Caulfield, T;
Ilau, M-C;
Pym, D;
(2022)
Found in Translation: Co-design for Security Modelling.
In:
Socio-Technical Aspects in Security: 11th International Workshop, STAST 2021.
(pp. pp. 108-128).
ACM: Virtual Event.
Preview |
Text
STAST_Modelling_Paper.pdf - Accepted Version Download (421kB) | Preview |
Abstract
Background. In increasingly complex and dynamic environments, it is difficult to predict potential outcomes of security policies. Therefore, security managers (or other stakeholders) are often challenged with designing and implementing security policies without knowing the consequences for the organization. Aim. Modelling, as a tool for thinking, can help identify those consequences in advance as a way of managing decision-making risks and uncertainties. Our co-design approach aims to tackle the challenges of problem definition, data availability, and data collection associated with modelling behavioural and cultural aspects of security. Method. Our process of modelling co-design is a proposed solution to these challenges, in particular for models aiming to incorporate organizational security culture. We present a case study of a long-term study at Company A, where using the methods of participatory action research, humble inquiry, and thematic analysis, largely shaped our understanding of co-design. We reflect on the methodological advantages of co-design, as well as shortcomings. Result. Our methodology engages modellers and system stakeholders through a four-stage co-design process consisting of (1) observation and candidate data availability, (2) candidate model design, (3) interpretation of model consequences, and (4) interpretation of domain consequences. Conclusion. We have proposed a new methodology by integrating the concept of co-design into the classical modelling cycle and providing a rigorous methodology for the construction of models that captures the system and its behaviours accurately. We have also demonstrated what an attempt at co-design looks like in the real-world, and reflected upon necessary improvements.
| Type: | Proceedings paper |
|---|---|
| Title: | Found in Translation: Co-design for Security Modelling |
| Event: | 11th Workshop on Socio-Technical Aspects in Security |
| Location: | Darmstadt, Germany |
| Dates: | 8th October 2021 |
| Open access status: | An open access version is available from UCL Discovery |
| DOI: | 10.1007/978-3-031-10183-0_6 |
| Publisher version: | https://doi.org/10.1007/978-3-031-10183-0_6 |
| Language: | English |
| Additional information: | This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions. |
| UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science |
| URI: | https://discovery.ucl.ac.uk/id/eprint/10136726 |
Archive Staff Only
 |
View Item |
