-
ETSI Guide EG203251 Available
The European Telecommunications Standards Institute published the ETSI Guide EG203251 Methods for Testing & Specification; Risk-based Security Assessment and Testing Methodologies. The guide provides a perspective on test-based risk assessment as well as risk-based security testing and includes major contributions from the RASEN project. Furthermore, Guide EG203251 details the management of complexity in complex systems as well as providing a conceptual […]
January 13, 2016 / rasen_adm / Comments Off
Read More » -
Year 3 Project Deliverables now Available
The final deliverable of the RASEN project are now available for download from our project website at http://www.rasenproject.eu/deliverables/. They include the following documents: D2.3.2 – Use Case Evaluation (v2) – details the results of the final evaluation of RASEN scientific and technical results, undertaken by the project’s use case provider organizations. D3.2.3 – Techniques for Compositional […]
January 8, 2016 / rasen_adm / Comments Off
Read More » -
Security Testing and Risk Assessment for Large-Scale Networked Systems using ARIS
Current existing and conventional tools fail to support industrial needs adequately. Although requirements are very diverse there is a common set of industry generic requirements applicable to a large number of industrial software developing companies. The RASEN project is addressing those, striving to deliver a new methodology and a supportive software environment. The following video […]
November 24, 2015 / rasen_adm / Comments Off
Read More » -
A RASEN Innovation for Security Pattern and Model-Based Vulnerability Testing
The following video illustrates the PMVT innovation for security pattern and model-based vulnerability testing. More information regarding RASEN innovations is available here.
November 22, 2015 / rasen_adm / Comments Off
Read More » -
Artefacts supporting risk based security testing
Security testing is used to experimentally check software implementations with respect to their security properties and their resistance to attacks. For security testing we can distinguish functional security testing and security vulnerability testing. Functional security testing checks if the software security functions are implemented correctly and consistent with the security functional requirements. It is used […]
November 20, 2015 / rasen_adm / Comments Off
Read More » -
Artefacts supporting planned security testing
Security testing is used to experimentally check software implementations with respect to their security properties and their resistance to attacks. For security testing we can distinguish functional security testing and security vulnerability testing. Functional security testing checks if the software security functions are implemented correctly and consistent with the security functional requirements. It is used […]
November 20, 2015 / rasen_adm / Comments Off
Read More » -
Security testing – Continuous risk-based testing
Security testing is used to experimentally check software implementations with respect to their security properties and their resistance to attacks. For security testing we can distinguish functional security testing and security vulnerability testing. Functional security testing checks if the software security functions are implemented correctly and consistent with the security functional requirements. It is used […]
November 20, 2015 / rasen_adm / Comments Off
Read More » -
Risk assessment – Real time assessment
Risk assessment is the overall process of risk identification, risk estimation and risk evaluation. Risk identification is the process of finding, recognizing and describing risks. This involves identifying sources of risk, areas of impacts, events (including changes in circumstances), their causes and their potential consequences. Risk identification can involve historical data, theoretical analysis, informed and […]
November 20, 2015 / rasen_adm / Comments Off
Read More » -
Risk assessment – Check list assessment
Risk assessment is the overall process of risk identification, risk estimation and risk evaluation. Risk identification is the process of finding, recognizing and describing risks. This involves identifying sources of risk, areas of impacts, events (including changes in circumstances), their causes and their potential consequences. Risk identification can involve historical data, theoretical analysis, informed and […]
November 20, 2015 / rasen_adm / Comments Off
Read More » -
Legal and compliance assessment – Systematic compliance assessment
Legal and compliance assessment refers to the overall process employed with the objective of adhering to the requirements of laws, industry and organizational standards and codes, principles of good governance and accepted community and ethical standards. The overall process should support, to the extent possible, the documentation of compliance. A systematic compliance assessment follows a […]
November 20, 2015 / rasen_adm / Comments Off
Read More »