Browsing Publikasjoner fra CRIStin - SINTEF AS by Author "Jaatun, Martin Gilje"
Now showing items 21-40 of 70
-
Deployment models: Towards eliminating security concerns from cloud computing
Zhao, Gansen; Rong, Chunming; Jaatun, Martin Gilje; Sandnes, Frode Eika (Chapter, 2010)Cloud computing has become a popular choice as an alternative to investing new IT systems. When making decisions on adopting cloud computing related solutions, security has always been a major concern. This article summarizes ... -
DevOps for Better Software Security in the Cloud
Jaatun, Martin Gilje; Cruzes, Daniela Soares; Luna, Jesus (Chapter, 2017)The DevOps paradigm means that development and operations for an organisation blend together. For security, this implies that information on detected attacks can be fed back to the development, enabling faster eradication ... -
An Empirical Study of CERT Capacity in the North Sea
Jaatun, Martin Gilje; Bodsberg, Lars; Grøtan, Tor Olav; Moe, Marie Elisabeth Gaup (Chapter, 2020)This paper documents the results of an empirical study of cyber incident response readiness in the Norwegian petroleum industry. The study addressed the Computer Emergency Response Team (CERT) capacity among various actors ... -
Evaluering av NVEs veileder til sikkerhet i AMS : NVE-Veileder nr. 7/2012
Sæle, Hanne; Bartnes, Maria; Høverstad, Boye Annfelt; Jaatun, Martin Gilje (SINTEF Energi. Rapport;, Research report, 2017) -
Exploring the need for a CERT for the Norwegian Construction Sector
Skytterholm, Andrea Neverdal; Jaatun, Martin Gilje (Chapter, 2023)This paper presents an empirical study on the need for sector-specific CERT capacity in the Norwegian construction sector. Findings from the interviews demonstrate a need for developing competence in ICT security in this ... -
Five Things You Should Not Use Blockchain For
Jaatun, Martin Gilje; Haro, Peter; Frøystad, Christian (Chapter, 2020)The Bitcoin fever notwithstanding, the underlying blockchain technology cannot solve all data exchange and product needs, as some seem to believe. This paper provides examples of problems that we believe are poorly suited ... -
Fleksibel nettdrift : resultater fra piloter i FlexNett-prosjektet
Istad, Maren Kristine; Sæle, Hanne; Jaatun, Martin Gilje (SINTEF Rapport;, Research report, 2018)Denne rapporten er et resultat fra Flex-Nett-prosjektet (2015-2018)og oppsummerer resultatene fra demoer hos BKK Nett knyttet til fleksibel nettdrift. Oppdragsgiver: FlexNett-prosjektet -
A Framework Addressing Challenges in Cybersecurity Testing of IoT Ecosystems and Components
Taylor, Steve; Jaatun, Martin Gilje; McGibney, Alan; Seidl, Robert; Hrynchenko, Pavlo; Prosvirin, Dmytro; Mancilla, Rosella (Chapter, 2024)This paper describes challenges within IoT ecosystems from the perspective of cybersecurity testing along with a proposed approach to address them that will be investigated in a recently started Horizon Europe project named ... -
Identification of cyber threats and vulnerabilities in Norwegian distribution networks
Jaatun, Martin Gilje; Foros, Jørn; Istad, Maren Kristine (Chapter, 2024)This paper presents cyber threats and vulnerabilities in Norwegian power distribution networks identified from historical incidents and practical experiences over the last decade. -
IKT og sikkerhet i VA-sektoren: Hva kan gå galt?
Tøndel, Inger Anne; Jaatun, Martin Gilje; Røstum, Jon (Others, 2013)Bruk av IKT gir flere gevinster for VA-sektoren, i form av bedre oversikt og mer effektiv drift. Samtidig fører økt bruk av IKT til at sektoren må forholde seg til trusler også mot IKT-systemene. Denne artikkelen gir en ... -
Implications of Cyber Security to Safety Approval in Railway
Okstad, Eivind Halvard; Bains, Robert; Myklebust, Thor; Jaatun, Martin Gilje (Chapter; Peer reviewed, 2021)The railway domain has a justifiable preoccupation with safety, but less of a focus on cyber security. This could result in the risk of cyber security flaws in current railway systems being unacceptably high. However, in ... -
Implications of Cyber Security to Safety Approval in Railway
Okstad, Eivind Halvard; Bains, Robert; Myklebust, Thor; Jaatun, Martin Gilje (Chapter, 2021)The railway domain has a justifiable preoccupation with safety, but less of a focus on cyber security. This could result in the risk of cyber security flaws in current railway systems being unacceptably high. However, in ... -
Incident Response Management in the oil and gas industry
Jaatun, Martin Gilje; Johnsen, Stig Ole; Bartnes, Maria; Longva, Odd Helge; Tøndel, Inger Anne; Albrechtsen, Eirik; Wærø, Irene (, Research report, 2007)Incident Response is the process of responding to and handling ICT security related incidents involving infrastructure and data. This has traditionally been a reactive approach, focusing mainly on technical issues. Incident ... -
Interdependencies and Reliability in the Combined ICT and Power System: An overview of current research
Tøndel, Inger Anne; Foros, Jørn; Kilskar, Stine Skaufel; Hokstad, Per Richard; Jaatun, Martin Gilje (Journal article; Peer reviewed, 2017)The smart grid vision implies extensive use of ICT in the power system, enabling increased flexibility and functionality and thereby meeting future demands and strategic goals. Consequently, power system reliability will ... -
Learning From Software Security Testing
Tøndel, Inger Anne; Jaatun, Martin Gilje; Jensen, Jostein (Chapter, 2008)Software security testing tools and methodologies are presently abundant, and the question no longer seems to be ``if to test'' for security, but rather ``where and when to test'' and ``then what?''. In this paper we present ... -
Leverandørkjedesikkerhet - Relevante krav for nettselskapers innkjøpsprosesser
Jaatun, Martin Gilje; Sæle, Hanne (SINTEF Rapport;2023:00121, Research report, 2023)Denne rapporten presenterer resultater fra gjennomgang av tidligere NVE‐rapporter rundt temaet leverandørkjedesikkerhet, supplert med et litteratursøk blant nyere akademisk litteratur og diskusjoner med et lite utvalg av ... -
A Lightweight Measurement of Software Security Skills, Usage and Training Needs in Agile Teams
Oyetoyan, Tosin Daniel; Jaatun, Martin Gilje; Cruzes, Daniela Soares (Peer reviewed; Journal article, 2017)Although most organizations understand the need for application security at an abstract level, achieving adequate software security at the sharp end requires taking bold steps to address security practices within the ... -
A method for threat modelling of industrial control systems
Flå, Lars; Jaatun, Martin Gilje (Chapter, 2024)In this paper, we propose a new method for threat modelling of industrial control systems (ICS). The method is designed to be flexible and easy to use. Model elements inspired by IEC 62443 and Data Flow Diagrams (DFD) are ... -
Modenhetskartlegging av programvaresikkerhet i offentlige virksomheter
Jaatun, Martin Gilje; Tøndel, Inger Anne; Cruzes, Daniela Soares (Research report, 2015)Difi ønsker å få en kartlegging av modenhet knyttet til informasjonssikkerhet i utvikling og anskaffelser av IKT-løsninger i offentlig sektor. Denne rapporten beskriver resultatene fra en spørreundersøkelse knyttet til i ... -
Modenhetsmodell for innebygd sikkerhet (BSIMM). Måling av programvaresikkerhetsaktiviteter i utviklingsorganisasjoner
Jaatun, Martin Gilje (, Research report, 2016)Dette dokumentet inneholder norske oversettelser av aktivitetene beskrevet i Building Security In Maturity Model (BSIMM), lett omarbeidet fra bloggen http://infosec.sintef.no. Teksten er basert på BSIMM-V, men aktivitets ...