This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
seceng-course-exp-2012 [2014/07/17 11:50] martina.degramatica@unitn.it [Additional Material] |
seceng-course-exp-2012 [2021/01/29 10:58] (current) |
||
---|---|---|---|
Line 3: | Line 3: | ||
An experiment by Katsyarina Labunets, Fabio Massacci, Federica Paci, Le Minh Sang Tran. | An experiment by Katsyarina Labunets, Fabio Massacci, Federica Paci, Le Minh Sang Tran. | ||
- | This page provides additional resources that enable replication of our work published at {{:research_activities:experiments:2013-seceng:labunets-esem-2013-accepted.pdf|ESEM 2013}}. | + | This page provides additional resources that enable replication of our work published at {{:research_activities:experiments:2013-seceng:labunets-esem-2013-accepted.pdf|ESEM 2013}}. See the [[validation_of_risk_and_security_requirements_methodologies|main page]] for our work on empirical validation of security risk assessment methods and other experiments. |
===== Goals ===== | ===== Goals ===== | ||
The goal of the experiment was to evaluate and compare two types of risk-driven methods, namely, visual methods (CORAS) and textual methods (SREP) with respect to their //effectiveness// in identifying threats and security requirements, and the //participants’ perception// of the two methods. | The goal of the experiment was to evaluate and compare two types of risk-driven methods, namely, visual methods (CORAS) and textual methods (SREP) with respect to their //effectiveness// in identifying threats and security requirements, and the //participants’ perception// of the two methods. |