Twitter LinkedIn

Compositional Risk Assessment

and Security Testing of Networked Systems

  • Innovations
  • CRSTIP
  • Consortium
  • Events
  • Publications
  • Deliverables
  • Contact
 
Menu
  • Innovations
  • CRSTIP
  • Consortium
  • Events
  • Publications
  • Deliverables
  • Contact
 
 
 
 
 
Seventh Framework Programme

Recent Posts

  • ETSI Guide EG203251 Available
  • Year 3 Project Deliverables now Available
  • Security Testing and Risk Assessment for Large-Scale Networked Systems using ARIS
  • A RASEN Innovation for Security Pattern and Model-Based Vulnerability Testing
  • Artefacts supporting risk based security testing

PAGES

  • Innovations
  • CRSTIP
  • Consortium
  • Events
  • Publications
  • Deliverables
  • Contact
  • 2nd RISK Workshop at ISSRE 2014

    2nd International Workshop on Risk Assessment and Risk-driven Testing (RISK) will be part of the ISSRE 2014 conference in Naples, Italy. The RISK workshop will be held on November 5th, starting 09:00 in the H – Normanna room.

    Workshop Motivation

    The organization of the workshop is motivated by the continuous rise of software complexity with increased functionality and accessibility of software and electronic components which leads to an ever-growing demand for techniques to ensure software quality, dependability and security. The risks that software systems do not meet their intended level of quality can have severe impact on vendors, customers and even – when it comes to critical systems and infrastructures – our daily life. The precise understanding of risks, as well as the focused treatment of risks, has become one of the corner stones for critical decision within complex social and technical environments. Even nowadays software testing is based on risk-driven decisions

    However, classical test approaches address risks rather implicitly than systematically. Systems, functions, or modules, which are known to be critical, are tested more intensively than others. The basis of such kind of test planning is often a very simple and unstructured risk assessment, which usually is performed during or in the preparation of the test process. However, we know that humans are great in planning technical environments and processes, but often fail when it comes to the intuitive estimation of related risk.

    This workshop addresses systematic approaches that combine risk assessment and testing. We are interested in innovative techniques, tools and methods from industry or research, that cover systematic risk assessment, whether to obtain risk-optimized test configurations and specifications, to underpin risk analyzes by means of experimental data from test results, or to enable domain-specific solutions that address specific kinds of risk (e.g. safety risks, security risks, business risks, legal risks).

    RASEN-related presentations

    The RISK 2014 workshop will enjoy consistent contributions from our project, with 5 contributing papers that cover topics in risk modelling, analysis, assessment and testing:

    Risk Management for Outsourcing to the Cloud

    Johannes Viehmann, Fraunhofer FOKUS, Germany


    CRSTIP – An Assessment Scheme for Security Assessment Processes

    J. Grossmann, Fraunhofer FOKUS, Germany
    A. Molnar, Info World, Romania


    Structuring Compliance Risk Identification Using the CORAS Approach: Compliance as an Asset

    S. Esayas, University of Oslo, Norway


    Schematic Generation of English-prose Semantics for a Risk Analysis Language Based on UML Interactions

    G. Erdogan, A. Refsdal, K. Stølen, SINTEF, Norway


    How the UML Testing Profile Supports Risk-Based Testing

    M. Wendland, A. Hoffmann, Fraunhofer FOKUS, Germany
    A. Bagnato, E. Brosse, Softeam, France
    M. Schacher, T. Yue, S. Ali, Z. R. Dai


    Homepage of the RISK2014 workshop:
    http://www.fokus.fraunhofer.de/en/fokus_events/sqc/risk_2014/index.html

    13 Oct 2014 / rasen_adm / Comments Off

    Categories: News

    General Assembly in Trondheim, Norway The RACOMAT Tool

 

Recent Posts

  • ETSI Guide EG203251 Available
  • Year 3 Project Deliverables now Available
  • Security Testing and Risk Assessment for Large-Scale Networked Systems using ARIS
  • A RASEN Innovation for Security Pattern and Model-Based Vulnerability Testing
  • Artefacts supporting risk based security testing
  • Artefacts supporting planned security testing
  • Security testing – Continuous risk-based testing
  • Risk assessment – Real time assessment
  • Risk assessment – Check list assessment
  • Legal and compliance assessment – Systematic compliance assessment

Tag Cloud

Pages

  • Consortium
  • Contact
  • CRSTIP Web Tool
  • Deliverables
  • Detailed information regarding RASEN support for the key areas and levels below is available by selecting them. Supported areas have a blue background
  • Events
  • Home
  • Innovations
  • Publications
  • Statistics

Categories

  • crstipv2
    • Legal and compliance assessment
      • Ad-hoc compliance assessment
      • Check list based compliance assessment
      • Systematic and risk driven
      • Systematic compliance assessment
    • Risk assessment
      • Checklist assessment
      • Qualitative Assessment
      • Quantitative assessment
      • Real time assessment
    • Security testing
      • Continuous risk-based testing
      • Planned testing
      • Risk based testing
      • Unstructured testing
    • Tool support
      • Integrated
      • None
      • Partially Integrated
      • Stand Alone
  • News

Copyright © 2013 RASENTheme created by PWT. Powered by WordPress.org