Extended eTVRA vs. security checklist: Experiences in a value-web

@article{Morali2008ExtendedEV,
  title={Extended eTVRA vs. security checklist: Experiences in a value-web},
  author={Ayse Morali and Emmanuele Zambon and Siv Hilde Houmb and Karin Sallhammar and Sandro Etalle},
  journal={2009 31st International Conference on Software Engineering - Companion Volume},
  year={2008},
  pages={130-140}
}
Security evaluation according to ISO 15408 (Common Criteria) is a resource and time demanding activity, as well as being costly. For this reason, only few companies take their products through a Common Criteria evaluation. To support security evaluation, the European Telecommunications Standards Institute (ETSI) has developed a threat, vulnerability, risk analysis (eTVRA) method for the Telecommunication (Telco) domain. eTVRA builds on the security risk management methodology CORAS and is… CONTINUE READING

References

Publications referenced by this paper.
SHOWING 1-10 OF 17 REFERENCES

Common Criteria For Information Technology Security Evaluation: Protection Profile Smart Card Integrated Circuit With Embedded Software

  • F.C.B. Certificat
  • 1999
Highly Influential
9 Excerpts

Systematic Reuse of Experience in Security Requirements Elicitation

  • K. Schneider, S. Houmb, J. Jürjens, J. Rossebø
  • Technical report, ETSI,
  • 2008
Highly Influential
4 Excerpts

Similar Papers

Loading similar papers…