Skip to Main Content
Despite a long standing need to incorporate human factors into security risk analysis, taking a balanced approach to analysing security and usability concerns remains a challenge. Balancing security and usability is difficult due to human biases in security perception, and managing the sheer volume of data arising from risk and task analysis. This paper presents an approach for qualitatively and quantitively analysing and visualising the results of risk and task analysis. We demonstrate this approach using a realistic example, and we discuss how these techniques fit within the larger context of secure systems design.