Blar i Publikasjoner fra CRIStin - NTNU på forfatter "Jaatun, Martin Gilje"

Viser treff 1-20 av 24

    • A Probabilistic Approach to Information Control 

      Nyre, Åsmund Ahlmann; Jaatun, Martin Gilje (Journal article; Peer reviewed, 2010)

    • Achieving "Good Enough" Software Security: The Role of Objectivity 

      Tøndel, Inger Anne; Cruzes, Daniela Soares; Jaatun, Martin Gilje (Chapter, 2020)
      Today's software development projects need to consider security as one of the qualities the software should possess. However, overspending on security will imply that the software will become more expensive and often also ...

    • Agile Software Development: The Straight and Narrow Path to Secure Software? 

      Nicolaysen, Torstein; Sassoon, Richard; Bartnes, Maria; Jaatun, Martin Gilje (Journal article; Peer reviewed, 2010)
      In this article, we contrast the results of a series of interviews with agile software development organizations with a case study of a distributed agile development effort, focusing on how information security is taken ...

    • All in a day's work: Password cracking for the rest of us 

      Blakstad, Jørgen Wahl; Nergård, Rune; Jaatun, Martin Gilje; Gligoroski, Danilo (Chapter, 2009)
      The majority of computer systems are still protected primarily with a user name and password, and many users employ the same password on multiple systems. Additionally, some of the most popular operating systems such as ...

    • Challenges and Experiences with Applying Microsoft Threat Modeling in Agile Development Projects 

      Cruzes, Daniela Soares; Jaatun, Martin Gilje; Bernsmed, Karin; Tøndel, Inger Anne (Journal article; Peer reviewed, 2018)
      The goal of secure software engineering is to create software that keeps performing as intended even when exposed to attacks. Threat modeling is considered to be a key activity, but can be challenging to perform for ...

    • Collaborative security risk estimation in agile software development 

      Tøndel, Inger Anne; Jaatun, Martin Gilje; Cruzes, Daniela Soares; Williams, Laurie (Journal article; Peer reviewed, 2019)
      Purpose Today, agile software development teams in general do not adopt security risk-assessment practices in an ongoing manner to prioritize security work. Protection Poker is a collaborative and lightweight software ...

    • A continuous OT cybersecurity risk analysis and Mitigation process 

      Hanssen, Geir Kjetil; Thieme, Christoph Alexander; Bjarkø, Andrea Vik; Lundteigen, Mary Ann; Bernsmed, Karin Elisabeth; Jaatun, Martin Gilje (Chapter, 2023)
      Operational Technology (OT) systems are becoming increasingly software-driven and connected. This creates new digitalization opportunities but can also increase the risk of cyber security breaches than can have severe ...

    • Cyber-physical Hardening of the DigitalWater Infrastructure 

      Cali, Umit; Catak, Ferhat Özgur; Balogh, Zsolt György; Ugarelli, Rita Maria; Jaatun, Martin Gilje (Chapter, 2023)
      Water supply and drainage systems, which are categorized as critical infrastructure, serve a crucial role in preserving societal health and well-being. Since climate change effects, harsher regulations, population changes, ...

    • An Empirical Study of CERT Capacity in the North Sea 

      Jaatun, Martin Gilje; Bodsberg, Lars; Grøtan, Tor Olav; Moe, Marie Elisabeth Gaup (Chapter, 2020)
      This paper documents the results of an empirical study of cyber incident response readiness in the Norwegian petroleum industry. The study addressed the Computer Emergency Response Team (CERT) capacity among various actors ...

    • Is a Smarter Grid Also Riskier? 

      Bernsmed, Karin; Jaatun, Martin Gilje; Frøystad, Christian (Journal article; Peer reviewed, 2019)
      The smart grid evolution digitalizes the traditional power distribution grid, by integrating information communication technology into its operation and control. A particularly interesting challenge is the integration of ...

    • Monitoring Intrusions and Security Breaches in Highly Distributed Cloud Environments 

      Taheri Monfared, Aryan; Jaatun, Martin Gilje (Chapter, 2011)
      Cloud computing is a new computing model, and security is ranked first among its challenges. This paper reviews existing security monitoring mechanisms compared with new challenges which are caused by this new model. We ...

    • OWASP Top 10 - Do Startups Care? 

      Søhoel, Halldis M; Jaatun, Martin Gilje; Boyd, Colin Alexander (Chapter, 2018)
      In a cut-throat world where time-to-market can be the difference between success and failure, it can be tempting for startups to think “let’s get it to work first, and then we’ll worry about security later.” However, major ...

    • Principles of digitalisation and IT-OT integration 

      Hanssen, Geir Kjetil; Onshus, Tor; Jaatun, Martin Gilje; Myklebust, Thor; Ottermo, Maria Vatshaug; Lundteigen, Mary Ann (SINTEF AS (ISBN starter med 978-82-14-), Research report, 2023)
      The purpose of this report is to provide the industry with a greater understanding of ongoing digitalisation, status and challenges, and how this development should be managed going forward. This report is one of six SINTEF ...

    • Proceedings of the 3rd European Workshop on Practical Aspects of Health Informatics (PAHI 2015) 

      Cumming, Grant; French, Tara; Gilstad, Heidi; Jaatun, Martin Gilje; Jaatun, Ellen A. Andreassen (CEUR Workshop Proceedings;, Research report, 2016)

    • Regulation of ICT security in the petroleum sector 

      Øien, Knut; Bodsberg, Lars; Jaatun, Martin Gilje; Myklebust, Thor; Onshus, Tor Engebret (Research report, 2023)
      The purpose of this report is to clarify how the protection of information and communication technology (ICT security) in the petroleum industry is regulated under current regulations and to shed light on the expectations ...

    • Scanning the Medical Terrain : an aid to quicker adoption of guidelines 

      Jaatun, Ellen A. Andreassen; Hepburn, Leigh-Anne; Jaatun, Martin Gilje (Peer reviewed; Journal article, 2019)
      Guidelines exist in order to ensure efficient, effective and consistent provision of healthcare service. Unfortunately, existing guidelines are often not adopted in a timely manner, even to the point of being outdated at ...

    • Security Threats in Demo Steinkjer. Report from the Telenor-SINTEF collaboration project on Smart Grids 

      Tøndel, Inger Anne; Jaatun, Martin Gilje; Bartnes, Maria (SINTEF Rapport;A23351, Research report, 2012)
      This report describes security threats associated with the deployment of an Advanced Metering Infrastructure (AMI) in the Demo Steinkjer demonstration project. The description is based on the first phase of the actual smart ...

    • Software Bill of Materials in Critical Infrastructure 

      Jaatun, Lars Andreassen; Sørlien, Silje Marie; Borgaonkar, Ravishankar Bhaskarrao; Steve, Taylor; Jaatun, Martin Gilje (Chapter, 2023)
      Critical infrastructure today is comprised of cyber-physical systems, and therefore also vulnerable to cyber threats. Many of these threats come from within, through malicious code in software updates or bugs that can be ...

    • Survival by Deception 

      Jaatun, Martin Gilje; Nyre, Åsmund Ahlmann; Sørensen, Jan Tore (Journal article; Peer reviewed, 2007)
      A system with a high degree of availability and survivability can be created via service duplication on disparate server platforms, where a compromise via a previously unknown attack is detected by a voting mechanism. ...

    • The road to Hell is paved with good intentions: A story of (in)secure software development 

      Sassoon, Richard; Jaatun, Martin Gilje; Jensen, Jostein (Chapter, 2010)
      In this paper, we present the results of a security assessment performed on a home care system based on SOA, realized as web services. The security design concepts of this platform were specifically tailored to meet new ...