Report on ESUMS Risk Analysis
MetadataShow full item record
Original versionSINTEF Rapport A23344, 49 p. SINTEF, 2012
This report documents the results of the first case study in the FRISK project, namely a risk analysis. The target of analysis is the ESUMS (Enhanced Sustained Use Monitoring System) prototype system and services for remote patient monitoring. The risk analysis was conducted using the CORAS framework for model-driven risk analysis over a timespan of 10 weeks, and included six workshops. The analysis team consisted of five people, including one analysis leader and two experts in the ESUMS domain. The risk analysis focused on security needs of stakeholders, addressing properties such as confidentiality, integrity and availability of critical information, as well as privacy and data protection. In addition to this, the analysis considered compliance with data protection laws and regulations, as well as service provisioning, i.e. the ability of the system and the service provider to maintain the expected level of service.