2nd RISK Workshop at ISSRE 2014
2nd International Workshop on Risk Assessment and Risk-driven Testing (RISK) will be part of the ISSRE 2014 conference in Naples, Italy. The RISK workshop will be held on November 5th, starting 09:00 in the H – Normanna room.
The organization of the workshop is motivated by the continuous rise of software complexity with increased functionality and accessibility of software and electronic components which leads to an ever-growing demand for techniques to ensure software quality, dependability and security. The risks that software systems do not meet their intended level of quality can have severe impact on vendors, customers and even – when it comes to critical systems and infrastructures – our daily life. The precise understanding of risks, as well as the focused treatment of risks, has become one of the corner stones for critical decision within complex social and technical environments. Even nowadays software testing is based on risk-driven decisions
However, classical test approaches address risks rather implicitly than systematically. Systems, functions, or modules, which are known to be critical, are tested more intensively than others. The basis of such kind of test planning is often a very simple and unstructured risk assessment, which usually is performed during or in the preparation of the test process. However, we know that humans are great in planning technical environments and processes, but often fail when it comes to the intuitive estimation of related risk.
This workshop addresses systematic approaches that combine risk assessment and testing. We are interested in innovative techniques, tools and methods from industry or research, that cover systematic risk assessment, whether to obtain risk-optimized test configurations and specifications, to underpin risk analyzes by means of experimental data from test results, or to enable domain-specific solutions that address specific kinds of risk (e.g. safety risks, security risks, business risks, legal risks).
The RISK 2014 workshop will enjoy consistent contributions from our project, with 5 contributing papers that cover topics in risk modelling, analysis, assessment and testing:
Risk Management for Outsourcing to the Cloud
Johannes Viehmann, Fraunhofer FOKUS, Germany
CRSTIP – An Assessment Scheme for Security Assessment Processes
J. Grossmann, Fraunhofer FOKUS, Germany
A. Molnar, Info World, Romania
Structuring Compliance Risk Identification Using the CORAS Approach: Compliance as an Asset
S. Esayas, University of Oslo, Norway
Schematic Generation of English-prose Semantics for a Risk Analysis Language Based on UML Interactions
G. Erdogan, A. Refsdal, K. Stølen, SINTEF, Norway
How the UML Testing Profile Supports Risk-Based Testing
M. Wendland, A. Hoffmann, Fraunhofer FOKUS, Germany
A. Bagnato, E. Brosse, Softeam, France
M. Schacher, T. Yue, S. Ali, Z. R. Dai
Homepage of the RISK2014 workshop:
13 Oct 2014 / rasen_adm /