User Tools

Site Tools


unitn-comprehensibility-exp-2015

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

unitn-comprehensibility-exp-2015 [2016/02/29 12:40]
katsiaryna.labunets@unitn.it [Supplement Materials]
unitn-comprehensibility-exp-2015 [2017/02/28 13:33] (current)
katsiaryna.labunets@unitn.it
Line 1: Line 1:
 +====== Risk Models Comprehension: An Empirical Comparison of Tabular vs. Graphical Representations ======
  
 +This page provides additional resources that enable replication of our work published in Empirical Software Engineering journal and available at [[https://ssrn.com/abstract=2906745|SSRN]]. See the [[validation_of_risk_and_security_requirements_methodologies|main page]] for our work on empirical validation of security risk assessment methods and other experiments.
  
-====== Risk Models Comprehension: An Empirical Comparison of Tabular vsGraphical Representations ======+==== Goal ==== 
 +The goal of the experiment is to compare the effectiveness of tabular and graphical approaches for risk modeling in extracting information about security risks from the modelsAdditionally, we wanted to investigate if the complexity of comprehension task affects participation’ comprehension of risk models. 
 + 
 +===== Context of the Experiment ===== 
 + 
 +==== Subjects ==== 
 +We have conducted two studies. The first study in 2014 included three experiments in Italy and Brazil. The first experiment was conducted at the University of Trento as part of the Security Engineering course and involved 35 MSc students in Computer Science. The two replicated experiment were executed at the PUCRS University in Porto Alegre (Brazil) and involved correspondingly 13 MSc students enrolled in the Computer Science program and 27 BSc students attending the Information Systems course taught at the Computer Science department. 
 + 
 +The second study in 2015 consisted of two experiments with students and practitioners in Italy. The first experiment was conducted in Cosenza at Poste Italiane cyber-security lab (a large corporation) in September 2015. The participants were 52 MSc/MEng graduates attending a professional master course in Cybersecurity. The second experiment at the University of Trento in October 2015 as part of the Security Engineering course and involved 51 MSc students in Computer Science. 
 + 
 +==== Application Scenarios ==== 
 +As application scenarios we had one proposed by IBM about the Healthcare Collaborative Network (HCN) and Online Banking scenario developed by Poste Italiane, describing online banking services provided by Poste Italiane’s division through
  
-The goal of the experiment is to investigate which type of risk model is more comprehensible. See the [[validation_of_risk_and_security_requirements_methodologies|main page]] for our work on empirical validation of security risk assessment methods and other experiments. 
 ==== Supplement Materials ==== ==== Supplement Materials ====
 Here are the materials that we distributed among participants depending on the treatment to which they were assigned: Here are the materials that we distributed among participants depending on the treatment to which they were assigned:
unitn-comprehensibility-exp-2015.txt · Last modified: 2017/02/28 13:33 by katsiaryna.labunets@unitn.it