Add to collection(s) Add to saved
  1. Business
  2. Management
  3. Project Management

Successful EU-projects for universities and Some key properties Ketil Stølen SINTEF ICT

advertisement 
Successful EU-projects for universities and
research institutes: Some key properties
Ketil Stølen
SINTEF ICT
University of Oslo
UiO October 5, 2005
ICT
My EU-project experiences
„ CORAS (IST-2000-25031)
„ 5th Framework EU project
„ Full title: A platform for risk analysis of security critical systems
„ iTrust (IST-2001-34910)
„ 5th Framework EU project
„ Full title: Working group on trust management in dynamic open
systems
„ TrustCoM (01945)
„ 6th Framework EU integrated project under priority IST-2002-
2.3.1.9 (Networked Businesses and Governments)
„ Full title: A trust and contract management framework enabling
secure collaborative business processing in on-demand created,
self-managed, scalable, and highly dynamic virtual organisations
ICT
CORAS basics
NORWAY
- SINTEF
- Telenor
- NCT
- IFE
- NR
UK
- QMUL
- CLRC
January 2001 -> July 2003
Budget 4,8 million EURO
Trials within e-commerce and
telemedicine
GERMANY
- Solinet
GREECE
- CTI
- Intracom
- FORTH
ICT
Challenges addressed by CORAS
„ How to deploy security technology correctly
„ The basic technology is there
„ The systems are nevertheless not secure
„ How to identify the right level of security
„ Not more security than required
„ How to ensure the specified level of security
„ How to handle security as an integrated part of system
development
„ Security should not be an add-on after the system has been
completed
ICT
System development and risk analysis
Requirements
Functionality
Risks
Vulnerability
User
Misuser
Use case diagram
Misuse case diagram
login
Unauthorised
login
registered
user
Customer database
misuser
Customer database
Complete use case diagram
registered
user
login
uauthorised
login
misuser
Customer database
ICT
Model-based risk assessment
Risk assessment
Graphical
models as
media for
communication
Precise input
at the right level
of abstraction
Model-based
risk assessment
Graphical
modeling
Documentation
of assessment
results and
assumptions
ICT
Interested in CORAS results?
„ Computerized tool and full methodology available as open
source (LGPL-license):
„ http://coras.sourceforge.net/
„ CORAS language for threat modelling standardized by
Object Management Group (OMG) as part of the UML
Profile for Modeling Quality of Service and Fault Tolerance
Characteristics and Mechanisms
ICT
Experiences
„ Applying for a project
„ Managing a project
„ Exploiting the results of a project
ICT
APPLYING: Quality of the consortium
„ Must have industrial technology providers, research
institutions and end users
„ The different partners should be assigned with relevant
tasks
„ Industrial project management preferred
„ Industrial involvement in exploitation required!
„ SMEs are preferred
„ May contradict potential impact
„ Respected academic partners is good
„ Many academics among the reviewers
„ Include figure to illustrate complementarity of partners
„ Also geographic spread is an issue
ICT
APPLYING: Potential impact
„ A clear added-value of running the project at the
European level? Strengthen competetiveness? Solving
societal problems?
„ Must have a good exploitation plan
„ Both academic (publications) and industrial (flyers, ...)
„ Influential player in the field appreciated
„ Standardisation or open source efforts may compensate
„ Should argue for importance of topic
„ Quotes from other sources stating the importance of the topic is
good
ICT
APPLYING: S&T excellence
„ Must have clearly defined objectives
„ Many unfocussed proposals
„ Good research method
„ Suitable to reach the objectives
„ Case studies are welcome
„ WP description consulted, but B1 is most important
„ Include a figure to illustrate method/dependencies between WPs
„ Must have state-of-the-art overview
„ Should argue that the consortium know and will use state-of-the-
art, and should point to areas where progress to state-of-the-art
will be made
„ Include references to own publications/products, expand in partner
presentation
ICT
APPLYING: Management
„ Difficult to evaluate
„ Almost everyone has a reasonable management structure
„ Project co-ordinator, technical co-ordinator, project board, WP
leaders, …
„ Include figure to illustrate!
„ Each partner should have some management resources
in the work plan
„ Not only prime
„ Experienced co-ordinators appreciated (include CVs!)
„ A plan for management of IPR, knowledge and innovationrelated activities is very much appreciated!
ICT
APPLYING: Additional advice
„
„
„
„
Write good English; keep one layout
Length constraints are not absolute
Include a table showing partner involvement per WP
Refer to your own work in S&T excellence, detail further in
the partner description sections
„ Include #employees in the partner descriptions
„ (if more than 15…)
„ If training is included: Specify clearly the target audience
„ Focus on developing new technology, not on applying new
technology in a new domain
ICT
MANAGEMENT: Overall
„ Maintain good relationship with the Commission
„ Make sure management is sufficiently funded
„ Consortium agreement is important
„ However: make sure the technical people are in control
„ Technical manager in addition to administrative manager
„ Make sure there is a steering committee of partner
representatives that are not involved in the technical work
„ Do not invent unnecessary rules and administration
ICT
MANAGEMENT: Technical
„ Person management just as important as technical
management
„ Identify the hidden agendas (each partner has one)
„ Don’t kick the dead bodies (unless you have to)
„ Face-to-face meetings important; as well as group-work
„ Plan the meetings carefully
„ Don’t be afraid of re-organising
„ Find the strong people and put them in key positions
„ Try to create enthusiasm
„ Paper writing important
„ Make use of a trial-driven research process
ICT
TRIAL based
Establishment
1st R&D Phase
inputs
3 rd R&D Phase
drives
used
Standards
2 nd R&D Phase
CORAS
Tools and
methodology
results
addresses
IT System
Organisational
Business
Context
Context
SYSTEMS
Business
Technical
Context
Context
Technical
Context
ICT
EXPLOITATION: General
„ Make sure you have you something concrete in the end;
e.g. a tool
„ Make sure the results are published
„ Don’t hide things away
„ Look for possibilities
„ Maintain your contacts
ICT
EXPLOITATION: How we continued
CORAS
„ iTrust (IST-2001-34910)
„ 5th Framework EU
„ Full title: Working group on trust management in dynamic open systems
„ SECURIS (152839/220)
„ Funded by the Research Council of Norway as a Competence Project with User-
Involvement
„ Full title: Model-driven development and analysis of secure information systems
„ TrustCoM (01945)
„ 6th Framework EU integrated project under priority IST-2002-2.3.1.9 (Networked
Businesses and Governments)
„ Full title: A trust and contract management framework enabling secure collaborative
business processing in on-demand created, self-managed, scalable, and highly
dynamic virtual organisations
„ ENFORCE (164382/V30)
„ Funded by the Research Council of Norway under the ICT SOS Research
programme
„ Full title: Tool supported methodology for the formalization, analysis and
enforcement of policies within trust managment
ICT
Conclusions
„ EU projects are challenging, but rewarding!
„ If you are a beginner, make sure you have some experienced people
in the team
„ Proposal writing is time-consuming: get involved only if you have to,
and, then be prepared to do it yourself
„ I’m not sure courses is the right thing
„ I had some sleepless nights, but CORAS went very well in the end
„ My current research group of 10+ people is funded on the CORAS
results
„ Look for possibilities; think positive
„ EU projects give you many possibilities
ICT
Related documents
School ICT Policy
School ICT Policy
ICT in Art and Design work
ICT in Art and Design work
IT Security Officer - Student Loans Company
IT Security Officer - Student Loans Company
COMMISSION ON HIGHER EDUCATION
COMMISSION ON HIGHER EDUCATION
Evolving ICT into Computing Secondary
Evolving ICT into Computing Secondary
Download
advertisement