An Evaluation of a Test-driven Security Risk Analysis Method Based on an Industrial Case Study

GSTDTAP > 气候变化

	An Evaluation of a Test-driven Security Risk Analysis Method Based on an Industrial Case Study
	Erdogan, Gencer; Seehusen, Fredrik; Li, Yan
	2013
出版年	2013
语种	英语
国家	挪威
出版者	SINTEF
领域	气候变化
英文摘要	This report is an evaluation describing the experiences obtained from a case study, carried out in a period of eight months from June 2012 to January 2013, in which we conducted a test-driven security risk analysis. Test-driven security risk analysis is a method for carrying out security risk analysis in which security testing is used to support the security risk analysis. The method consists of three main phases. In Phase 1, a security risk analysis is carried out. In Phase 2, security testing is carried out with respect to the security risk analysis. In the 3rd and final phase, the results obtained from the security risk analysis are validated and updated with respect to the test results. Our objective with the case study was to assess how useful testing is for gaining confidence in the correctness of the risk models produced in the risk analysis. To make the evaluation precise, we analysed the difference between the risk model produced before testing and the updated risk model after testing. The results obtained from the case study shows that testing contributes in gaining higher confidence of the correctness of the risk models. Oppdragsgiver: Norwegian Research Council
URL	查看原文
来源平台	Center for International Climate and Environmental Research-Oslo (CICERO)
文献类型	科技报告
条目标识符	http://119.78.100.173/C666/handle/2XK7JSWQ/1801
专题	气候变化
推荐引用方式 GB/T 7714	Erdogan, Gencer,Seehusen, Fredrik,Li, Yan. An Evaluation of a Test-driven Security Risk Analysis Method Based on an Industrial Case Study:SINTEF,2013.