Secure-NOK AS
The organisation
SecureNOK is an SME focusing on the security, privacy and economics of the Intelligent Transport Systems (ITS), Machine-2-Machine (M2M), Internet of Things (IoT) and petroleum (oil and gas) market segments. The company offers security investment tools and consultancy services, has developed a risk estimator for the O&G market and works on several projects within the M2M and IoT domains. SecureNOK is active in standardization bodies dealing with ITS, Next Generations Networks (NGN), M2M and IoT, specifically at the European Telecommunications Standards Institute ETSI (ETSI TB ITS; ETSI TB NGN, ETSI TB M2M). The company offers expertise within the following areas: security investment support, security decision support, risk estimation, security and privacy of Internet of Things (IoT) and M2M, identity management, privacy regulations, RFID, security requirements elicitation, security architecture and secure design.
Relevant skills/experience/technologies
SecureNOK has broad background within the Telecommunication and Intelligent Transport Systems domains, are active in standardization bodies (specifically the European Telecommunications Standards Institute ETSI), hold the vice chair of ETSI TISPAN WG7 (security group), have security investment expertise, as well as expertise and long background in risk assessment and management, business analysis and security standards. SNOK are also involved in expert groups on security and privacy of RFID and Smart GRID.
Role in the project
SecureNOK will lead WP7 on cross mission consolidation and the development of the SECONOMICS framework. The SECONOMICS framework will comprise a number of techniques, methods and models developed in the project and aggregated into a holistic SECONOMICS framework. SecureNOK will also provide expertise in business modelling to WP6, risk modelling and analysis to WP5 and critical infrastructure protection to the case study work packages.
Interest in project results
SecureNOK is specifically interested in the generalized version of the SECONOMICS framework and its tool support developed in WP8. SecureNOK is also interested in the risk and business modelling results of WPs 5 and 6.
Related Projects
SecureNOK is involved in a number of standardization projects of relevance, including the GRID and Intelligent Transport Systems (ITS) standardization work at ETSI. SecureNOK is involved in the privacy and security work for RFID responding to Mandate 436, security issues of M2M responding to Mandate 441 and security issues of Smart Grid responding to Mandate 460. In addition, the company has several smaller risk assessment projects related to critical infrastructure and a larger project developing a risk estimator for the Oil and Gas industry.
Key Personnel
Dr. Siv Hilde Houmb. Houmb is the director and a senior advisor in SecureNOK. Her research interests are in security trade-off analysis, security architecture, secure systems design and development, economical considerations of security, security decision support, risk assessment and security management. She received her Ph.D. from the University of Science and Technology (NTNU), Trondheim, Norway in 2007. Her PhD thesis was on decision support methodologies and techniques to choose among sets of security solutions for critical information systems. Chosen solutions must be able to balance contracted security levels, available resources, and end-user expectations while still fulfilling financial, project and development constraints. Dr. Houmb acts as a delegate in four standardization technical committees: ETSI TB TISPAN (Telecoms & Internet converged Services & Protocols for Advanced Networks (TISPAN)), ETSI TB IST (Intelligent Transport Systems), ETSI TB Cloud and ETSI TB M2M (Machine to Machine). She also works as a Special Task Force security expert at the Telecommunication standardization organization ETSI on security topics such as security assurance (Common Criteria), security requirements and architecture for IPTV, security and privacy concerns of RFID, secure and privacy preserving ITS messaging, and security aspects of the Next Generation Network (NGN) and Smart GRID.