Security Requirement Engineering for Socio-Technical Systems (Requirements Engineering 2024 - Tutorials)

Mon 24 - Fri 28 June 2024 Reykjavik, Iceland

Who

Mattia Salnitri, Erlend Andreas Gjære

Track

Requirements Engineering 2024 Tutorials

Time Zone

The program is currently displayed in (UTC) Coordinated Universal Time.

Use conference time zone: (UTC) Coordinated Universal TimeSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Wed 26 Jun 2024 13:45 - 15:15 at M116 - Tutorial 4

Abstract

In the past decade, there has been a notable increase in the integration of human users as active components within technical systems, giving rise to what is now recognized as sociotechnical systems. However, the advancement of security measures has not kept pace with this integration, resulting in humans becoming the vulnerable link in the security chain. To address this issue, it is imperative to engineer security requirements that encompass the characteristics of individuals, thereby guiding the design of secure socio-technical systems that are tailored to accommodate their human components. This tutorial will present socio-technical systems, the security criticalities related to their human part, and how to address them. The tutorial is targeted to academics and practitioners, with interactive activities that will guide attendees in the specification of security requirements for socio-technical systems, allow them to experience cyber and social attacks and direct them to incident response actions

Mattia Salnitri

Politecnico di Milano

Italy

Erlend Andreas Gjære

Secure Practice AS

Norway