IoTSec:T3.2

= changes = Note: Task 3.2 will first start after M12

Task 3.2 comprises the following subtasks:
 * The IoTSec eco system (IoTSec PhD NN1 + HIG researcher) - moved moved to T4.1
 * T3.2.1 - Conflicting Incentives Risk Analysis for IoT (IoTSec PhD NN1) - like: conflicting incentives, would rather prefer to call it Incentives and Usability for IoT Security
 * T3.2.2 - Impact assessment (IoTSec PostDoc NN1) - I would see impact assessment as an industrial activity rather than research

has subtask::T3.2.1 - Conflicting Incentives Risk Analysis for IoT
This task is build on the IoTSec ecosystem established in T4.1, and analyse the conflicting incentives.

Risk management of the interface between humans and technology in an IoT setting follows the CIRA privacy risk analysis from the PETweb II project (http://petweb2.projects.nislab.no) to the design of risk-based adaptive security and privacy.

Activities: Each scenario x (0 < x < 6) identified/constructed from T3.2.1 is addressed through the following list of activities:
 * T3.2.2.x.1 Identification and analysis of privacy, cyber, information security risks for scenarios identified in T3.2.1.
 * T.3.2.2.x.2 Mechanisms to modify the perceived incentive structures such as to align stakeholder interests will be developed and analysed. This task will develop a library of utility factors suitable for an IoT setting involving critical infrastructure. Furthermore, we will ...(missing text here)
 * T3.2.2.x.3 Identify and construct stakeholder archetypes and strategy taxonomies matching the smart grid operator requirements.

Results:
 * has result::Functional description of risk platform for IoT multi-operator (M12)
 * has result::A platform for cost effective risk analysis platform based on CIRA/PETweb II results, suitable for IoT critical infrastructure projects (M24)
 * has result::Risk analysis of the system to be used by the infrastructure operators in their decision making (M36)
 * 3. A completed PhD.

Partners: Lead HIG

Deliverables: One conference article for each of the key scenarios identified. One journal article. - Comment: what are the key scenarios?

has subtask::T3.2.2 - Impact assessment
Objective:
 * Provide estimates of the impact of IoTSec research results in economic terms in a micro economic business perspective.

Activities: Identification and analysis of issues that influence the impact of project results, including
 * 1) An analysis and mapping of economic (commercial, technological, social and regulatory) incentives to invest in security controls that improve the data integrity, privacy, and service resilience in IoT for smart grids.
 * 2) A cost-benefit analysis of smart grid technologies with respect to service resilience, security data integrity and privacy. A valuation of economic value of security measures with respect to data security and privacy at macro and micro levels.
 * 3) An assessment of existing financial instruments and development of novel financial instruments to incentivize investments in security in IoT for smart grids and to distribute the risk among the stakeholders.

Results:
 * has result::A projection of the impact of technological project results, expressed in economic terms (M24)

Partners:
 * Lead HIG, NCE, ESmart Systems.

Deliverables:
 * 3 technical reports,
 * 3 conference articles.

= Discussion =
 * How to we note the deliverables?...
 * Looks like that we have a miss-match between "amount of work" and number of deliverables, T3.2.1 versus T3.2.2