Blar i Publikasjoner fra CRIStin - SINTEF AS på forfatter "Jaatun, Martin Gilje"

Viser treff 21-40 av 66

    • Deployment models: Towards eliminating security concerns from cloud computing 

      Zhao, Gansen; Rong, Chunming; Jaatun, Martin Gilje; Sandnes, Frode Eika (Chapter, 2010)
      Cloud computing has become a popular choice as an alternative to investing new IT systems. When making decisions on adopting cloud computing related solutions, security has always been a major concern. This article summarizes ...

    • DevOps for Better Software Security in the Cloud 

      Jaatun, Martin Gilje; Cruzes, Daniela Soares; Luna, Jesus (Chapter, 2017)
      The DevOps paradigm means that development and operations for an organisation blend together. For security, this implies that information on detected attacks can be fed back to the development, enabling faster eradication ...

    • An Empirical Study of CERT Capacity in the North Sea 

      Jaatun, Martin Gilje; Bodsberg, Lars; Grøtan, Tor Olav; Moe, Marie Elisabeth Gaup (Chapter, 2020)
      This paper documents the results of an empirical study of cyber incident response readiness in the Norwegian petroleum industry. The study addressed the Computer Emergency Response Team (CERT) capacity among various actors ...

    • Evaluering av NVEs veileder til sikkerhet i AMS : NVE-Veileder nr. 7/2012 

      Sæle, Hanne; Bartnes, Maria; Høverstad, Boye Annfelt; Jaatun, Martin Gilje (SINTEF Energi. Rapport;, Research report, 2017)

    • Exploring the need for a CERT for the Norwegian Construction Sector 

      Skytterholm, Andrea Neverdal; Jaatun, Martin Gilje (Chapter, 2023)
      This paper presents an empirical study on the need for sector-specific CERT capacity in the Norwegian construction sector. Findings from the interviews demonstrate a need for developing competence in ICT security in this ...

    • Five Things You Should Not Use Blockchain For 

      Jaatun, Martin Gilje; Haro, Peter; Frøystad, Christian (Chapter, 2020)
      The Bitcoin fever notwithstanding, the underlying blockchain technology cannot solve all data exchange and product needs, as some seem to believe. This paper provides examples of problems that we believe are poorly suited ...

    • Fleksibel nettdrift : resultater fra piloter i FlexNett-prosjektet 

      Istad, Maren Kristine; Sæle, Hanne; Jaatun, Martin Gilje (SINTEF Rapport;, Research report, 2018)
      Denne rapporten er et resultat fra Flex-Nett-prosjektet (2015-2018)og oppsummerer resultatene fra demoer hos BKK Nett knyttet til fleksibel nettdrift. Oppdragsgiver: FlexNett-prosjektet

    • IKT og sikkerhet i VA-sektoren: Hva kan gå galt? 

      Tøndel, Inger Anne; Jaatun, Martin Gilje; Røstum, Jon (Others, 2013)
      Bruk av IKT gir flere gevinster for VA-sektoren, i form av bedre oversikt og mer effektiv drift. Samtidig fører økt bruk av IKT til at sektoren må forholde seg til trusler også mot IKT-systemene. Denne artikkelen gir en ...

    • Implications of Cyber Security to Safety Approval in Railway 

      Okstad, Eivind Halvard; Bains, Robert; Myklebust, Thor; Jaatun, Martin Gilje (Chapter; Peer reviewed, 2021)
      The railway domain has a justifiable preoccupation with safety, but less of a focus on cyber security. This could result in the risk of cyber security flaws in current railway systems being unacceptably high. However, in ...

    • Implications of Cyber Security to Safety Approval in Railway 

      Okstad, Eivind Halvard; Bains, Robert; Myklebust, Thor; Jaatun, Martin Gilje (Chapter, 2021)
      The railway domain has a justifiable preoccupation with safety, but less of a focus on cyber security. This could result in the risk of cyber security flaws in current railway systems being unacceptably high. However, in ...

    • Incident Response Management in the oil and gas industry 

      Jaatun, Martin Gilje; Johnsen, Stig Ole; Bartnes, Maria; Longva, Odd Helge; Tøndel, Inger Anne; Albrechtsen, Eirik; Wærø, Irene (, Research report, 2007)
      Incident Response is the process of responding to and handling ICT security related incidents involving infrastructure and data. This has traditionally been a reactive approach, focusing mainly on technical issues. Incident ...

    • Interdependencies and Reliability in the Combined ICT and Power System: An overview of current research 

      Tøndel, Inger Anne; Foros, Jørn; Kilskar, Stine Skaufel; Hokstad, Per Richard; Jaatun, Martin Gilje (Journal article; Peer reviewed, 2017)
      The smart grid vision implies extensive use of ICT in the power system, enabling increased flexibility and functionality and thereby meeting future demands and strategic goals. Consequently, power system reliability will ...

    • Learning From Software Security Testing 

      Tøndel, Inger Anne; Jaatun, Martin Gilje; Jensen, Jostein (Chapter, 2008)
      Software security testing tools and methodologies are presently abundant, and the question no longer seems to be ``if to test'' for security, but rather ``where and when to test'' and ``then what?''. In this paper we present ...

    • Leverandørkjedesikkerhet - Relevante krav for nettselskapers innkjøpsprosesser 

      Jaatun, Martin Gilje; Sæle, Hanne (SINTEF Rapport;2023:00121, Research report, 2023)
      Denne rapporten presenterer resultater fra gjennomgang av tidligere NVE‐rapporter rundt temaet leverandørkjedesikkerhet, supplert med et litteratursøk blant nyere akademisk litteratur og diskusjoner med et lite utvalg av ...

    • A Lightweight Measurement of Software Security Skills, Usage and Training Needs in Agile Teams 

      Oyetoyan, Tosin Daniel; Jaatun, Martin Gilje; Cruzes, Daniela Soares (Peer reviewed; Journal article, 2017)
      Although most organizations understand the need for application security at an abstract level, achieving adequate software security at the sharp end requires taking bold steps to address security practices within the ...

    • A method for threat modelling of industrial control systems 

      Flå, Lars; Jaatun, Martin Gilje (Chapter, 2024)
      In this paper, we propose a new method for threat modelling of industrial control systems (ICS). The method is designed to be flexible and easy to use. Model elements inspired by IEC 62443 and Data Flow Diagrams (DFD) are ...

    • Modenhetskartlegging av programvaresikkerhet i offentlige virksomheter 

      Jaatun, Martin Gilje; Tøndel, Inger Anne; Cruzes, Daniela Soares (Research report, 2015)
      Difi ønsker å få en kartlegging av modenhet knyttet til informasjonssikkerhet i utvikling og anskaffelser av IKT-løsninger i offentlig sektor. Denne rapporten beskriver resultatene fra en spørreundersøkelse knyttet til i ...

    • Modenhetsmodell for innebygd sikkerhet (BSIMM). Måling av programvaresikkerhetsaktiviteter i utviklingsorganisasjoner 

      Jaatun, Martin Gilje (, Research report, 2016)
      Dette dokumentet inneholder norske oversettelser av aktivitetene beskrevet i Building Security In Maturity Model (BSIMM), lett omarbeidet fra bloggen http://infosec.sintef.no. Teksten er basert på BSIMM-V, men aktivitets ...

    • Needs and Challenges Concerning Cyber-Risk Assessment in the Cyber-Physical Smart Grid 

      Erdogan, Gencer; Tøndel, Inger Anne; Tokas, Shukun; Garau, Michele; Jaatun, Martin Gilje (Chapter, 2022)
      Cyber-risk assessment methods are used by energy companies to manage security risks in smart grids. However, current standards, methods and tools do not adequately provide the support needed in practice and the industry ...

    • Oppfølging av arbeidsseminar om IKT-sikkerhet i Integrerte Operasjoner 

      Jaatun, Martin Gilje; Johnsen, Stig Ole; Bartnes, Maria; Longva, Odd Helge (Research report, 2007)
      Den 30/11-2006 ble det på initiativ fra SINTEF avholdt et arbeidsseminar om IKT-sikkerhet i integrerte operasjoner hos Oljedirektoratet (OD) og Petroleumstilsynet (Ptil) i Stavanger, hvor også Oljeindustriens Landsforening ...