
Recent Posts
-
Three innovations from the RASEN Project
After two years of work on the RASEN project we outline the three most important achievements of our project. The scope of this article is to briefly introduce them and to provide information regarding related materials that are available on our website.
- RASEN tool-based methodology for risk based security testing and legal compliance
The first RASEN innovation covers all areas addressed by the project. Existing tools, such as Software AG’s ARIS and the CORAS risk assessment tool are extended with new functionalities; furthermore, new tools such as RACOMAT are currently in development to provide tools support across all areas addressed by the project.
More information is available on our website:
Latest version of the CORAS tool
The RACOMAT tool, including an early demo video
The RASEN tool-supported method for risk-based security testing and compliance assessment
The CORAL language: Why is it designed the way it is
- The RACOMAT tool for component-based risk-based testing
The RACOMAT tool combines risk assessment and automated security testing in both ways: Test-Based Risk Assessment, which tries to improve risk assessment with the results of security tests and Risk-Based Security Testing, which tries to optimize security testing with results of risk assessment. The most important features of RACOMAT are:
- Component based, low level system analysis and risk assessment
- Security testing is a part of the risk analysis
- Updates the risk picture based upon the test results semi automatically
- Create, edit and share reusable artefacts
- Intuitive graphic user interface
More information is available on our website:
- Smartesting CertifyIt extension for security testing
The extension to Smartesting’s CertifyIt tool that is in development as part of the RASEN project allows automatic generation of test cases by composing behavioural models and executable test patterns, that result in a suite of abstract security test cases. These are then transformed into concrete JUnit tests using an adaptation layer.
More information is available on our website:
Efficient Detection of Multi-Step Cross-Site Scripting Vulnerabilities
Model-Based Security Testing with Test Patterns
14 Jan 2015 / rasen_adm / Comments Off
Categories: News
CORAS Tool v1.4 Released RASEN General Assembly in Oslo