Siv Hilde Houmb, SU-group, NTNU

Published byAsk Thorsen Modified over 6 years ago

Similar presentations

Presentation on theme: "Siv Hilde Houmb, SU-group, NTNU"— Presentation transcript:

1 Siv Hilde Houmb, SU-group, NTNU
Status PhD work 19. Nov. Siv Hilde Houmb, SU-group, NTNU

2 General info Name: Siv Hilde Houmb
Supervisors: Professor Tor Stålhane, Professor Maria Letizia Jaccheri, Per R. Hokstad Sintef Teknologiledelse, Sikkerhet og pålitelighet Year of Ph.D.: Second year Title of Ph.D.: ‘Quantifying security risks using "all" available data: A risk-based integrated system development and risk management approach’

3 Status More or less finished the credit part of the PhD work
Missing one presentation in IT-emner Will take a substitution course for one of the courses (stochastic processes and system theory) Done some work on the background part Published some papers Given a tutorial on Critical Systems Development using MBRA and UMLsec: Methods and Tools Working on two papers Process Algorithm

4 Last semester Guest stay at Sintef Tele and Data in Oslo under the supervision of Dr. Ketil Stølen Worked on refining and extending the CORAS MBRA methodology for quantification of risks (SOL) Locked into RA methods from the Safety and Security domain (HazOp, FMEA, FTA, Markov, Monte Carlo Simulation, Attack tree analysis, checklist – will lock into BBN and PN) Adapted these methods to security assessment Evaluate and then combining (taking the “best” and most suitable from each method) methods for description models for subjective expert judgment Working on an extension to UML for security assessment as a platform for communication which is crucial when combining data (same understanding)

5 Next semester Papers Integrated system development and risk management process for quantification of risks How to make use of all available data when quantifying risks Extension to UML for quantifying risk using subjective expert judgment – Security assessment Object Language (SOL) Integrated process for secure systems development and how we can use UMLsec to express and test non-functional requirements: co-operation with Jan Jurjens

6 Next semester cont. Results from AIBO-lego-project so fare
FIPA agent security Result from the Honepot-project: obtaining, analysing and using “objective” data when quantifying risks

7 Next semester: things to do
Refining and extending the process Work on how to best make use of all available data (objective and subjective) Objective data Continue working on establishing a honeynet in corporation with PDS at Økokrim (includes one Honeypot and one IDS at the moment) Investigate what on how required other objective data/information can be obtain (in corporation with SIS?)

8 Open issues Trials; how, when and how many? The stay abroad
Professor Dr. Eric Sharf, QMUL Professor Dr. Robert France, Colorado State University Professor Dr. Davis Basin, ETG

Download ppt "Siv Hilde Houmb, SU-group, NTNU"

Similar presentations

Similar presentations

INTERVAL Next Previous 13/02/2014 1 Timed extensions to SDL Analysis requirements –Assumptions on moments and duration Semantics with controllable time.

INTERVAL Next Previous 13/02/ Timed extensions to SDL Analysis requirements –Assumptions on moments and duration Semantics with controllable time.
Postgraduate Study & Research Methods COMM50 Planning the Dissertation.

Postgraduate Study & Research Methods COMM50 Planning the Dissertation.
Project Proposal.

Project Proposal.
5/14/2015 6:33:16 AM 5864_ER_WHITE.1 Simple use of UML for assisting in the creation of Common Criteria evaluation inputs Karen Sheh CSC Australia.

5/14/2015 6:33:16 AM 5864_ER_WHITE.1 Simple use of UML for assisting in the creation of Common Criteria evaluation inputs Karen Sheh CSC Australia.
Software Engineering 1 Evolutionary Processes Lesson 11.

Software Engineering 1 Evolutionary Processes Lesson 11.
Environmental Risk Management Teaching material and methods Yiannis Xenidis, Lecturer Department of Civil Engineering Faculty of Engineering, Aristotle.

Environmental Risk Management Teaching material and methods Yiannis Xenidis, Lecturer Department of Civil Engineering Faculty of Engineering, Aristotle.
CSE 300: Software Reliability Engineering Topics covered: Project overview.

CSE 300: Software Reliability Engineering Topics covered: Project overview.
May 2005 FDA Sprout Public Meeting 1 of 12 Risk Analyses: Using a risk-based approach to study sprout safety Don Schaffner, Ph.D. Professor and Extension.

May 2005 FDA Sprout Public Meeting 1 of 12 Risk Analyses: Using a risk-based approach to study sprout safety Don Schaffner, Ph.D. Professor and Extension.
Conclusions, planning and prospects Follow-up committee meeting 6 October, Leuven.

Conclusions, planning and prospects Follow-up committee meeting 6 October, Leuven.
CSC 402, Fall 20001 Requirements Analysis for Special Properties Systems Engineering (def?) –why? increasing complexity –ICBM’s (then TMI, Therac, Challenger...)

CSC 402, Fall Requirements Analysis for Special Properties Systems Engineering (def?) –why? increasing complexity –ICBM’s (then TMI, Therac, Challenger...)
Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO RISK IDENTIFICATION 2.

Title slide PIPELINE QRA SEMINAR. PIPELINE RISK ASSESSMENT INTRODUCTION TO RISK IDENTIFICATION 2.
BUS 190: QUANTITATIVE BUSINESS ANALYSIS Dr. Ron Davis

BUS 190: QUANTITATIVE BUSINESS ANALYSIS Dr. Ron Davis
Romaric GUILLERM Hamid DEMMOU LAAS-CNRS Nabil SADOU SUPELEC/IETR ESM'2009, October 26-28, 2009, Holiday Inn Leicester, Leicester, United Kingdom.

Romaric GUILLERM Hamid DEMMOU LAAS-CNRS Nabil SADOU SUPELEC/IETR ESM'2009, October 26-28, 2009, Holiday Inn Leicester, Leicester, United Kingdom.
1 DHS Bioterrorism Risk Assessment Background, Requirements, and Overview DHS Bioterrorism Risk Assessment Background, Requirements, and Overview Steve.

1 DHS Bioterrorism Risk Assessment Background, Requirements, and Overview DHS Bioterrorism Risk Assessment Background, Requirements, and Overview Steve.
Border Security Risk Model Murray E. Jennex, Ph.D., P.E., CISSP, CSSLP.

Border Security Risk Model Murray E. Jennex, Ph.D., P.E., CISSP, CSSLP.
Experiences in Undergraduate Studies in the University of Zaragoza LEFIS Undergraduate studies Oslo, 19 th -20 th May 2006.

Experiences in Undergraduate Studies in the University of Zaragoza LEFIS Undergraduate studies Oslo, 19 th -20 th May 2006.
WETA (Web Engineering, Technology and Applications) Group members: Dr. S. Manoharan.

WETA (Web Engineering, Technology and Applications) Group members: Dr. S. Manoharan.
Experiences using SPARK in an Undergraduate CS Course Dr. Anthony S. Ruocco Roger Williams University Attendance made possible through.

Experiences using SPARK in an Undergraduate CS Course Dr. Anthony S. Ruocco Roger Williams University Attendance made possible through.
1 Model based Risk Assessment for Dependable Critical Infrastructures Business and Information Technology Department Central Laboratory of the Research.

1 Model based Risk Assessment for Dependable Critical Infrastructures Business and Information Technology Department Central Laboratory of the Research.
Data Mining with Oracle using Classification and Clustering Algorithms Presented by Nhamo Mdzingwa Supervisor: John Ebden.

Data Mining with Oracle using Classification and Clustering Algorithms Presented by Nhamo Mdzingwa Supervisor: John Ebden.
Ads by Google