This is an old revision of the document!
The goal of the experiment we want to conduct following the goal/question/metric (GQM) template was to compare visual and textual methods for security risk assessment methods with respect to how successful they are in identifying threats and security controls. The context of the experiment consists of security requirements engineers who identify a list of security requirements for an advanced metering infrastructure scenario from the Smart Grid domain.
During the experiment we distributed among participants two type of questionnaires:
For individual interview we used the following interview guide: guide.