Projects per year
Abstract
Security and privacy issues are an ever-increasing problem for software systems. To address them, software developers must anticipate the problems that their developed systems may face, using a process we call ‘threat assessment’. Unfortunately, given the shortage of security experts, and the need to ‘think laterally’, threat assessment is very difficult for many development teams. One possibility is to use stories, known as ‘Design Fiction,’ to help developers visualize different contexts and future use for their software. But such stories are themselves difficult to write. A recent pilot project investigated using a broad-brush threat model and fiction samples derived from existing science fiction literature to help developers create threat assessments for Health Internet-of-Things devices. The preliminary results are encouraging, and open the possibility of developing a method to support developers in threat assessment in any domain.
Original language | English |
---|---|
Title of host publication | EuroUSEC '22: Proceedings of the 2022 European Symposium on Usable Security |
Publisher | Association for Computing Machinery (ACM) |
Pages | 79-84 |
Number of pages | 6 |
DOIs | |
Publication status | Published - 5 Oct 2022 |
Projects
- 1 Finished
-
FiVu: Using Design Fiction to Identify Future Vulnerabilities in Bio-IOT
Eng & Phys Sci Res Council EPSRC
15/11/21 → 31/03/23
Project: Research
Activities
- 1 Editor of research journal
-
Systems (Journal)
José-Rodrigo Córdoba-Pachón (Editor)
1 Jul 2023 → 31 Jan 2024Activity: Publication peer-review and editorial work › Editor of research journal