Project description Trustworthy ICT Show the project objective Hide the project objective The European society increasingly depends on ICT systems, in particular ICT systems within critical infrastructures such as telecommunication services, public health services, banking services and power supply. At the same time such systems become increasingly heterogeneous and complex, both with respect to their underlying technology and infrastructure and with respect to their social, economic and legal context. Furthermore, heterogeneous networked service and computing environments cross organisational and geographical borders, posing security challenges that need to be addressed from a broad perspective. For organisations, enterprises and service providers to continuously ensure a sufficient level of protection of complex networked systems, a thorough understanding of security risks is required. However, the nature of such systems makes security assessment very challenging. First, assessing the security of such large, complex networked systems in their entirety is infeasible. Second, security assessment is usually performed either at a high-level (e.g. by risk assessment) or at a technical low-level (e.g. by security testing) with few methods to combine the levels and make use of them complementary. The RASEN project addresses these challenges by, on the one hand, developing support for systematic composition of security assessment results, allowing global security assessments to be derived from assessments of smaller parts of the system. On the other hand, RASEN will develop support for systematically combining high-level security risk assessment with low-level security testing, such that risk assessment can be used to derive security test cases and security test results can be used to verify or updating the risk assessment.The expected result of RASEN is an approach to security assessment that consists of methods and techniques to support the following. Compositional security assessment: How the security assessment can be broken down into smaller parts and systematically composed to obtain the global assessment. Risk-based security testing: How to derivative security test cases from security risk assessment results. Test-based security risk assessment: How to verify and update of the security risk assessment based on security test results. Legal security risk assessment: How to assess and understand compliance with legal norms related to information security. Continuous security assessment: How reuse results from previous security assessments and to rapidly update the security risk assessment based on passive testing (also called monitoring). Additionally, RASEN will deliver a toolbox that integrates the RASEN tool portfolio consisting of a security risk assessment tool and a security testing tool, as well as tools to make transformations between the two. All the results will be evaluated and validated in relevant use cases derived from the domains of healthcare, finance and the IT industry. Fields of science medical and health scienceshealth sciencespublic health Programme(s) FP7-ICT - Specific Programme "Cooperation": Information and communication technologies Topic(s) ICT-2011.1.4 - Trustworthy ICT Call for proposal FP7-ICT-2011-8 See other projects for this call Funding Scheme CP - Collaborative project (generic) Coordinator STIFTELSEN SINTEF EU contribution € 1 155 291,00 Address STRINDVEIEN 4 7034 Trondheim Norway See on map Region Norge Trøndelag Trøndelag Activity type Research Organisations Links Contact the organisation Opens in new window Website Opens in new window Total cost No data Participants (7) Sort alphabetically Sort by EU Contribution Expand all Collapse all SOFTWARE AG Germany EU contribution € 507 495,00 Address UHLANDSTRASSE 12 64297 Darmstadt See on map Region Hessen Darmstadt Darmstadt, Kreisfreie Stadt Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Total cost No data FRAUNHOFER GESELLSCHAFT ZUR FORDERUNG DER ANGEWANDTEN FORSCHUNG EV Germany EU contribution € 427 352,00 Address HANSASTRASSE 27C 80686 Munchen See on map Region Bayern Oberbayern München, Kreisfreie Stadt Activity type Research Organisations Links Contact the organisation Opens in new window Website Opens in new window Total cost No data SMARTESTING Participation ended France EU contribution € 293 263,00 Address RUE ALAIN SAVARY 18 25000 BESANCON See on map Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Total cost No data UNIVERSITE DE FRANCHE-COMTE France EU contribution € 127 202,00 Address 1 RUE CLAUDE GOUDIMEL 25000 Besancon See on map Region Bourgogne-Franche-Comté Franche-Comté Doubs Activity type Higher or Secondary Education Establishments Links Contact the organisation Opens in new window Website Opens in new window Total cost No data EVRY NORGE AS Norway EU contribution € 188 876,00 Address SNAROYVEIEN 30A 1360 FORNEBU See on map Region Norge Oslo og Viken Viken Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Total cost No data UNIVERSITETET I OSLO Norway EU contribution € 220 600,00 Address PROBLEMVEIEN 5-7 0313 Oslo See on map Region Norge Oslo og Viken Oslo Activity type Higher or Secondary Education Establishments Links Contact the organisation Opens in new window Website Opens in new window Total cost No data INFO WORLD SRL Romania EU contribution € 130 500,00 Address STRADA INTRAREA GLUCOZEI 37-39 023828 Bucuresti Sector 2 See on map Region Macroregiunea Trei Bucureşti-Ilfov Bucureşti Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Total cost No data