Publikasjoner og ansvarsområder
Threat modelling and agile software development: Identified practice in four Norwegian organisations
Threat modelling is considered a key activity in secure software engineering. However, despite its documented benefits it has not (yet) been widely adopted by agile software development projects. In this paper we present results from a qualitative study of how it is performed in practice by four dif...
Is a Smarter Grid Also Riskier?
The smart grid evolution digitalizes the traditional power distribution grid, by integrating information communication technology into its operation and control. A particularly interesting challenge is the integration of grid topology monitoring and decision support systems with the remote control o...
The CySiMS PKI
Managing Security in Software Or: How I Learned to Stop Worrying and Manage the Security Technical Debt
Sikre løsninger for digital kommunikasjonen mellom fly og bakke
An experimental evaluation of bow-tie analysis for security
An experimental evaluation of bow-tie analysis for cybersecurity requirements
Threat Modeling in Modern Software Development
Threat modeling is a way to get an overview of possible attacks against your systems. The advantages of threat modeling include tackling security problems early, improved risk assessments, and more effective security testing. There will always be limited resources available for security, and threat ...