The information security innovation programme researches and develops methods to manage, analyse and ensure the security of software-intensive systems. The central themes of the programme are as follows:
1) Software security assurance: Research and develop methods and tools which can be used in various phases of the software life cycle to assure that an adequate level of security has been reached. These methods and tools should be such their use can be cost efficiently integrated into the software development process.
2) Trustworthy platforms: Research and develop platforms and platform services on which secure applications and services can be developed.
3) Security monitoring and enforcement: Develop methods and tools for monitoring and enforcing the security of operational systems.
In addition to the above technology themes, as a cross-issue, methods and tools to analyse and manage information security risks are researched and developed. In connection with this work, threat and vulnerability analysis are also part of the research agenda.
The work is motivated by the vision that computing will be pervasive in the modern information society. Every conceivable activity or phenomenon will be transformed into an informational entity that can be memorised and acted upon. Thus, the secure functioning of the software-intensive systems processing these informational entities will be critical for the well-being of mankind and the peaceful development of society.
In the first stage the results of the programme will benefit the ICT industry, especially software development companies and manufacturers of software intensive systems.