This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
seceng-course-exp-2012 [2014/07/16 14:49] martina.degramatica@unitn.it [Results] |
seceng-course-exp-2012 [2021/01/29 10:58] (current) |
||
---|---|---|---|
Line 3: | Line 3: | ||
An experiment by Katsyarina Labunets, Fabio Massacci, Federica Paci, Le Minh Sang Tran. | An experiment by Katsyarina Labunets, Fabio Massacci, Federica Paci, Le Minh Sang Tran. | ||
- | This page provides additional resources that enable replication of our work published at {{:research_activities:experiments:2013-seceng:labunets-esem-2013-accepted.pdf|ESEM 2013}}. | + | This page provides additional resources that enable replication of our work published at {{:research_activities:experiments:2013-seceng:labunets-esem-2013-accepted.pdf|ESEM 2013}}. See the [[validation_of_risk_and_security_requirements_methodologies|main page]] for our work on empirical validation of security risk assessment methods and other experiments. |
===== Goals ===== | ===== Goals ===== | ||
The goal of the experiment was to evaluate and compare two types of risk-driven methods, namely, visual methods (CORAS) and textual methods (SREP) with respect to their //effectiveness// in identifying threats and security requirements, and the //participants’ perception// of the two methods. | The goal of the experiment was to evaluate and compare two types of risk-driven methods, namely, visual methods (CORAS) and textual methods (SREP) with respect to their //effectiveness// in identifying threats and security requirements, and the //participants’ perception// of the two methods. | ||
Line 44: | Line 44: | ||
* For privacy reasons, at the beginning of the experiment a {{:research_activities:experiments:2013-seceng:consent-form-security-engineering.docx|Consent Form}} was administered to participants. | * For privacy reasons, at the beginning of the experiment a {{:research_activities:experiments:2013-seceng:consent-form-security-engineering.docx|Consent Form}} was administered to participants. | ||
* Participants' results have been assessed by methods and domain experts (see {{:research_activities:experiments:2013-seceng:evaluation_sheet.xlsx|Evaluation Score Sheet}}). | * Participants' results have been assessed by methods and domain experts (see {{:research_activities:experiments:2013-seceng:evaluation_sheet.xlsx|Evaluation Score Sheet}}). | ||
+ | * | ||
+ | |||
+ | |||
+ | **Data collected during the experiment are available upon request.** | ||
| |