Project description
Trustworthy ICT
                                The European society increasingly depends on ICT systems, in particular ICT systems within critical infrastructures such as telecommunication services, public health services, banking services and power supply. At the same time such systems become increasingly heterogeneous and complex, both with respect to their underlying technology and infrastructure and with respect to their social, economic and legal context. Furthermore, heterogeneous networked service and computing environments cross organisational and geographical borders, posing security challenges that need to be addressed from a broad perspective. For organisations, enterprises and service providers to continuously ensure a sufficient level of protection of complex networked systems, a thorough understanding of security risks is required. However, the nature of such systems makes security assessment very challenging. First, assessing the security of such large, complex networked systems in their entirety is infeasible. Second, security assessment is usually performed either at a high-level (e.g. by risk assessment) or at a technical low-level (e.g. by security testing) with few methods to combine the levels and make use of them complementary. The RASEN project addresses these challenges by, on the one hand, developing support for systematic composition of security assessment results, allowing global security assessments to be derived from assessments of smaller parts of the system. On the other hand, RASEN will develop support for systematically combining high-level security risk assessment with low-level security testing, such that risk assessment can be used to derive security test cases and security test results can be used to verify or updating the risk assessment.
The expected result of RASEN is an approach to security assessment that consists of methods and techniques to support the following. Compositional security assessment: How the security assessment can be broken down into smaller parts and systematically composed to obtain the global assessment. Risk-based security testing: How to derivative security test cases from security risk assessment results. Test-based security risk assessment: How to verify and update of the security risk assessment based on security test results. Legal security risk assessment: How to assess and understand compliance with legal norms related to information security. Continuous security assessment: How reuse results from previous security assessments and to rapidly update the security risk assessment based on passive testing (also called monitoring). Additionally, RASEN will deliver a toolbox that integrates the RASEN tool portfolio consisting of a security risk assessment tool and a security testing tool, as well as tools to make transformations between the two. All the results will be evaluated and validated in relevant use cases derived from the domains of healthcare, finance and the IT industry.
                            
                                Fields of science (EuroSciVoc)
                                                                                                            
                                            
                                            
                                                CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See:   The European Science Vocabulary.
                                                
                                            
                                        
                                                                                                
                            
                                                                                                CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: The European Science Vocabulary.
You need to log in or register to use this function
We are sorry... an unexpected error occurred during execution.
You need to be authenticated. Your session might have expired.
Thank you for your feedback. You will soon receive an email to confirm the submission. If you have selected to be notified about the reporting status, you will also be contacted when the reporting status will change.
    Programme(s)
    
      
      
        Multi-annual funding programmes that define the EU’s priorities for research and innovation.
        
      
    
  
      
  Multi-annual funding programmes that define the EU’s priorities for research and innovation.
    Topic(s)
    
      
      
        Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
        
      
    
  
      
  Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
      Call for proposal
      
        
        
          Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
          
        
      
    
          Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
        FP7-ICT-2011-8
          
            See other projects for this call
          
      
    Funding Scheme
    
      
      
        Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
        
      
    
  
  
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
Coordinator
7034 Trondheim
Norway
The total costs incurred by this organisation to participate in the project, including direct and indirect costs. This amount is a subset of the overall project budget.
 
           
        