Institutt for informasjons- og medievitenskap


There has not been added a translated version of this content. You can either try searching or go to the "area" home page to see if you can find the information there

Christian Raspotnig

Christian Raspotnig is conducting research on how safety and security can be modeled in the early requirements activities in the development of information systems. This is done in ReqSec project, which is a joint project between the University of Bergen and the Norwegian University of Science and Technology financed by the Norwegian Research Council.

The work of the Christian is based on existing modeling techniques from the early phases of the development life cycle and investigates how these can be further developed and specialized to security and safety. This is evaluated with industrial partners within the air traffic management industry, exploring how new modeling techniques can enhance or replace existing parts of the mandatory safety and security analyzes.


Traditional techniques for analyzing the safety of information systems during development are mainly based on using models of the system as input, but there are few techniques that model how the system can fail and thus lead to hazardous situations. The techniques that do model this do only offer a loose relation back to the models of the system. Within the security domain however there is a trend that one do not only model the system to be develop, but also the system's vulnerabilities, how this can be exploited in an attack and what steps that can mitigate this. Christian's part of ReqSec project also looks at similarities and differences between the safety and security fields in terms of what these two fields can learn from each other. The outcome of this work is a new modeling method, which combines safety and safety aspects in the development of information systems.