Norsk English

Secure IoT Software

We do research in Software Engineering, with a particular focus on tools and methodologies for software development and operation of heterogeneous and autonomous, yet secure and privacy-aware systems spanning across the Cloud, the Edge, and the IoT.

Information and security technologies (ICT) have over several decades brought significant benefits to enterprises, individuals, and society as a whole. ICT and information infrastructures have become a cornerstone for a broad range of services that today we take for granted; people and organizations have access to more and better services than ever before within most areas of society, including banking and finance, communication, entertainment, health, power supply, social interactions, transportation and social participation. As a result, our daily lives, fundamental rights, economies and social security depend on ICT working seamlessly.

This is all the more exacerbated with the advent of the Internet-of-Things where ICT can now act on the physical world (by 2020, Gartner envisions that 21 billion Internet-of-Things endpoints will be in use). In this context, it is critical to facilitate the creation and operation of ICT systems where aspects related to trustworthiness (including security and privacy concerns, resilience and robustness) are challenging and of paramount importance. Our research group develops methods, modelling techniques and tools to aid stakeholders in developing, managing, as well as assessing and maintaining security and quality of IoT-based systems. Our two books Cyber-Risk Management and Model-Driven Risk Analysis, as well as our modeling language for embedded and distributed systems (ThingML) present major contributions in this respect.

 

  • Mass Soldal Lund, Bjørnar Solhaug and Ketil Stølen: Model-Driven Risk Analysis - The CORAS Approach (Springer, 2011). The book can be ordered from Springer in printed version or electronically. See also the product flyer. The CORAS Approach includes a method, a modeling language and an open source tool. You may read the guided tour of the CORAS method for a quick introduction.
  • ThingML is a modeling language for embedded and distributed systems. The ThingML toolset includes text editors to create and edit ThingML models, a set of transformations to create diagrams from ThingML models and a set of code generators to compile ThingML to C, Java and JavaScript.
  • Atle Refsdal, Bjørnar Solhaug and Ketil Stølen: Cyber-Risk Management (Springer, 2015). The book can be ordered from Springer in printed version or electronically. See also the product flyer.
  • The PREDIQT method resulting from the PhD thesis of Aida Omerovic.

Research Areas

We do research in Software Engineering, with a particular focus on the security and privacy aspects within the Internet of Things. We theorize, develop and apply methods and tools addressing these aspects, contributing together with our partners to a safer and better digital society. Our main research interests are as follows:

  • Software Engineering
  • Cybersecurity
  • Software for Self-Adaptive Systems
  • Model-Driven Engineering
  • Smart IoT Software
  • Edge Computing
  • Privacy
  • Security Risk Management

Gemini IoT Centre

The Gemini IoT Centre links and harmonizes, with the best possible synergy effect, the activities within IoT at SINTEF, UiO and NTNU.

Seminars

We have since more than ten years organized a series of public seminars where research results and new technologies are presented and discussed. The seminars are held in Norwegian and attract people from industry, public sector and academia.

  • The next seminar will be announced soon.

  • Complete list of seminars (in Norwegian)

Projects

Our projects are conducted in close collaboration with industry partners, academia and research institutes both nationally and internationally. Ongoing and completed projects are alphabetically listed below.

Ongoing Projects

  • ASAM - Message Services for Cooperative Intelligent Transport Systems (C-ITS) (Research Council of Norway project, 2019-2021)
  • AutoActive - Tools and Methods for Autonomous Analysis of Human Activities from Wearable Device Sensor Data (Research Council of Norway project, 2017-2021)
  • CINELDI - Centre for Intelligent Electricity Distribution (Research Council of Norway project, 2016-2024)
  • Cirrus - Custom Code for Multi-tenant Cloud Computing (Research Council of Norway project, 2016-2020)
  • CyberSec4Europe - Cybersecurity Competence Network (EU project, 2019-2022)
  • CYBERWISER - Civil Cyber Range Platform for a Novel Approach to Cybersecurity Threats Simulation and Professional Training (EU project, 2018-2021)
  • ENACT - Development, Operation, and Quality Assurance of Trustworthy Smart IoT Systems (EU project, 2018-2020)
  • FLEET - Fleet-Oriented Intelligent Operation of Large Scale Edge System (Research Council of Norway project, 2020-2024)
  • Productive 4.0 - Electronics and ICT as enabler for digital industry and optimized supply chain management covering the entire product lifecycle (EU project, 2017-2020)
  • SecureGrid - Cybersecurity Roadmap for the Future Digitalized Grid (Industry Project, 2019-2020)

Completed Projects

  • AGRA - Aggregated risk assessment and management (Research Council of Norway project, 2014-2018)
  • COBRA - Component-based security assessment (Research Council of Norway project, 2002)
  • COMA - Component-oriented model-based security analysis (Research Council of Norway project, 2004-2007)
  • CONCERTO - Guaranteed Component Assembly with Round Trip Analysis for Energy Efficient High-integrity Multi-core Systems (ARTEMIS/Research Council of Norway project, 2013-2016)
  • CORAS - A tool-supported methodology for model-based risk analysis of security critical systems (EU project, 2001-2003)
  • DIAMONDS - Effort-dependent technologies for multi-domain risk-based security testing (Research Council of Norway project, 2010-2014)
  • DIGIT - Digital interoperability with trust (Research Council of Norway project, 2007-2010)
  • DIVERSIFY - Ecology-Inspired Software Diversification (EU project, 2013-2016)
  • DiversIoT - Diversification for Resilient and Trustworthy IoT-systems (Research Council of Norway project, 2016-2018)
  • DRA - Dynamic Risk Assistant (Research Council of Norway project, 2012-2014)
  • EMERGENCY - Mobile decision support in emergency situations (Research Council of Norway project, 2008-2012)
  • EMFASE - Empirical Framework for Security Design and Economic Trade-Off (SESAR WP-E project, 2013-2016)
  • ENFORCE - Tool supported methodology for the formalization, analysis and enforcement of policies within trust management (Research Council of Norway project, 2005-2009)
  • FRISK - Framework for Risk Management of Welfare Services (SINTEF ICT project, 2012)
  • HEADS - Heterogeneous and Distributed Systems (EU project, 2013-2016)
  • InSecurance - Project on cyber-insurance and the economics of cybersecurity (SINTEF ICT project, 2015-2016)
  • iTrust - Working group on trust management in dynamic open systems (EU project, 2002-2005)
  • MAsens - Mobile and autonomous sensor systems (SINTEF ICT project, 2015-2017)
  • MASTER - Managing Assurance, Security and Trust for sERvices (EU project, 2008-2011)
  • MC-Suite - ICT Powered Machining Software Suite (EU project, 2015-2018)
  • MODAClouds - MOdel-Driven Approach for design and execution of applications on multiple Clouds (EU project, 2013-2015)
  • NESSoS - Network of Excellence on Engineering Secure Future Internet Software Services and Systems (EU project, 2010-2014)
  • OTD - Open Transport Data (Research Council of Norway project, 2016-2019)
  • PaaSage - PaaSage: Model Based Cloud Platform Upperware (EU project, 2012-2016)
  • PrivacyAssessment@SmartCity - Enabling Real-Time Privacy-Awareness of Smart City Providers and Users (SINTEF ICT project, 2016-2017)
  • RASEN - Compositional Risk Assessment and Security Testing of Networked Systems (EU project, 2012-2015)
  • REMICS - Reuse and Migration of legacy applications to Interoperable Cloud Services (EU project, 2010-2013)
  • S3MS - Security of Software and Service for Mobile Systems (EU project, 2006-2008)
  • SARDAS - Securing availability by robust design, assessment and specification (Research Council of Norway project, 2003-2006)
  • SecureChange - Security Engineering for Lifelong Evolvable Systems (EU project, 2009-2012)
  • SECURIS - Model-driven development and analysis of secure information systems (Research Council of Norway project, 2003-2006)
  • STAMP - Software Testing AMPlification (EU project, 2016-2019)
  • TrustCom - A trust and contract management framework enabling secure collaborative business processing in on-demand created, self-managed, scalable, and highly dynamic virtual organisations (EU project, 2004-2007)
  • WISER - Wide-Impact Cyber Security Risk Framework (EU-project, 2015-2017)

Contact

Group leader: Ketil Stølen
Email:
Phone: +47 92 21 61 12
Home page

Address
SINTEF Digital
Forskningsveien 1
PO Box 124, Blindern
0314 Oslo
Norway

How to find us
Directions and map: [pdf en][pdf no]

News

2020-03-16: The paper "Stream Processing at the Edge" authored by Rustem Dautov and Salvatore Distefano has been accepted for publication in IEEE Transactions on Cloud Computing.

2020-03-16: The 5th of March, ENACT is organizing its first Hackathon at University Côte d'Azur in Sophia Antipolis.

2020-03-16: The paper "A Systematic Mapping of Patterns and Architectures for IoT Security" authored by Tanusan Rajmohan, Phu H. Nguyen and Nicolas Ferry has been accepted for publication in the proceedings of the 5th International conference on Internet of Things, Big data, and Security (IoTBDS 2020).

2020-02-20: The paper "Using Microservices to Customize Multi-Tenant SaaS: From Intrusive to Non-Intrusive" authored by Hui Song, Phu H. Nguyen and Franck Chauvel has been officially published as part of the volume OASIcs, Vol. 78, Microservices 2017/2019.

2020-02-20: The paper "Development and Operation of Trustworthy Smart IoT Systems: The ENACT Framework" authored by Nicolas Ferry, Jacek Dominiak, Anne Gallon, Elena Gonzales, Eider Iturbe, Stéphane Lavirotte, Saturnino Martinez, Andreas Metzger, Victor Muntés-Mulero, Phu H. Nguyen, Alexander Palm, Angel Rego, Erkuden Rios, Diego Riviera, Arnor Solberg, Hui Song, Jean-Yves Tigli and Thierry Winter has been accepted for publication in the proceedings of DevOps'19.

2020-02-20: The paper "A Chaos Engineering System for Live Analysis and Falsification of Exception-handling in the JVM" authored by Long Zhang, Brice Morin, Philipp Haller, Benoit Baudry and Martin Monperrus has been accepted for publication in IEEE Transactions on Software Engineering.

2020-01-08: The paper "Tool Support for Risk-Driven Planning of Trustworthy Smart IoT Systems within DevOps" authored by Andreas Thompson and Gencer Erdogan has been accepted for publication in the proceedings of the 6th International Conference on Information Systems Security and Privacy (ICISSP'20).

2019-12-19: The research project Fleet-Oriented Intelligent Operation of Large Scale Edge System has been accepted for funding by the Research Council of Norway. The Secure IoT Software group is one of the partners in the project which has a total budget of 16M NOK, funded under the Programme for User-driven Research-based Innovation (BIA).

2019-12-19: Ketil Stølen has written a book on Technology Science. The book is published by Universitetsforlaget and you may order the book online.

2019-12-19: During a CINELDI WP1 webinar held on Nov. 27. 2019, Aida Omerovic and Åsmund Hugo presented some of the current results from a case study on security risk analysis of the "Digital Inspection" pilot being conducted within the CINELDI centre. 

2019-12-19: On October 22nd, Gencer Erdogan presented the CYBERWISER.eu Learning Path on the webinar Strengthening European Efforts in Cyber Capacity Building.

2019-10-14: The manuscript "Customizing Multi-Tenant SaaS using Microservices: From Intrusive to Non-Intrusive" has been accepted for inclusion in the Joint Post-proceedings of the First and Second International Conference on Microservices. Congratulations to the authors Hui Song, Phu Nguyen, Franck Chauvel.

2019-09-16: On August 27th, Aida Omerovic presented "Cybersikkerhet og forsyningssikkerhet – erfaringer fra sikkerhetsrisikovurderinger innen to smartnett-piloter" on the Security Festival at Lillehammer. The presentation is based on two case studies carried out in the CINELDI project.

2019-09-16: The book chapter "Making the Internet of Things More Reliable Thanks to Dynamic Access Control" authored by Anne Gallon, Erkuden Rios, Eider Iturbe, Hui Song and Nicolas Ferry has been accepted for publication in "Security and Privacy in Internet of Things: Challenges and Solutions".

2019-09-16: The paper entitled "Towards Model-Based Continuous Deployment of Secure IoT Systems" authored by Nicolas Ferry and Phu Nguyen has been accepted for publication in the proceedings of the DevOps@MODELS workshop, collocated with the MODELS Conference 2019.

2019-09-16: On August 22nd, Phu gave an invited 3-hour lecture to 30 PhD students at the Summer School "Smart Cities for a sustainable energy future-from design to practice", organised at the Technical University of Berlin, Germany.

2019-08-14: The paper "User Recognition Based on Daily Actigraphy Patterns" authored by Enrique Garcia-Ceja and Brice Morin has been accepted for publication in the proceedings of the 13th IFIP International Conference on Trust Management (IFIPTM'19).

2019-08-14: The paper "Model-based, Platform-independent Logging for Heterogeneous Targets" authored by Brice Morin and Nicolas Ferry has been accepted for publication in the proceedings of the 22nd International Conference on Model Driven Engineering Languages and Systems (MODELS'19).

2019-08-14: The paper "Amplifying Integration Tests with CAMP" authored by Franck Chauvel, Brice Morin, and Enrique Garcia-Ceja has been accepted for publication in the proceedings of the 30th International Symposium on Software Reliability Engineering (ISSRE'19).

2019-08-14: The paper "Using Microservices for Non-intrusive Customization of Multi-tenant Software-as-a-Service" authored by Phu H. Nguyen, Hui Song, Franck Chauvel, Roy Muller, Seref Boyar and Erik Levin has been accepted for publication in the proceedings of the 27th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE).

2019-08-14: The paper "GeneSIS: Continuous Orchestration and Deployment of Smart IoT Systems" authored by Nicolas Ferry, Phu H. Nguyen, Hui Song, Pierre-Emmanuel Novac, Stéphane Lavirotte, Jean-Yves Tigli, Arnor Solberg has been accepted for publication in the proceedings of the IEEE COMPSAC conference.

2019-08-14: The paper "Customizing Multi-Tenant SaaS by Microservices: A Reference Architecture" authored by Hui Song, Phu H. Nguyen, Franck Chauvel, Jens Glattetre, Thomas Schjerpen has been accepted for publication in the proceedings of the 2019 IEEE International Conference on Web Services (ICWS).

2019-08-05: The next public seminar organized by the Secure IoT Software group will be held on Thursday September 26, 10:00-14:00. The topic of the seminar is quantum computers and the Internet of Things. The seminar has speakers from the Norwegian National Security Authority (NSM), University of Oslo, and SINTEF.

2019-03-15: Ketil Stølen will participate the 2019 NSM Security Conference as a panellist to discuss together with three other experts about the topic "Artificial Intelligence. Research and prospects. What place does security have?" The Security Conference is organized every year by the Norwegian National Security Authority (NSM) and will this year take place at Oslo Congress Centre on 20-21 March.

2019-03-06: The paper A Feasibility Study of a Method for Identification and Modelling of Cybersecurity Risks in the Context of Smart Power Grids authored by Aida Omerovic, Hanne Vefsnmo, Gencer Erdogan, Oddbjørn Gjerde, Eivind Gramme, Stig Simonsen has been accepted for publication in the proceedings of the 4th International Conference on Complexity, Future Information Systems and Risk (COMPLEXIS'19).

2019-03-06: The paper A Systematic Mapping Study of Deployment and Orchestration Approaches for IoT authored by Phu H. Nguyen, Nicolas Ferry, Gencer Erdogan, Hui Song, Stéphane Lavirotte, Jean-Yves Tigli, Arnor Solberg has been accepted for publication in the proceedings of the 4th International conference on Internet of Things, Big data, and Security (IoTBDS'19).

2019-03-06: The paper Towards Early Prototyping of Services Based on Open Transport Data - a Feasibility Study authored by Nicolas Ferry, Aida Omerovic, Marit Natvig has been accepted for publication in the proceedings of the 9th International conference on Cloud Computing and Service Science (CLOSER'19).

2019-02-26: CyberSec4Europe, a European Cybersecurity Competence Network project, has its official kick-off meeting on February 28 and March 1. SINTEF is one of 43 consortium partners in the project. CyberSec4Europe is one of four pilot projects to lay the ground work for building a European network of centres of cybersecurity expertise which will help to reinforce research and coordination of cybersecurity in the EU.

2019-01-21: The abstract entitled Towards customizing multi-tenant Cloud applications using non-intrusive microservices authored by Phu H. Nguyen, Hui Song, Franck Chauvel and Erik Levin has been accepted for presentation at Microservices 2019.

2019-01-17: The paper Advances in deployment and orchestration approaches for IoT - A systematic review authored by Phu H. Nguyen, Nicolas Ferry, Gencer Erdogan, Hui Song, Stéphane Lavirotte, Jean-Yves Tigli and Arnor Solberg has been accepted for publication at IEEE ICIOT 2019.

2019-01-17: The paper The preliminary results of a mapping study of deployment and orchestration for IoT authored by Phu H. Nguyen, Nicolas Ferry, Gencer Erdogan, Hui Song, Stéphane Lavirotte, Jean-Yves Tigli and Arnor Solberg has been accepted for publication at the 34th ACM/SIGAPP Symposium On Applied Computing (SAC 2019).

2019-01-17: The paper : a guided tour of the state of the art and research challenges has been accepted in Software & Systems Modeling, co-authored by Sebastian Götz (TU Dresden), Nelly Bencomo (Aston University) and Hui Song (SINTEF).

2019-01-03: The next public seminar organized by the Secure IoT Software group will be held on Thursday January 24, 10:00-14:00. The topic of the seminar is sustainable development and the Internet of Things. The seminar has speakers from Hvaler municipality, University of Oslo, Norwegian University of Science and Technology and SINTEF.

2018-10-31: On October 25, Phu Nguyen presented the Cirrus project and the ENACT project at the public event "Edge computing vs cloud computing" organised by ITS Norway and Tekna Big Data, with 48 participants in the room and 112 participants via live streaming.

2018-10-29: On October 25, Hui Song presented DevOps - a way to reduce risk? at the public seminar The Internet of Things and the development of secure and smart systems.

2018-10-29: On October 25, Ketil Stølen presented IoT, Edge, Fog, Cloud - an attempt to clarify these concepts and their relationships at the public seminar The Internet of Things and the development of secure and smart systems.

2018-10-12: The paper entitled A Security Policy Enforcement Framework for Controlling IoT Tenant Applications in the Edge authored by Phu H. Nguyen, Phu H. Phung, Hong-Linh Truong will be presented on 17 Oct 2018 at the 8th International Conference on the Internet of Things (IoT'18).

2018-09-07: On September 6, Phu Nguyen gave a lecture at the Summer School in Future Energy Information Networks to share experiences with the research students about Smart Grid Security from the IoT and Software Engineering perspectives.

2018-09-05: The paper An Empirical Study on the Comprehensibility of Graphical Security Risk Models Based on Sequence Diagrams authored by Vetle Volden-Freberg and Gencer Erdogan has been accepted for publication in the proceedings of the 13th International Conference on Risks and Security of Internet and Systems (CRiSIS'18).

2018-08-03: The paper Risk-Based Decision Support Model for Offshore Installations authored by Gencer Erdogan, Atle Refsdal, Bjørn Nygård, Ole Petter Rosland, Bernt Kvam Randeberg is published in Business Systems Research Journal.

2018-07-25: The paper Engineering Software Diversity: a Model-Based Approach to Systematically Diversify Communications authored by Brice Morin, Jakob Høgenes, Hui Song, Nicolas Harrand, Benoit Baudry has been accepted for publication in the proceedings of the 21st International Conference on Model Driven Engineering Languages and Systems (MODELS'18).

2018-07-25: The paper Multi-Layered Adaptation for the Failure Prevention and Recovery in Cloud Service Brokerage Platforms authored by Nicolas Ferry, Franck Chauvel, Brice Morin has been accepted for publication in the proceedings of the 11th International Conference on the Quality of Information and Communications Technology (QUATIC'18).

2018-06-15: On June 20, The Gemini Center for IoT is organizing a seminar for PhD students and postdocs working related topics in the area of IoT. Time: 10:00 to 16:00. Location: Auditorium EL1, Gløshaugen, NTNU, Trondheim.

2018-06-13: On June 13, Phu Nguyen will present Advances in genetic engineering and the future of humans at the public seminar The Future "Human".

2018-06-05: The next public seminar organized by the Secure IoT Software group will be held on Wednesday June 13, 10:00-14:00. The topic of the seminar is The Future "Human". The seminar has speakers from The University of Oslo, The University of Agder and SINTEF.

2018-04-29: Jackob Høgenes is in the latest SINTEF news about the technology trends influencing future transport systems.

2018-04-28: On April 11, Anatoly Vasilevskiy presented the demo TECOR: Automate the Testing of One Product on Many Configurations by Anatoly Vasilevskiy, Hui Song, Brice Morin at the 11th IEEE Conference on Software Testing, Validation and Verification.

2018-04-13: Aida Omerovic has been interviewed about security and risk management. The article "Roter du det til her er du ferdig. Punktum." is published by TirsdagMorgen and Norwegian Computer Society.

2018-03-05: The paper ENACT: Development, Operation, and Quality Assurance of Trustworthy Smart IoT Systems authored by Nicolas Ferry, Arnor Solberg, Hui Song, Stéphane Lavirotte, Jean-Yves Tigli, Thierry Winter, Victor Muntés-Mulero, Andreas Metzger, Erkuden Rios Velasco, Amaia Castelruiz Aguirre was presented by Nicolas Ferry at DEVOPS 2018 workshop (DEVOPS'18). Nicolas Ferry was also a member of the panel on DevOps: Issues and Perspectives at the same event.

2018-02-20: The paper Deep Customization of Multi-Tenant SaaS Using Intrusive Microservices authored by Hui Song, Franck Chauvel, Arnor Solberg has been accepted for publication in the proceedings of the 40th International Conference on Software Engineering (ICSE'18).

2018-02-20: The Proceedings of the 4th International Workshop on Graphical Models for Security (GraMSec'17), edited by Peng Lui, Sjouke Mauw, Ketil Stølen will be published in the conference proceedings series Lecture Notes in Computer Science, LNCS 10744, Springer, 2018.

2018-02-20: The paper Problem-based elicitation of security requirements: The ProCOR method authored by Roman Wirtz, Maritta Heisel, Rene Meis, Aida Omerovic, Ketil Stølen has been accepted for publication in the proceedings of the 13th International Conference on Evaluation of Novel Approaches to Software Engineering (ENASE'18).

2018-02-14: On February 14, Aida Omerovic presented Arkitektur som døråpner for Digitalisering og Verdiskapning at SOFTWARE'18.

2018-02-08: The paper Risk-Based Decision Support Model for Offshore Installations authored by Gencer Erdogan, Atle Refsdal, Bjørn Nygård, Bernt Kvam Randeberg, Ole Petter Rosland has been accepted for publication in Business Systems Research (Special issue: Novel Solutions and Novel Approaches in Operational Research).

2018-01-19: The ENACT project, which is coordinated by the Secure IoT Software group, had a successful kick-off meeting from January 16 to January 18. Read more about the project on the ENACT website.

2017-12-11: On December 14, Jakob Høgenes will present Security in IoT - What can we learn from the nature? at the public seminar Internet of Things and Security.

2017-12-11: On December 14, Ketil Stølen will present Security challenges of the future at the public seminar Internet of Things and Security.

2017-12-08: On December 6, Anatoly Vasilevskiy presented Configuration testing for better DevOps at the European Chaos Engineering Days.

2017-11-10: The next public seminar organized by the Cyber Risk group will be held on Thursday December 14, 10:00-14:00. The topic of the seminar is Internet of Things and Security. The seminar has speakers from TellU, Q-Free, Datatilsynet, and SINTEF.

2017-09-27: On September 27, Atle Refsdal presented the paper Experiences from Developing an Algorithm to Support Risk-Based Decisions for Offshore Installations authored by Gencer Erdogan, Atle Refsdal, Bjørn Nygård, Bernt Kvam Randeberg, and Ole Petter Rosland at the 14th International Symposium on Operations Research in Slovenia (SOR 2017).

2017-09-22: On September 21, Gencer Erdogan presented the paper A Method for Developing Qualitative Security Risk Assessment Algorithms authored by Gencer Erdogan and Atle Refsdal at the 12th International Conference on Risks and Security of Internet and Systems (CRiSIS 2017).

2017-08-01: The paper A Method for Developing Qualitative Security Risk Assessment Algorithms authored by Gencer Erdogan and Atle Refsdal has been accepted for publication in the proceedings of the 12th International Conference on Risks and Security of Internet and Systems (CRiSIS 2017).

2017-07-12: The paper Experiences from Developing an Algorithm to Support Risk-Based Decisions for Offshore Installations authored by Gencer Erdogan, Atle Refsdal, Bjørn Nygård, Bernt Kvam Randeberg, and Ole Petter Rosland has been accepted for publication in the proceedings of the 14th International Symposium on Operations Research in Slovenia (SOR 2017).

2017-06-15: The paper A Method for Developing Algorithms for Assessing Cyber-Risk Cost authored by Gencer Erdogan, Alejandra Gonzalez, Atle Refsdal, and Fredrik Seehusen has been accepted for publication in the proceedings of the 2017 IEEE International Conference on Software Quality, Reliability & Security (QRS 2017).

2017-05-29: The chronicle The Internet of Things: A good, but also a threat for the nation written by Ketil Stølen is published in Teknisk Ukeblad, 23 May 2017, no. 5. The chronicle is also available online at digi.no.

2017-04-28: The chronicle Guide to good smart city life written by Marit Kjøsnes Natvig, Aida Omerovic, and Isabelle Tardy is published in Dagens Næringsliv and Gemini.

2017-03-30: The chronicle Trust management - what is it, really? by Ketil Stølen is published in Dagens Perspektiv.

2017-03-27: On April 4, Atle Refsdal will present Experiences from development of risk-based decision support for offshore installations at the public seminar Risk Aggregation - what works in practise?

2017-03-02: The chronicle Privacy and cybersecurity do not go hand in hand by Ketil Stølen is published in Computerworld.

2017-02-15: The next public seminar organized by the Cyber Risk group will be held on April 4, 2017. The topic of the seminar is Risk Aggregation - What works in practise? The seminar has speakers from EVRY, Oslo municipality, The Agency for Public Management and eGovernment (Difi), and SINTEF.

2017-02-08: The paper Privacy Scorecard – Refined Design and Results of a Trial on a Mobility as a Service Example authored by Aida Omerovic, Marit Natvig, and Isabelle Tardy has been accepted for publication in the proceedings of the 27th European Safety and Reliability Association Conference (ESREL 2017).

2017-01-06: A guided tour of the CORAS method is now available.

2017-01-05: On February 16, Ketil Stølen will present The Relationship Between Trust, Security, and Risk at the SOFTWARE 2017 conference.

2017-01-04: On February 14, Aida Omerovic will hold a course about risk management at the Norwegian Computer Society.

Old News