DISI Security Research Group Wiki

User Tools

Site Tools

Trace:
erise

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
erise [2013/04/05 18:36] – [Engineering of Risk and Security Requirement Challenge] federica.paci@unitn.iterise [2021/01/29 10:58] (current) – external edit 127.0.0.1
Line 1: Line 1:
-===== Engineering of Risk and Security Requirement Challenge ====+===== eRISE Challenge ====
  
-The eRISE challenge is a series of empirical studies that aim to compare security engineering methods sponsored by [[http://www.nessos-project.eu|NESSoS]] European Project and [[http://www.eitictlabs.eu|EIT ICT Labs]]. Two editions of eRISE challenge has been held [[eRISE 2011]] and [[eRISE 2012]].The organization of the third edition [[eRISE 2013]] is currently ongoing.+The eRISE (engineering RIsks and SEcurity Requirements) challenge is a series of empirical studies that aim to compare security engineering methods sponsored by [[http://www.nessos-project.eu|NESSoS]] European Project and [[http://www.eitictlabs.eu|EIT ICT Labs]]. Three editions of eRISE challenge has been held [[eRISE 2011]][[eRISE 2012]], and [[eRISE 2013]]. See the [[validation_of_risk_and_security_requirements_methodologies|main page]] for our work on empirical validation of security risk assessment methods and other experiments.
  
 The idea of eRISE challenge is to bring together researchers, young students and practitioners to understand if security methods are effective and what features determine their effectiveness. The idea of eRISE challenge is to bring together researchers, young students and practitioners to understand if security methods are effective and what features determine their effectiveness.
  
-With eRISE we want to be able to tell whether //it is not a method to find security recommendations..it helps us to represent the model but does not help in finding solution// or //it helps to find out specific security requirement//.  +With eRISE we want to be able to tell whether "//it is not a method to find security recommendations..//", or at least "//it helps us to represent the model but does not help in finding solution//", or hopefully "//it helps to find out specific security requirement//." (quoting some of the participants of our experiments).  
  
 **eRISE provides  method designer with**:   **eRISE provides  method designer with**:  
Line 18: Line 18:
 ==== Research Questions ==== ==== Research Questions ====
  
-  * **RQ1**//Are security requirements and risk methods effective when applied by someone different than their own inventor?//+  * **RQ1** //Are security requirements and risk methods effective when applied by someone different than their own inventor?//
  
   * **RQ2** //Why are the methods effective? Why they are not?//   * **RQ2** //Why are the methods effective? Why they are not?//
erise.1365179789.txt.gz · Last modified: (external edit)
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki