Investigating Preferences in Graphical Risk Modeling

In a security analysis it is often helpful to draw diagrams to illustrate threat and risk scenarios. To ensure the effectiveness of such diagrams, it is essential that they are easily understood by people without training and experience in modeling and security analysis. In this report we present an empirical investigation of the risk modeling preferences among professionals and students in software engineering.The objective of the investigation was to identify the preferred way of refining an existing diagrammatic security risk modeling language without making it more difficult to understand. Our empirical investigation showed that mechanisms like size- and color coding used for conveying particular information in geographical models are less preferred by the subjects compared to textual information labels. The size or color of an element does not in general have any unique interpretation in a diagram, while textual information is more specific and self-explaining. The conclusion is that the subjects tend to prefer the representation where they get the most information without requiring them to interpret any additional graphical means. Oppdragsgiver: Norges Forskningsråd