Faily, S., Lyle, J. and Parkin, S., 2012. Secure System? Challenge Accepted: Finding and Resolving Security Failures Using Security Premortems. In: BCS HCI 2012 Workshops: Designing Interactive Secure Systems, 12 -14 September 2012, Birmingham, UK, 5:1 - 5:4 .
Full text available as:
falp121.pdf - Published Version
Risk-driven approaches are dominant in secure systems design; these aim to elicit and treat vulnerabilities and the threats exploiting them. Such approaches, however, are so focused on driving risks out of system design, they fail to recognise the usefulness of failure as a vehicle for security innovation. To explore the role of failure as a design tool, we present the security premortem: a participative design technique where participants assume that a system has been exploited, and plausible reasons are given for explaining why. We describe this approach and illustrate how software tools can be used to support it.
|Item Type:||Conference or Workshop Item (Paper)|
|Additional Information:||Proceedings of HCI 2012 The 26th BCS Conference on Human Computer Interaction|
|Uncontrolled Keywords:||Risk, Premortem, CAIRIS|
|Group:||Faculty of Science and Technology|
|Deposited By:||Unnamed user with email symplectic@symplectic|
|Deposited On:||09 Jun 2015 11:04|
|Last Modified:||09 Jun 2015 11:04|
Downloads per month over past year
|Repository Staff Only -|