To main content

Inger Anne Tøndel

Research Scientist/PhD Fellow

Inger Anne Tøndel

Research Scientist/PhD Fellow

Inger Anne Tøndel
Phone: +47 970 88 476
Department: Software Engineering, Safety and Security
Office: Trondheim

Publications and responsibilities

Publication
https://www.sintef.no/en/publications/publication/?pubid=CRIStin+1612891

The goal of secure software engineering is to create software that keeps performing as intended even when exposed to an active attacker. Threat modelling is considered to be a key activity, but can be challenging to perform for developers. Microsoft has tried to lower the bar through creating a thre...

Year 2018
Type Part of a book/report
Publication
https://www.sintef.no/en/publications/publication/?pubid=CRIStin+1447360

The smart grid vision implies extensive use of ICT in the power system, enabling increased flexibility and functionality and thereby meeting future demands and strategic goals. Consequently, power system reliability will increasingly depend on ICT components and systems. While adding functionality, ...

Year 2018
Type Journal publication
Publication
https://www.sintef.no/en/publications/publication/?pubid=CRIStin+1416499

As a basis for offering policy and setting tariffs, cyber-insurance carriers need to assess the cyber risk of companies. This paper explores the challenges insurance companies face in assessing cyber risk, based on literature and interviews with representatives from insurers. The interview subjects ...

Year 2016
Type Journal publication
Publication
https://www.sintef.no/en/publications/publication/?pubid=CRIStin+1306136

Risk transfer can be an economically favorable way of handling security and privacy issues, but choosing this option indiscriminately and without proper knowledge is a risk in itself. This report provides an overview of knowledge gaps related to cyber-insurance as a risk management strategy. These a...

Year 2015
Type Report/thesis
Publication
https://www.sintef.no/en/publications/publication/?pubid=CRIStin+1223747

A rich selection of methods for information security risk assessments exist, but few studies evaluate how such methods are used, their perceived ease-of-use, and whether additional support is needed. Distribution system operators (DSOs) find it difficult to perform information security risk assessme...

Year 2015
Type Part of a book/report
Publication
https://www.sintef.no/en/publications/publication/?pubid=CRIStin+1133510

This paper reports results of a systematic literature review on current practice and experiences with incident management, covering a wide variety of organisations. Identified practices are summarised according to the incident management phases of ISO/IEC 27035. The study shows that current practice...

Year 2014
Type Journal publication
Publication
https://www.sintef.no/en/publications/publication/?pubid=CRIStin+1063345

Information and Communication Technology (ICT) is increasingly utilised in the electrical power transmission system. For the power system, ICT brings a lot of benefits, but it also introduces new types of vulnerabilities and threats. Currently the interdependencies between the power and ICT system a...

Year 2013
Type Part of a book/report
Publication
https://www.sintef.no/en/publications/publication/?pubid=CRIStin+1339834

This report describes security threats associated with the deployment of an Advanced Metering Infrastructure (AMI) in the Demo Steinkjer demonstration project. The description is based on the first phase of the actual smart meter roll-out in Steinkjer, but is kept on a vendor-neutral level. This doc...

Year 2012
Type Report/thesis