EMFASE -- An Empirical Framework for Security Design and Economic Trade-off

Evaluation and validation methodologies are integral parts of Air Traffic Management (ATM). They are well understood for safety, environment and other Key Performance Areas, for which operational validation guidelines are well defined and widely used. In contrast, the effectiveness of risk assessment methods and practices for security, as well as their comparative evaluation is largely uncharted territory. There is limited information about the degree the practices and their corresponding activities provide security and whether or not they give return on investment. The "Empirical Framework for Security Design and Economics Trade-off" (EMFASE) project is investigating the above questions by applying different risk assessment methods on different application scenarios, such as the Remotely Operated Tower, and by evaluating them with respect to their performance, security impact, usability, and economy. In this paper we report the preliminary work carried out in EMFASE about the elicitation of a set of ATM relevant evaluation criteria for the comparison and assessment of the risk assessment methods under study and a brief description of the first set of experiments carried out.