User Tools

Site Tools


sid-2015-tutorial

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
sid-2015-tutorial [2015/09/17 17:10]
fabio.massacci@unitn.it [EMFASE Security Risk Assessment Tutorial and Exercise]
sid-2015-tutorial [2021/01/29 10:58] (current)
Line 10: Line 10:
    
 The empirical framework will include an integrated process and detailed guidelines for how to select the risk assessment method best suited for a particular situation, e.g., concept under assessment and its maturity level, involved stakeholders,​ time and budget constraints,​ level of expertise of the Risk Assessment facilitator,​ etc. The empirical framework will include an integrated process and detailed guidelines for how to select the risk assessment method best suited for a particular situation, e.g., concept under assessment and its maturity level, involved stakeholders,​ time and budget constraints,​ level of expertise of the Risk Assessment facilitator,​ etc.
-In order to develop the empirical evaluation framework and draw the guidelines, EMFASE classifies, evaluates and compares different Risk Assessment methods in terms of performance,​ measurable security impact, usability, and economy.  ​Different ​Risk Assessment ​methods will be applied ​on different application scenarios+In order to develop the empirical evaluation framework and draw the guidelines, EMFASE classifies, evaluates and compares different Risk Assessment methods in terms of performance,​ measurable security impact, usability, and economy.  ​ 
 + 
 +Read some of our past studies 
 +  * Our framework for Security ​Risk Assessment ​Methods in the ATM domain. Published at SESAR Innovation Days 2014. {{http://​www.sesarinnovationdays.eu/​sites/​default/​files/​media/​SIDs/​SID%202014-40.pdf|Paper}} and {{http://​www.sesarinnovationdays.eu/​sites/​default/​files/​SID%202014-40%20slides.pdf|Slides}} 
 +  * An experiment ​on the effectiveness of Security Catalogues for ATM practitioners. Published at REFSQ 2015. {{:​research_activities:​experiments:​2014-rome-deepblue:​gramatica-etal-refsq2015.pdf|Paper}} and {{:​research_activities:​experiments:​2014-rome-deepblue:​mass-2015-refsq.pdf|Slides}} 
 +  * An experiment on the effectiveness of Security Catalogues for Novices. Published at EmpiRE 2015. {{:​research_activities:​experiments:​2014-winter-school:​labunets-etal-empire-re15-preprint.pdf|Paper}} and {{:​research_activities:​experiments:​2014-winter-school:​labunets-empire2015-slides.PDF|Slides}} 
 +  * An experiment on the effectiveness of Security Risk Assessment Methods. Published at EmpiRE 2014. {{:​research_activities:​experiments:​labunets-etal-empire-re14-preprint.pdf|Paper}} and {{:​research_activities:​experiments:​2014-seceng:​paci-2014-empire.pdf|Slides}}
  
 ===== Focus of the tutorial ===== ===== Focus of the tutorial =====
sid-2015-tutorial.1442509814.txt.gz · Last modified: 2021/01/29 10:58 (external edit)