RASEN

Compositional Risk Assessment and Security Testing of Networked Systems

Coordinatore	STIFTELSEN SINTEF    more  Organization address address: P.O.Box 124 Blindern 4 city: Oslo postcode: 314 contact info Titolo: Dr. Nome: Fredrik Cognome: Seehusen Email: send email Telefono: +47 988 22 160
Nazionalità Coordinatore	Norway [NO]
Totale costo	4˙515˙254 €
EC contributo	3˙069˙335 €
Programma	FP7-ICT Specific Programme "Cooperation": Information and communication technologies
Code Call	FP7-ICT-2011-8
Funding Scheme	CP
Anno di inizio	2012
Periodo (anno-mese-giorno)	2012-10-01   -   2015-09-30

 Partecipanti

#	participant	country	role	EC contrib. [€]
1	STIFTELSEN SINTEF  Organization address address: P.O.Box 124 Blindern 4 city: Oslo postcode: 314 contact info Titolo: Dr. Nome: Fredrik Cognome: Seehusen Email: send email Telefono: +47 988 22 160	NO (Oslo)	coordinator	0.00
2	EVRY AS  Organization address address: NEDRE SKOYEN VEI city: OSLO postcode: 214 contact info Titolo: Mr. Nome: Erlend Cognome: Eilertsen Email: send email Telefono: +47 90763024	NO (OSLO)	participant	0.00
3	FRAUNHOFER-GESELLSCHAFT ZUR FOERDERUNG DER ANGEWANDTEN FORSCHUNG E.V  Organization address address: Hansastrasse city: MUNCHEN postcode: 80686 contact info Titolo: Mr. Nome: Tobias Cognome: Rechmann Email: send email Telefono: +49 2241 14 2565 Fax: +49 2241 14 2386	DE (MUNCHEN)	participant	0.00
4	INFO WORLD SRL  Organization address address: STRADA INTRAREA GLUCOZEI city: BUCURESTI SECTOR 2 postcode: 23828 contact info Titolo: Mr. Nome: Cristian Cognome: Taslitchi Email: send email Telefono: 40742109417 Fax: 40212430578	RO (BUCURESTI SECTOR 2)	participant	0.00
5	SMARTESTING  Organization address address: RUE ALAIN SAVARY city: BESANCON postcode: 25000 contact info Titolo: Dr. Nome: Bruno Cognome: Legeard Email: send email Telefono: 33381255363	FR (BESANCON)	participant	0.00
6	SOFTWARE AG  Organization address address: UHLANDSTRASSE city: DARMSTADT postcode: 64297 contact info Titolo: Dr. Nome: Harald Cognome: Schoening Email: send email Telefono: +49 6151 92 1085 Fax: +49 6151 92 341085	DE (DARMSTADT)	participant	0.00
7	UNIVERSITETET I OSLO  Organization address address: Problemveien city: OSLO postcode: 316 contact info Titolo: Ms. Nome: Eli Cognome: Knotten Email: send email Telefono: +47 22859763 Fax: +47 22856999	NO (OSLO)	participant	0.00

Mappa

 Word cloud

Esplora la "nuvola delle parole (Word Cloud) per avere un'idea di massima del progetto.

 Obiettivo del progetto (Objective)

The European society increasingly depends on ICT systems, in particular ICT systems within critical infrastructures such as telecommunication services, public health services, banking services and power supply. At the same time such systems become increasingly heterogeneous and complex, both with respect to their underlying technology and infrastructure and with respect to their social, economic and legal context. Furthermore, heterogeneous networked service and computing environments cross organisational and geographical borders, posing security challenges that need to be addressed from a broad perspective. For organisations, enterprises and service providers to continuously ensure a sufficient level of protection of complex networked systems, a thorough understanding of security risks is required. However, the nature of such systems makes security assessment very challenging. First, assessing the security of such large, complex networked systems in their entirety is infeasible. Second, security assessment is usually performed either at a high-level (e.g. by risk assessment) or at a technical low-level (e.g. by security testing) with few methods to combine the levels and make use of them complementary. The RASEN project addresses these challenges by, on the one hand, developing support for systematic composition of security assessment results, allowing global security assessments to be derived from assessments of smaller parts of the system. On the other hand, RASEN will develop support for systematically combining high-level security risk assessment with low-level security testing, such that risk assessment can be used to derive security test cases and security test results can be used to verify or updating the risk assessment.nnThe expected result of RASEN is an approach to security assessment that consists of methods and techniques to support the following. Compositional security assessment: How the security assessment can be broken down into smaller parts and systematically composed to obtain the global assessment. Risk-based security testing: How to derivative security test cases from security risk assessment results. Test-based security risk assessment: How to verify and update of the security risk assessment based on security test results. Legal security risk assessment: How to assess and understand compliance with legal norms related to information security. Continuous security assessment: How reuse results from previous security assessments and to rapidly update the security risk assessment based on passive testing (also called monitoring). Additionally, RASEN will deliver a toolbox that integrates the RASEN tool portfolio consisting of a security risk assessment tool and a security testing tool, as well as tools to make transformations between the two. All the results will be evaluated and validated in relevant use cases derived from the domains of healthcare, finance and the IT industry.