Results and Future Research
The TREsPASS project ended in October 2016 after four productive years, and had its successful final review in January 2017. The project resulted in a large number of publications and deliverables, tools, and of course some future research directions.
Please note that not all results, especially tools, are available online yet, since they undergo clearing at the responsible partners. To be notified as tools become available, please subscribe to our newsletter.
Publications and Deliverables
A series of 3 books provides an excellent overview of the results of the TREsPASS project:
- Book 1 provides the project context to the TREsPASS Summer School and introduces the TREsPASS visualisation approach - in particular our approach to gathering data on social aspects of risk (the topic of the Summer School).
- Book 2 presents the Summer School talks.
- Book 3 explains the underpinning philosophy of the engagement process used at the Summer School and how we have developed this process during the TREsPASS project.
The main training activity developed by the TREsPASS project is the engagement process described in Book 3 of the series mentioned above. The material to be used in a specific setting will depend on the context, but the principles developed should be applicable.
The source code for tools developed within the TREsPASS project is available from github.
Executables can be accessed through the TREsPASS Tools platform or through a virtual machine available from https://github.com/itrust-consulting/trespass-vm. Deliverable D6.4.3 describes the process for obtaining access to the TRESPASS platform and user interface as wellas installation information for the vm image.
Please note that some tools still undergo clearing at the responsible partners. As more tools become available, notfications will be sent via the project's newsletter.
Future Research Directions
Of course even a four year project can only provide answers to some questions. The tools and analyses developed in the TREsPASS project form an excellent basis for future research. Below we discuss some directions how to extend the project results.
The TREsPASS attack navigator depends to a large part on the availability of data, the socio-technical security model, and the identified attacks. Future research should investigate the connection between model components and their properties, and properties of attacks. Data models, describing relation and dependencies between actors, actions, and assets, could be one way to model and understand the influence of countermeasures on the modelled organisation, and vice versa.
To explore these relations, it would be interesting to integrate the model-based approach with a data-driven (statistical) approach, where both the quantitative data as well as parts of the structural attack tree are learnt automatically by data analysis. Also a further integration of the various modalities (probability, real and stochastic time) into a unified framework, including the required analysis, or a systematic exploration of game semantics and game strategy resolution algorithms for analysis and optimisation of security models, are expected to lead to interesting insights. Through a further integration of security analysis through attack trees into other aspects of reliability engineering, such as safety analysis and maintenance strategies, one could then obtain a full picture of risks and costs of sociotechnical systems.
To extend the amount of interaction and understand their impact, it is an interesting area to look into further development of the creative securities approach in order to extend the capabilities of the physical modelling techniques and integrate them further into security practices. Contributing to this understanding would also be the theoretical exploration of the connections between ontological and technological security. Finally, to link the analysis and the data collection phases, it is interesting to develop the analytical techniques used in association with creative security data gathering processes.
From a process point of view, the main follow-up research activities involve integrating TREsPASS-like tools and methodology into real risk assessment frameworks and projects. As the results of TREsPASS are extensive, there is ample opportunity for these activities, which are expected to give feedback for future evolvement of tools and processes for analytic risk assessment. Several TREsPASS partners (especially industrial ones) will continue applying TREsPASS concepts and toolchains in their work.