We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.CY

Change to browse by:

References & Citations

DBLP - CS Bibliography

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Computers and Society

Title: SMART: a Technology Readiness Methodology in the Frame of the NIS Directive

Abstract: An ever shorter technology lifecycle engendered the need for assessing new technologies w.r.t. their market readiness. Knowing the Technology readiness level (TRL) of a given target technology proved to be useful to mitigate risks such as cost overrun, product roll out delays, or early launch failures. Originally developed for space programmes by NASA, TRL became a de facto standard among technology and manufacturing companies and even among research funding agencies. However, while TRL assessments provide a systematic evaluation process resulting in meaningful metric, they are one dimensional: they only answer the question if a technology can go into production. Hence they leave an inherent gap, i.e., if a technology fulfils requirements with a certain quality. This gap becomes intolerable when this metric is applied software such as technological cybersecurity measures. With legislation such as the General Data Protection Regulation4 (GDPR) and the Network and Information Systems Directive5 (NIS-D) making reference to state of the art when requiring appropriate protection measures, software designers are faced with the question how to measure if a technology is suitable to use. We argue that there is a potential mismatch of legal aim and technological reality which not only leads to a risk of non-compliance, but also might lead to weaker protected systems than possible. In that regard, we aim to address the gaps identified with existing Technology Readiness Assessment (TRA)s and aim to overcome these by developing standardised method which is suitable for assessing software w.r.t. its market readiness and quality (in sum maturity).
Comments: 1 figure
Subjects: Computers and Society (cs.CY); Social and Information Networks (cs.SI)
Cite as: arXiv:2201.00546 [cs.CY]
  (or arXiv:2201.00546v1 [cs.CY] for this version)

Submission history

From: Stefan Schiffner [view email]
[v1] Mon, 3 Jan 2022 09:31:59 GMT (3148kb,D)

Link back to: arXiv, form interface, contact.