:labunets-esem-2013-accepted.pdf|ESEM 2013}}. | + | This page provides additional resources that enable replication of our work published at {{:research_activities:experiments:2013-seceng:labunets-esem-2013-accepted.pdf|ESEM 2013}}. See the [[validation_of_risk_and_security_requirements_methodologies|main page]] for our work on empirical validation of security risk assessment methods and other experiments. |
===== Goals ===== | ===== Goals ===== | ||
The goal of the experiment was to evaluate and compare two types of risk-driven methods, namely, visual methods (CORAS) and textual methods (SREP) with respect to their //effectiveness// in identifying threats and security requirements, and the //participants’ perception// of the two methods. | The goal of the experiment was to evaluate and compare two types of risk-driven methods, namely, visual methods (CORAS) and textual methods (SREP) with respect to their //effectiveness// in identifying threats and security requirements, and the //participants’ perception// of the two methods. |