The aim of the DIAMONDS project was to strengthen the ability of Norwegian companies to face the new security challenges posed by the future internet by transferring state-of-the-art security assessment techniques to the industry. In particular, we developed industrial guidelines and a supporting framework to help businesses find a balanced approach within the three-dimensional space of invested effort, security testing and risk analysis. Security testing is a widely used technique for assessment. It is one of the few techniques that can be used to gain confidence that a system (not just its specification) together with is environment (e.g., operating system, network, and legacy code) is secure. Security testing is particularly useful in light of the dynamic and evolving multi-domain of trust envisioned by the future internet where, for instance, end users are more and more empowered and therefore decide (often on the fly) on how content and services are shared and composed.
The challenge with security testing, however, is that only some aspects of a system can be tested. In response to this, we advocate the notion of risk-based testing. Its main idea is to use risk analysis to identify and prioritize those important parts of systems that need to be tested. One
of the key challenges of risk-based testing is to relate risk analysis results at a high-level of abstraction (e.g. business level) to test-cases at a low-level of abstraction (e.g. implementation level). A particular challenge addressed by the DIAMONDS project was how to relate risks and security test cases to facilitate assurance and maintenance in the multi-domain created by the fragmentation of trust boundaries as
envisioned the future internet.
In practice, security assessments are always constrained by cost and time. The effort available for doing a security assessment can vary a great deal depending on e.g. target of analysis and business process, yet effort is one of the most important factors for determining the scope, depth, and (aspects of) techniques used for the security assessment. Any general technique for security assessment which fails to take effort into account is not likely to be very practical. The technologies developed by the DIAMONDS project therefore have strong emphasis on effort-dependence.