Endre søk
Begrens søket
12 1 - 50 of 69
RefereraExporteraLink til resultatlisten
Permanent link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Treff pr side
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sortering
  • Standard (Relevans)
  • Forfatter A-Ø
  • Forfatter Ø-A
  • Tittel A-Ø
  • Tittel Ø-A
  • Type publikasjon A-Ø
  • Type publikasjon Ø-A
  • Eldste først
  • Nyeste først
  • Skapad (Eldste først)
  • Skapad (Nyeste først)
  • Senast uppdaterad (Eldste først)
  • Senast uppdaterad (Nyeste først)
  • Disputationsdatum (tidligste først)
  • Disputationsdatum (siste først)
  • Standard (Relevans)
  • Forfatter A-Ø
  • Forfatter Ø-A
  • Tittel A-Ø
  • Tittel Ø-A
  • Type publikasjon A-Ø
  • Type publikasjon Ø-A
  • Eldste først
  • Nyeste først
  • Skapad (Eldste først)
  • Skapad (Nyeste først)
  • Senast uppdaterad (Eldste først)
  • Senast uppdaterad (Nyeste først)
  • Disputationsdatum (tidligste først)
  • Disputationsdatum (siste først)
Merk
Maxantalet träffar du kan exportera från sökgränssnittet är 250. Vid större uttag använd dig av utsökningar.
  • 1.
    Andreasson, Annika
    et al.
    KTH Royal Institute of Technology, Sweden.
    Artman, Henrik
    KTH Royal Institute of Technology, Sweden.
    Brynielsson, Joel
    KTH Royal Institute of Technology, Sweden.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system.
    A Census of Swedish Government Administrative Authority Employee Communications on Cybersecurity during the COVID-19 Pandemic2020Inngår i: 2020 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM), IEEE, 2020Konferansepaper (Fagfellevurdert)
    Abstract [en]

    Cybersecurity is the backbone of a successful digitalization of society, and cyber situation awareness is an essential aspect of managing it. The COVID-19 pandemic has sped up an already ongoing digitalization of Swedish government agencies, but the cybersecurity maturity level varies across agencies. In this study, we conduct a census of Swedish government administrative authority communications on cybersecurity to employees at the beginning of the COVID-19 pandemic. The census shows that the employee communications in the beginning of the pandemic to a greater extent have focused on first-order risks, such as video meetings and telecommuting, rather than on second-order risks, such as invoice fraud or social engineering. We also find that almost two thirds of the administrative authorities have not yet implemented, but only initiated or documented, their cybersecurity policies.

  • 2.
    Axelsson, Jakob
    et al.
    RISE - Research Institutes of Sweden, ICT, SICS.
    Franke, Ulrik
    RISE - Research Institutes of Sweden, ICT, SICS.
    Carlson, Jan
    Mälardalen University, Sweden.
    Sentilles, Severine
    Mälardalen University, Sweden.
    Cicchetti, Antonio
    Mälardalen University, Sweden.
    Towards the architecture of a decision support ecosystem for system component selection2017Inngår i: 11th Annual IEEE International Systems Conference, SysCon 2017 - Proceedings, 2017Konferansepaper (Fagfellevurdert)
    Abstract [en]

    When developing complex software-intensive systems, it is nowadays common practice to base the solution partly on existing software components. Selecting which components to use becomes a critical decision in development, but it is currently not well supported through methods and tools. This paper discusses how a decision support system for this problem could benefit from a software ecosystem approach, where participants share knowledge across organizations both through reuse of analysis models, and through partially disclosed past decision cases. We show how the ecosystem architecture becomes fundamental to deal with efficient knowledge sharing, while respecting constraints on integrity of intellectual property. A concrete architecture proposal is outlined, which is a web-based distributed system-of-systems. Experiences of a proof-of-concept implementation are also described.

  • 3.
    Badampudi, Deepika
    et al.
    Blekinge Institute of Technology, Sweden.
    Wnuk, Krzysztof
    Blekinge Institute of Technology, Sweden.
    Wohlin, Claes
    Blekinge Institute of Technology, Sweden.
    Franke, Ulrik
    RISE - Research Institutes of Sweden, ICT, SICS.
    Smite, Darja
    Blekinge Institute of Technology, Sweden.
    Cicchetti, Antonio
    Mälardalen University, Sweden.
    A decision-making process-line for selection of software asset origins and components2018Inngår i: Journal of Systems and Software, ISSN 0164-1212, E-ISSN 1873-1228, Vol. 135, nr January, s. 88-104Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    Selecting sourcing options for software assets and components is an important process that helps companies to gain and keep their competitive advantage. The sourcing options include: in-house, COTS, open source and outsourcing. The objective of this paper is to further refine, extend and validate a solution presented in our previous work. The refinement includes a set of decision-making activities, which are described in the form of a process-line that can be used by decision-makers to build their specific decision-making process. We conducted five case studies in three companies to validate the coverage of the set of decision-making activities. The solution in our previous work was validated in two cases in the first two companies. In the validation, it was observed that no activity in the proposed set was perceived to be missing, although not all activities were conducted and the activities that were conducted were not executed in a specific order. Therefore, the refinement of the solution into a process-line approach increases the flexibility and hence it is better in capturing the differences in the decision-making processes observed in the case studies. The applicability of the process-line was then validated in three case studies in a third company

  • 4.
    Bahsi, Hayretdin
    et al.
    Tallinn University of Technology, Estonia.
    Franke, Ulrik
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS.
    Langfeldt Friberg, Even
    Tallinn University of Technology, Estonia.
    The cyber-insurance market in Norway2019Inngår i: Information and Computer Security, E-ISSN 2056-4961, Vol. 28, nr 1, s. 54-67Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    Purpose

    This paper aims to describe the cyber-insurance market in Norway but offers conclusions that are interesting to a wider audience.

    Design/methodology/approach

    The study is based on semi-structured interviews with supply-side actors: six general insurance companies, one marine insurance company and two insurance intermediaries.

    Findings

    The Norwegian cyber-insurance market supply-side has grown significantly in the past two years. The General Data Protection Regulation (GDPR) is found to have had a modest effect on the market so far but has been used by the supply-side as an icebreaker to discuss cyber-insurance with customers. The NIS Directive has had little or no impact on the Norwegian cyber-insurance market until now. Informants also indicate that Norway is still the least mature of the four Nordic markets.

    Practical implications

    Some policy lessons for different stakeholders are identified.

    Originality/value

    Empirical investigation of cyber-insurance is still rare, and the paper offers original insights on market composition and actor motivations, ambiguity of coverage, the NIS Directive and GDPR.

    Fulltekst (pdf)
    fulltext
  • 5.
    Barreto, Carlos
    et al.
    KTH Royal Institute of Technology, Sweden.
    Reinert, Olof
    Umeå University, Sweden; Länsförsäkringar, Sweden.
    Wiesinger, Tobias
    Umeå University, Sweden; Länsförsäkringar, Sweden.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system. KTH Royal Institute of Technology, Sweden.
    Duopoly insurers’ incentives for data quality under a mandatory cyber data sharing regime2023Inngår i: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 131, artikkel-id 103292Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    We study the impact of data sharing policies on cyber insurance markets. These policies have been proposed to address the scarcity of data about cyber threats, which is essential to manage cyber risks. We propose a Cournot duopoly competition model in which two insurers choose the number of policies they offer (i.e., their production level) and also the resources they invest to ensure the quality of data regarding the cost of claims (i.e., the data quality of their production cost). We find that enacting mandatory data sharing sometimes creates situations in which at most one of the two insurers invests in data quality, whereas both insurers would invest when information sharing is not mandatory. This raises concerns about the merits of making data sharing mandatory. 

  • 6.
    Besker, Terese
    et al.
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system. KTH Royal Institute of Technology, Sweden.
    Axelsson, Jakob
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system. Mälardalen University, Sweden.
    Navigating the Cyber-Security Risks and Economics of System-of-Systems2023Inngår i: 2023 18th Annual System of Systems Engineering Conference, SoSe 2023, Institute of Electrical and Electronics Engineers Inc. , 2023Konferansepaper (Fagfellevurdert)
    Abstract [en]

    Cybersecurity is an important concern in systems-of-systems (SoS), where the effects of cyber incidents, whether deliberate attacks or unintentional mistakes, can propagate from an individual constituent system (CS) throughout the entire SoS. Unfortunately, the security of an SoS cannot be guaranteed by separately addressing the security of each CS. Security must also be addressed at the SoS level. This paper reviews some of the most prominent cybersecurity risks within the SoS research field and combines this with the cyber and information security economics perspective. This sets the scene for a structured assessment of how various cyber risks can be addressed in different SoS architectures. More precisely, the paper discusses the effectiveness and appropriateness of five cybersecurity policy options in each of the four assessed SoS archetypes and concludes that cybersecurity risks should be addressed using both traditional design-focused and more novel policy-oriented tools. 

  • 7.
    Birgersson, Marcus
    et al.
    Chalmers University of Technology, Sweden; ICore Solutions, Sweden.
    Hansson, Gustav
    Chalmers University of Technology, Sweden; ICore Solutions, Sweden.
    Franke, Ulrik
    RISE., Swedish ICT, SICS, Software and Systems Engineering Laboratory.
    Data Integration Using Machine Learning2016Inngår i: 2016 IEEE 20th International Enterprise Distributed Object Computing Workshop (EDOCW), 2016, s. 313-322, artikkel-id 7584357Konferansepaper (Fagfellevurdert)
    Abstract [en]

    Today, enterprise integration and cross-enterprise collaboration is becoming evermore important. The Internet of things, digitization and globalization are pushing continuous growth in the integration market. However, setting up integration systems today is still largely a manual endeavor. Most probably, future integration will need to leverage more automation in order to keep up with demand. This paper presents a first version of a system that uses tools from artificial intelligence and machine learning to ease the integration of information systems, aiming to automate parts of it. Three models are presented and evaluated for precision and recall using data from real, past, integration projects. The results show that it is possible to obtain F0.5 scores in the order of 80% for models trained on a particular kind of data, and in the order of 60%-70% for less specific models trained on a several kinds of data. Such models would be valuable enablers for integration brokers to keep up with demand, and obtain a competitive advantage. Future work includes fusing the results from the different models, and enabling continuous learning from an operational production system.

  • 8.
    Borg, Markus
    et al.
    RISE - Research Institutes of Sweden, ICT, SICS.
    Olsson, Thomas
    RISE - Research Institutes of Sweden, ICT, SICS.
    Franke, Ulrik
    RISE - Research Institutes of Sweden, ICT, SICS.
    Assar, Saïd
    IMT Business School, France.
    Digitalization of Swedish Government Agencies: A Perspective Through the Lens of a Software Development Census2018Inngår i: Proceedings of the 40th International Conference on Software Engineering: Software Engineering in Society, 2018, s. 37-46Konferansepaper (Fagfellevurdert)
    Abstract [en]

    Software engineering is at the core of the digitalization of society. Ill-informed decisions can have major consequences, as made evident in the 2017 government crisis in Sweden, originating in a data breach caused by an outsourcing deal made by the Swedish Transport Agency. Many Government Agencies (GovAgs) in Sweden are rapidly undergoing a digital transition, thus it is important to overview how widespread, and mature, software development is in this part of the public sector. We present a software development census of Swedish GovAgs, complemented by document analysis and a survey. We show that 39.2% of the GovAgs develop software internally, some matching the number of developers in large companies. Our findings suggest that the development largely resembles private sector counterparts, and that established best practices are implemented. Still, we identify improvement potential in the areas of strategic sourcing, openness, collaboration across GovAgs, and quality requirements. The Swedish Government has announced the establishment of a new digitalization agency next year, and our hope is that the software engineering community will contribute its expertise with a clear voice.

    Fulltekst (pdf)
    fulltext
  • 9.
    Borg, Markus
    et al.
    RISE - Research Institutes of Sweden, ICT, SICS.
    Olsson, Thomas
    RISE - Research Institutes of Sweden, ICT, SICS.
    Franke, Ulrik
    RISE - Research Institutes of Sweden, ICT, SICS.
    Assar, Saïd
    IMT Business School, Sweden.
    Digitalization of Swedish Government Agencies: Detailed Census Description and Analysis2018Rapport (Annet vitenskapelig)
    Abstract [en]

    Software engineering is at the core of the digitalization of society. Ill-informed decisions can have major consequences, as made evident in the 2017 government crisis in Sweden, originating in a data breach caused by an outsourcing deal made by the Swedish Transport Agency. Many Government Agencies (GovAgs) in Sweden are rapidly undergoing a digital transition, thus it is important to overview how widespread, and mature, software development is in this part of the public sector. We present a software development census of Swedish GovAgs, complemented by document analysis and a survey. We show that 39.2% of the GovAgs develop software internally, some matching the number of developers in large companies. Our findings suggest that the development largely resembles private sector counterparts, and that established best practices are implemented. Still, we identify improvement potential in the areas of strategic sourcing, openness, collaboration across GovAgs, and quality requirements. The Swedish Government has announced the establishment of a new digitalization agency next year, and our hope is that the software engineering community will contribute its expertise with a clear voice.

    Fulltekst (pdf)
    fulltext
  • 10.
    Borg, Markus
    et al.
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system.
    Wernberg, Joakim
    Swedish Entrepreneurship Forum, Sweden.
    Olsson, Thomas
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system.
    Andersson, Martin
    Blekinge Institute of Technology, Sweden.
    Illuminating a Blind Spot in Digitalization - Software Development in Sweden’s Private and Public Sector2020Inngår i: Proceedings of the IEEE/ACM 42nd International Conference on Software Engineering Workshops, Association for Computing Machinery , 2020, s. 299-302Konferansepaper (Fagfellevurdert)
    Abstract [en]

    As Netscape co-founder Marc Andreessen famously remarked in 2011, software is eating the world – becoming a pervasive invisible critical infrastructure. Data on the distribution of software use and development in society is scarce, but we compile results from two novel surveys to provide a fuller picture of the role software plays in the public and private sectors in Sweden, respectively. Three out of ten Swedish firms, across industry sectors, develop software in-house. The corresponding figure for Sweden’s government agencies is four out of ten, i.e., the public sector should not be underestimated. The digitalization of society will continue, thus the demand for software developers will further increase. Many private firms report that the limited supply of software developers in Sweden is directly affecting their expansion plans. Based on our findings, we outline directions that need additional research to allow evidence-informed policy-making. We argue that such work should ideally be conducted by academic researchers and national statistics agencies in collaboration.

  • 11.
    Brynielsson, Joel
    et al.
    KTH Royal Institute of Technology, Sweden.
    Franke, Ulrik
    RISE., Swedish ICT, SICS, Software and Systems Engineering Laboratory.
    Adnan Tariq, Muhammad
    KTH Royal Institute of Technology, Sweden.
    Varga, Stefan
    KTH Royal Institute of Technology, Sweden.
    Using cyber defense exercises to obtain additional data for attacker profiling2016Inngår i: 2016 IEEE Conference on Intelligence and Security Informatics (ISI), 2016, s. 37-42Konferansepaper (Fagfellevurdert)
    Abstract [en]

    In order to be able to successfully defend an IT system it is useful to have an accurate appreciation of the cyber threat that goes beyond stereotypes. To effectively counter potentially decisive and skilled attackers it is necessary to understand, or at least model, their behavior. Although the real motives for untraceable anonymous attackers will remain a mystery, a thorough understanding of their observable actions can still help to create well-founded attacker profiles that can be used to design effective countermeasures and in other ways enhance cyber defense efforts. In recent work empirically founded attacker profiles, so-called attacker personas, have been used to assess the overall threat situation for an organization. In this paper we elaborate on 1) the use of attacker personas as a technique for attacker profiling, 2) the design of tailor-made cyber defense exercises for the purpose of obtaining the necessary empirical data for the construction of such attacker personas, and 3) how attacker personas can be used for enhancing the situational awareness within the cyber domain. The paper concludes by discussing the possibilities and limitations of using cyber defense exercises for data gathering, and what can and cannot be studied in such exercises.

  • 12.
    Dexe, Jacob
    et al.
    RISE Research Institutes of Sweden, Digitala system, Prototypande samhälle. KTH Royal Institute of Technology, Sweden.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system. KTH Royal Institute of Technology, Sweden.
    Nordic lights? National AI policies for doing well by doing good2020Inngår i: Journal of Cyber Policy, ISSN 2373-8871, Vol. 5, s. 332-349Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    Getting ahead on the global stage of AI technologies requires vast resources or novel approaches. The Nordic countries have tried to find a novel path, claiming that responsible and ethical AI is not only morally right but confers a competitive advantage. In this article, eight official AI policy documents from Denmark, Finland, Norway and Sweden are analysed according to the AI4People taxonomy, which proposes five ethical principles for AI: beneficence, non-maleficence, autonomy, justice and explicability. The principles are described in terms such as growth, innovation, efficiency gains, cybersecurity, malicious use or misuse of AI systems, data use, effects on labour markets, and regulatory environments. The authors also analyse how the strategies describe the link between ethical principles and a competitive advantage, and what measures are proposed to facilitate that link. Links such as a first-mover advantage and measures such as influencing international standards and regulations are identified. The article concludes by showing that while ethical principles are present, neither the ethical principles nor the links and measures are made explicit in the policy documents.

  • 13.
    Dexe, Jacob
    et al.
    RISE Research Institutes of Sweden, Digitala system, Prototypande samhälle. KTH Royal Institute of Technology, Sweden.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system. KTH Royal Institute of Technology, Sweden.
    Nordic lights? National AI policies for doing well by doing good2020Inngår i: Journal of Cyber Policy, ISSN 2373-8871, Vol. 5, nr 3, s. 332-349Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    Getting ahead on the global stage of AI technologies requires vast resources or novel approaches. The Nordic countries have tried to find a novel path, claiming that responsible and ethical AI is not only morally right but confers a competitive advantage. In this article, eight official AI policy documents from Denmark, Finland, Norway and Sweden are analysed according to the AI4People taxonomy, which proposes five ethical principles for AI: beneficence, non-maleficence, autonomy, justice and explicability. The principles are described in terms such as growth, innovation, efficiency gains, cybersecurity, malicious use or misuse of AI systems, data use, effects on labour markets, and regulatory environments. The authors also analyse how the strategies describe the link between ethical principles and a competitive advantage, and what measures are proposed to facilitate that link. Links such as a first-mover advantage and measures such as influencing international standards and regulations are identified. The article concludes by showing that while ethical principles are present, neither the ethical principles nor the links and measures are made explicit in the policy documents.

    Fulltekst (pdf)
    fulltext
  • 14.
    Dexe, Jacob
    et al.
    RISE Research Institutes of Sweden, Digitala system, Prototypande samhälle. KTH Royal Institute of Technology, Sweden.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system. KTH Royal Institute of Technology, Sweden.
    Nöu, Anneli Avatare
    RISE Research Institutes of Sweden, Digitala system, Prototypande samhälle.
    Rad, Alexander
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system.
    Towards increased transparency with value sensitive design2020Inngår i: Lect. Notes Comput. Sci. volume 12217, Springer , 2020, Vol. 12217, s. 3-15Konferansepaper (Fagfellevurdert)
    Abstract [en]

    In the past few years, the ethics and transparency of AI and other digital systems have received much attention. There is a vivid discussion on explainable AI, both among practitioners and in academia, with contributions from diverse fields such as computer science, human-computer interaction, law, and philosophy. Using the Value Sensitive Design (VSD) method as a point of departure, this paper explores how VSD can be used in the context of transparency. More precisely, it is investigated (i) if the VSD Envisioning Cards facilitate transparency as a pro-ethical condition, (ii) if they can be improved to realize ethical principles through transparency, and (iii) if they can be adapted to facilitate reflection on ethical principles in large groups. The research questions are addressed through a two-fold case study, combining one case where a larger audience participated in a reduced version of VSD with another case where a smaller audience participated in a more traditional VSD workshop. It is concluded that while the Envisioning Cards are effective in promoting ethical reflection in general, the realization of ethical values through transparency is not always similarly promoted. Therefore, it is proposed that a transparency card be added to the Envisioning Card deck. It is also concluded that a lightweight version of VSD seems useful in engaging larger audiences. The paper is concluded with some suggestions for future work. © Springer Nature Switzerland AG 2020.

  • 15.
    Dexe, Jacob
    et al.
    RISE Research Institutes of Sweden, Digitala system, Prototypande samhälle.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system.
    Rad, Alexander
    RISE Research Institutes of Sweden.
    Transparency and insurance professionals: a study of Swedish insurance practice attitudes and future development.2021Inngår i: Geneva papers on risk and insurance. Issues and practice, ISSN 1018-5895, E-ISSN 1468-0440, Vol. 46, s. 547-572Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    The insurance industry is being challenged by increased adoption of automated decision-making. AI advances could conceivably automate everything: marketing, customer service, underwriting and claims management alike. However, such automation challenges consumer trust, as there is considerable public and scholarly debate over the 'black box' character of many algorithms. Insurance being a business of trust, this suggests a dilemma. One suggested solution involves adopting algorithms in a transparent manner. This article reports a study of how Swedish insurers deal with this dilemma, based on (i) eight interviews with insurance professionals representing four companies with a joint market share of 45-50% of the Swedish property insurance market and (ii) a questionnaire answered by 71 professionals in a Swedish insurance company. The results show that while transparency is seen as potentially valuable, most Swedish insurers do not use it to gain a competitive advantage or identify clear limits to transparency and are not using AI extensively.

  • 16.
    Dexe, Jacob
    et al.
    RISE Research Institutes of Sweden, Digitala system, Prototypande samhälle.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system.
    Rad, Alexander
    RISE Research Institutes of Sweden.
    Transparency and insurance professionals: a study of Swedish insurance practice attitudes and future development2021Inngår i: Geneva papers on risk and insurance. Issues and practice, ISSN 1018-5895, E-ISSN 1468-0440, Vol. 46, nr 4, s. 547-572Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    The insurance industry is being challenged by increased adoption of automated decision-making. AI advances could conceivably automate everything: marketing, customer service, underwriting and claims management alike. However, such automation challenges consumer trust, as there is considerable public and scholarly debate over the ‘black box’ character of many algorithms. Insurance being a business of trust, this suggests a dilemma. One suggested solution involves adopting algorithms in a transparent manner. This article reports a study of how Swedish insurers deal with this dilemma, based on (i) eight interviews with insurance professionals representing four companies with a joint market share of 45–50% of the Swedish property insurance market and (ii) a questionnaire answered by 71 professionals in a Swedish insurance company. The results show that while transparency is seen as potentially valuable, most Swedish insurers do not use it to gain a competitive advantage or identify clear limits to transparency and are not using AI extensively.

  • 17.
    Dexe, Jacob
    et al.
    RISE Research Institutes of Sweden, Digitala system, Prototypande samhälle. KTH Royal Institute of Technology, Sweden.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system. KTH Royal Institute of Technology, Sweden.
    Söderlund, Kasia
    Lund University, Sweden.
    van Berkel, Niels
    Aalborg University, Denmark.
    Jensen, Rikke Hagensby
    Aalborg University, Denmark.
    Lepinkäinen, Nea
    University of Turku, Finland.
    Vaiste, Juho
    University of Turku, Finland.
    Explaining automated decision-making: a multinational study of the GDPR right to meaningful information2022Inngår i: Geneva papers on risk and insurance. Issues and practice, ISSN 1018-5895, E-ISSN 1468-0440, Vol. 47, nr 3, s. 669-697Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    The General Data Protection Regulation (GDPR) establishes a right for individuals to get access to information about automated decision-making based on their personal data. However, the application of this right comes with caveats. This paper investigates how European insurance companies have navigated these obstacles. By recruiting volunteering insurance customers, requests for information about how insurance premiums are set were sent to 26 insurance companies in Denmark, Finland, The Netherlands, Poland and Sweden. Findings illustrate the practice of responding to GDPR information requests and the paper identifies possible explanations for shortcomings and omissions in the responses. The paper also adds to existing research by showing how the wordings in the different language versions of the GDPR could lead to different interpretations. Finally, the paper discusses what can reasonably be expected from explanations in consumer oriented information.

    Fulltekst (pdf)
    fulltext
  • 18.
    Dexe, Jacob
    et al.
    RISE Research Institutes of Sweden, Digitala system, Prototypande samhälle. KTH Royal Institute of Technology, Sweden.
    Ledendal, Jonas
    Lund University, Sweden.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system. KTH Royal Institute of Technology, Sweden.
    An Empirical Investigation of the Right to Explanation Under GDPR in Insurance2020Inngår i: 17th International Conference on Trust, Privacy and Security in Digital Business, TrustBus 2020 (Part of the Lecture Notes in Computer Science book series (LNCS, volume 12395)), Springer Science and Business Media Deutschland GmbH , 2020, s. 125-139Konferansepaper (Fagfellevurdert)
    Abstract [en]

    The GDPR aims at strengthening the rights of data subjects and to build trust in the digital single market. This is manifested by the introduction of a new principle of transparency. It is, however, not obvious what this means in practice: What kind of answers can be expected to GDPR requests citing the right to “meaningful information”? This is the question addressed in this article. Seven insurance companies, representing 90–95% of the Swedish home insurance market, were asked by consumers to disclose information about how premiums are set. Results are presented first giving descriptive statistics, then characterizing the pricing information given, and lastly describing the procedural information offered by insurers as part of their answers. Overall, several different approaches to answering the request can be discerned, including different uses of examples, lists, descriptions of logic, legal basis as well as data related to the process of answering the requests. Results are analyzed in light of GDPR requirements. A number of potential improvements are identified—at least three responses are likely to fail the undue delay requirement. The article is concluded with a discussion about future work.

  • 19.
    Fazlollahi, Ariyan
    et al.
    KTH Royal Institute of Technology, Sweden.
    Franke, Ulrik
    RISE - Research Institutes of Sweden, ICT, SICS. KTH Royal Institute of Technology, Sweden.
    Measuring the impact of enterprise integration on firm performance using data envelopment analysis2018Inngår i: International Journal of Production Economics, ISSN 0925-5273, E-ISSN 1873-7579, Vol. 200, s. 119-129Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    Today, with rapidly developing technology and changing business models, organizations face rapid changes in both internal and external environments. To be able to rapidly respond to such changing environments, integration of software systems has become a top priority for many organizations. However, despite extensive use of software systems integration, quantitative methods for estimating the business value of such integrations are still missing. Using Data Envelopment Analysis (DEA) and the microeconomic concept of marginal rates, this study proposes a method for quantifying the effects of enterprise integration on the firm performance. In the paper, we explain how DEA can be used to evaluate the marginal benefits of enterprise integration. Our proposed method is to measure and compare the productive efficiency of firms using enterprise integration, specifically by relating the benefits produced to the resources consumed in the process. The method is illustrated on data collected from 12 organizations. The defined method has a solid theoretical foundation, eliminating the need for a priori information about the relationship between different measures. Furthermore, the framework could be used not only to quantify the business value of enterprise integration, but also to estimate trade-offs and impacts of other subjective managerial goals on the results. The major limitation of the proposed method is the absence of a comprehensive theory relating IT architecture changes to organizational outcomes. The underlying model is strongly dependent on the relevancy and accuracy of the included variables, as well as number of data units, introducing uncertainties to the outcomes of the model.

  • 20.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system. KTH Royal Institute of Technology, Sweden.
    Algorithmic Fairness, Risk, and the Dominant Protective Agency2023Inngår i: Philosophy & Technology, ISSN 2210-5433, E-ISSN 2210-5441, Vol. 36, artikkel-id 76Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    With increasing use of automated algorithmic decision-making, issues of algorithmic fairness have attracted much attention lately. In this growing literature, existing concepts from ethics and political philosophy are often applied to new contexts. The reverse—that novel insights from the algorithmic fairness literature are fed back into ethics and political philosophy—is far less established. However, this short commentary on Baumann and Loi (Philosophy & Technology, 36(3), 45 2023) aims to do precisely this. Baumann and Loi argue that among algorithmic group fairness measures proposed, one—sufficiency (well-calibration) is morally defensible for insurers to use, whereas independence (statistical parity or demographic parity) and separation (equalized odds) are not normatively appropriate in the insurance context. Such a result may seem to be of relatively narrow interest to insurers and insurance scholars only. We argue, however, that arguments such as that offered by Baumann and Loi have an important but so far overlooked connection to the derivation of the minimal state offered by Nozick (1974) and thus to political philosophy at large.

  • 21.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system. KTH Royal Institute of Technology, Sweden.
    Algorithmic Political Bias—an Entrenchment Concern2022Inngår i: Philosophy & Technology, ISSN 2210-5433, E-ISSN 2210-5441, Vol. 35, nr 3, artikkel-id 75Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    This short commentary on Peters (Philosophy & Technology 35, 2022) identifies the entrenchment of political positions as one additional concern related to algorithmic political bias, beyond those identified by Peters. First, it is observed that the political positions detected and predicted by algorithms are typically contingent and largely explained by “political tribalism”, as argued by Brennan (2016). Second, following Hacking (1999), the social construction of political identities is analyzed and it is concluded that algorithmic political bias can contribute to such identities. Third, following Nozick (1989), it is argued that purist political positions may stand in the way of the pursuit of all worthy values and goals to be pursued in the political realm and that to the extent that algorithmic political bias entrenches political positions, it also hinders this healthy “zigzag of politics”. © 2022, The Author(s).

  • 22.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system. KTH Royal Institute of Technology, Sweden.
    Algorithmic Transparency, Manipulation, and Two Concepts of Liberty2024Inngår i: Philosophy & Technology, ISSN 2210-5433, E-ISSN 2210-5441, Vol. 37, artikkel-id 22Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    As more decisions are made by automated algorithmic systems, the transparency of these systems has come under scrutiny. While such transparency is typically seen as beneficial, there is a also a critical, Foucauldian account of it. From this perspective, worries have recently been articulated that algorithmic transparency can be used for manipulation, as part of a disciplinary power structure. Klenk (Philosophy & Technology 36, 79, 2023) recently argued that such manipulation should not be understood as exploitation of vulnerable victims, but rather as indifference to whether the information provided enhances decision-making by revealing reasons. This short commentary on Klenk uses Berlin’s (1958) two concepts of liberty to further illuminate the concept of transparency as manipulation, finding alignment between positive liberty and the critical account.

    Fulltekst (pdf)
    fulltext
  • 23.
    Franke, Ulrik
    RISE - Research Institutes of Sweden, ICT, SICS.
    Cyber Insurance Against Electronic Payment Service Outages: A Document Study of Terms and Conditions from Electronic Payment Service Providers and Insurance Companies2018Inngår i: Security and Trust Management: 14th International Workshop, STM 2018, Barcelona, Spain, September 6–7, 2018, Proceedings / [ed] Sokratis K. Katsikas & Cristina Alcaraz, Cham, Switzerland: Springer Nature Switzerland AG , 2018, s. 73-84Konferansepaper (Fagfellevurdert)
    Abstract [en]

    Society is becoming increasingly dependent on IT services. One example is the dependence of retailers on electronic payment services. This article investigates the terms and conditions offered by three electronic payment service providers, finding that they only guarantee best effort availability. As potential mitigation, five cyber insurance policies are studied from the perspective of coverage of electronic payment service outages. It is concluded that cyber insurance does indeed give some protection, but that coverage differs between insurers and between different policy options offered. Thus, a retailer who wishes to purchase cyber insurance should take care to understand what is on offer and actively select appropriate coverage.

    Fulltekst (pdf)
    fulltext
  • 24.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system.
    Cybersäkerhet för en uppkopplad ekonomi2020Bok (Annet vitenskapelig)
    Fulltekst (pdf)
    fulltext
  • 25.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system.
    Dags för cybersäkerhetsekonomi2022Inngår i: Ekonomisk Debatt, ISSN 0345-2646, Vol. 50, nr 2, s. 71-74Artikkel i tidsskrift (Annet vitenskapelig)
    Fulltekst (pdf)
    fulltext
  • 26.
    Franke, Ulrik
    RISE - Research Institutes of Sweden, ICT, SICS.
    Driftavbrott i samhällsviktiga it-tjänster2018Rapport (Annet (populærvitenskap, debatt, mm))
    Abstract [sv]

    Det moderna samhället är beroende av it-tjänster. Driftavbrott kan leda till allt från kortare elavbrott till brist på livsmedel eller läkemedel. Projektet DRISTIG har under drygt två år studerat driftavbrott i samhällsviktiga it-tjänster. Rapporten redovisar kort några forskningsresultat relaterade till kostnader för avbrott, försäkringar mot avbrott och så kallade Service Level Agreements(SLA).

    Fulltekst (pdf)
    fulltext
  • 27.
    Franke, Ulrik
    KTH Royal Institute of Technology, Sweden.
    En oavslutad dikt om ett oavslutat uppror2023Inngår i: Slovo: Journal of Slavic Languages, Literatures and Cultures , E-ISSN 2001-7359, Vol. 63, s. 64-73Artikkel i tidsskrift (Annet (populærvitenskap, debatt, mm))
    Abstract [en]

    The legendary Russian literary critic Belinsky famously described Pushkin’s novel in verse Eugene Onegin as an encyclopedia of Russian life. However, this encyclopedia seems seriously incomplete in that it largely leaves out elements of oppression, war, and insurrection. There are many valid explanations for this, but one, very blunt and prosaic, is that oppression and censorship actually worked – that it is absent in the fiction because it was present in reality. As a case in point, this article presents a novel translation into Swedish, with rhymes and meter preserved, of the fragments remaining of the unfinished tenth chapter of Eugene Onegin. This tenth chapter deals with the failed Decembrist uprising of 1825, and the misrule precipitating it, and it is not surprising that it could not be published at the time it was written. Though well known in the academic community, this fragment is rarely published in foreign translations, and as far as known, this is the first translation into a Scandinavian language. The article offers some commentary on the translation and concludes with a few remarks on the value of reading the classics even in times of turmoil.

    Fulltekst (pdf)
    fulltext
  • 28.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system. KTH Royal Institute of Technology, Sweden.
    First- and Second-Level Bias in Automated Decision-making2022Inngår i: Philosophy & Technology, ISSN 2210-5433, E-ISSN 2210-5441, Vol. 35, nr 2, artikkel-id 21Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    Recent advances in artificial intelligence offer many beneficial prospects. However, concerns have been raised about the opacity of decisions made by these systems, some of which have turned out to be biased in various ways. This article makes a contribution to a growing body of literature on how to make systems for automated decision-making more transparent, explainable, and fair by drawing attention to and further elaborating a distinction first made by Nozick (1993) between first-level bias in the application of standards and second-level bias in the choice of standards, as well as a second distinction between discrimination and arbitrariness. Applying the typology developed, a number of illuminating observations are made. First, it is observed that some reported bias in automated decision-making is first-level arbitrariness, which can be alleviated by explainability techniques. However, such techniques have only a limited potential to alleviate first-level discrimination. Second, it is argued that second-level arbitrariness is probably quite common in automated decision-making. In contrast to first-level arbitrariness, however, second-level arbitrariness is not straightforward to detect automatically. Third, the prospects for alleviating arbitrariness are discussed. It is argued that detecting and alleviating second-level arbitrariness is a profound problem because there are many contrasting and sometimes conflicting standards from which to choose, and even when we make intentional efforts to choose standards for good reasons, some second-level arbitrariness remains. © 2022, The Author(s).

  • 29.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system.
    How Much Should You Care About Algorithmic Transparency as Manipulation?2022Inngår i: Philosophy & Technology, ISSN 2210-5433, E-ISSN 2210-5441, Vol. 35, nr 4, artikkel-id 92Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    Wang (Philosophy & Technology 35, 2022) introduces a Foucauldian power account of algorithmic transparency. This short commentary explores when this power account is appropriate. It is first observed that the power account is a constructionist one, and that such accounts often come with both factual and evaluative claims. In an instance of Hume’s law, the evaluative claims do not follow from the factual claims, leaving open the question of how much constructionist commitment (Hacking, 1999) one should have. The concept of acts in equilibrium (Nozick, 1981) is then used to explain how different individuals reading Wang can end up with different evaluative attitudes towards algorithmic transparency, despite factual agreement. The commentary concludes by situating constructionist commitment inside a larger question of how much to think of our actions, identifying conflicting arguments. © 2022, The Author(s).

  • 30.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system.
    IT service outage cost: case study and implications for cyber insurance2020Inngår i: Geneva papers on risk and insurance. Issues and practice, ISSN 1018-5895, E-ISSN 1468-0440, Vol. 45, s. 760-784Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    Today, almost all enterprises are highly dependent on IT services. Thus, high availability IT services and the cost of downtime have received a lot of attention in recent years. One increasingly used tool for cyber risk management and transfer is cyber insurance, which typically offers some form of business interruption coverage. However, cost structures of IT service outages are still poorly understood, as costs are often just reported as lump sums. This article contributes a multiple case study of IT service outage cost in three sectors in Sweden: transport companies (N= 11), food companies (N= 9) and government agencies (N= 19). The contribution is three-fold: (i) the measurement instrument itself, (ii) the insights into different cost structures gained, and (iii) the implications of different cost structures on availability investment strategies. Whereas some enterprises incur only a fixed outage cost, some incur (almost) only lost productivity or almost only lost revenue. In the public sector, lost revenue is often negligible. The results are further contextualised by a discussion of cyber insurance implications.

    Fulltekst (pdf)
    fulltext
  • 31.
    Franke, Ulrik
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS.
    Kunskap är militärmakt2019Inngår i: Kungl Krigsvetenskapsakademiens Handlingar och Tidskrift, ISSN 0023-5369, nr 3, s. 36-44Artikkel i tidsskrift (Annet vitenskapelig)
    Abstract [en]

    This essay explores notions of knowledge and intelligence in war, with a particular emphasis on knowledge about knowledge. It is argued that such second order knowledge deserves more attention in military training and education, especially in the context of maneuver warfare. More precisely, information operations within the maneuver warfare paradigm largely aim to present or withhold (second order) knowledge to the enemy in order to gain an advantage. This is elaborated using cultural and historical examples. Furthermore, the relevance of flaws and biases in human cognition and decision-making in war are discussed. In particular, it is argued that while tactical decision-making can be much improved upon through training and exercises, it is more difficult to train experts in strategic decision-making. The article is concluded with some reflections and recommendations for how to improve military training and education.

    Fulltekst (pdf)
    fulltext
  • 32.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system.
    Lärdomar från 18632021Inngår i: Kungl Krigsvetenskapsakademiens Handlingar och Tidskrift, ISSN 0023-5369, nr 4, s. 72-86Artikkel i tidsskrift (Annet vitenskapelig)
    Abstract [en]

    This essay uses the quandary facing Swedish security policy decision-makers in 1863 as a starting point to discuss a few timeless topics of national strategy. Affected by pan-Scandinavian sentiments, in July 1863 Charles XV made a declaration of solidarity with Denmark, which faced a military threat from the German Confederation, promising Swedish troops to help defend the southern border of the Duchy of Schleswig. However, the King had not secured the support of his cabinet, which refused to back the King’s policy, so that despite intense diplomatic activity, no military assistance to Denmark was given when the Second Schleswig War eventually started. Using this historical experience as a case-study, observations and reflections are made about the security policy of small states, about the need to coordinate and de-conflict policy initiatives within the core executive, and about what is required for a declaration of solidarity to be credible.

    Fulltekst (pdf)
    fulltext
  • 33.
    Franke, Ulrik
    RISE., Swedish ICT, SICS, Software and Systems Engineering Laboratory.
    Militär kompetens i de tänkande maskinernas tidsålder2016Inngår i: Kungl Krigsvetenskapsakademiens Handlingar och Tidskrift, ISSN 0023-5369, nr 3, s. 68-76Artikkel i tidsskrift (Annet vitenskapelig)
    Abstract [en]

    Recent advances in Artificial Intelligence have spawned a prolific debate about the future of employment and labour in a world where even intellectual work can be performed by algorithms and robots rather than humans. This article discusses the impact of this development on military professions, and on the very concept of military professionalism. Considering military capability to be built from physical, conceptual, and moral factors, it is observed that with increasing automation of the first and second factors, the human contribution will increasingly be in the third, moral, realm. It is also argued that such a human contribution can still tip the scales, even in a high-­tech conflict. Reasoning by analogies, it is claimed that ‘man or machine’ is a false dichotomy, that the challenge is, rather, to find the best combination of the two and that this holds true also in highly intellectual aspects of warfighting, such as intelligence analysis. The article is concluded with some reflections on the challenge of creating innovative military organizations that are tolerant to new divisions of labour between man and machine.

    Fulltekst (pdf)
    fulltext
  • 34.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system.
    Rawls’s Original Position and Algorithmic Fairness2021Inngår i: Philosophy & Technology, ISSN 2210-5433, E-ISSN 2210-5441, Vol. 34, s. 1803-1817Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    Modern society makes extensive use of automated algorithmic decisions, fueled by advances in artificial intelligence. However, since these systems are not perfect, questions about fairness are increasingly investigated in the literature. In particular, many authors take a Rawlsian approach to algorithmic fairness. This article aims to identify some complications with this approach: Under which circumstances can Rawls’s original position reasonably be applied to algorithmic fairness decisions? First, it is argued that there are important differences between Rawls’s original position and a parallel algorithmic fairness original position with respect to risk attitudes. Second, it is argued that the application of Rawls’s original position to algorithmic fairness faces a boundary problem in defining relevant stakeholders. Third, it is observed that the definition of the least advantaged, necessary for applying the difference principle, requires some attention in the context of algorithmic fairness. Finally, it is argued that appropriate deliberation in algorithmic fairness contexts often require more knowledge about probabilities than the Rawlsian original position allows. Provided that these complications are duly considered, the thought-experiment of the Rawlsian original position can be useful in algorithmic fairness decisions. © 2021, The Author(s).

  • 35.
    Franke, Ulrik
    RISE., Swedish ICT, SICS, Software and Systems Engineering Laboratory.
    The cyber insurance market in Sweden2017Inngår i: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 68, s. 130-144Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    This article is a characterization of the cyber insurance market in Sweden. As empirical investigations of cyber insurance are rarely reported in the literature, the results are novel. The investigation is based on semi-structured interviews with 10 insurance companies active on the Swedish market, and additional interviews with 2 re-insurance companies and 3 insurance intermediaries. These informants represent essentially all companies selling cyber insurance on the Swedish market. Findings include descriptions of the coverages offered, including discrepancies between insurers, and the underwriting process used. Typical annual premiums are found to be in the span of some 5–10 kSEK per MSEK indemnity limit, i.e. 0.5–1% of the indemnity limit. For business interruption coverage, waiting periods are found to be relatively long compared to many outages. Furthermore, insurance companies impose information and IT security requirements on their customers, and do not insure customers that are too immature or have too poor security. Thus cyber insurance, in practice, is not merely an instrument of risk transfer, but also contains aspects of avoidance and mitigation. Based on the findings, market segmentation, pricing, business continuity, and asymmetry of information are discussed, and some future work is suggested.

  • 36.
    Franke, Ulrik
    RISE - Research Institutes of Sweden, ICT, SICS.
    Towards Increased Transparency in Digital Insurance2019Inngår i: ERCIM News, ISSN 0926-4981, E-ISSN 1564-0094, nr 116, s. 23-24Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    Automated decision-making has the potential to increase both productivity and competitiveness as well as compensate for well-known human biases and cognitive flaws [1]. But today’s powerful machine-learning based technical solutions also bring about problems of their own – not least in terms of being uncomfortably black-box like. A new research project at RISE Research Institutes of Sweden, in collaboration with KTH Royal Institute of Technology, has recently been set up to study transparency in the insurance industry, a sector that is poised to undergo technological disruption.

  • 37.
    Franke, Ulrik
    RISE., Swedish ICT, SICS, Software and Systems Engineering Laboratory.
    Towards Preference Elicitation for Trade-Offs between Non-Functional Properties2016Inngår i: 2016 IEEE 20th International Enterprise Distributed Object Computing Conference (EDOC), 2016Konferansepaper (Fagfellevurdert)
    Abstract [en]

    In the design and evolution of software intensive systems, it is desirable to make informed decisions as early as possible in the life cycle. To do this, it is both necessary to be able to predict properties of these future systems and to know how one would like to prioritize among those properties. This paper addresses the latter problem of how to make trade-offs between non-functional properties of software intensive systems. An approach based on the elicitation of utility functions from stake-holders and subsequent checks for consistency among these functions is proposed. A sample GUI is presented, along with some examples. Limitations are discussed and several avenues for future work, including empirical validation, are proposed.

  • 38.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system.
    Transparenta algoritmer i försäkringsbranschen2021Rapport (Annet vitenskapelig)
    Abstract [en]

    This is the final report of the project Transparent algorithms in insurance, which has been conducted at RISE and KTH Royal Institute of Technology, funded by Länsförsäkringars forskningsfond, from 2018 to 2021. The report starts by discussing some of the difficulties that arise with automated decision-making and black box-like algorithms, as well as the prospects for alleviating these through appropriate transparency. Next, some research results are presented. From an analysis of national AI strategies from the Nordic countries, it is concluded that ethics play an important part in them: ethical AI is said to be a competitive advantage. However, the documents do not offer any convincing arguments for this position, and do not offer any clear ethical guidance. Based on two case studies, the prospects for using the Value Sensitive Design method to conduct design work while taking transparency and other values into account are discussed. The method is deemed promising for use in actual design work, e.g., within insurance. An empirical investigation of how the right to explanation under GDPR works in practice in Swedish insurance finds large discrepancies between companies. The times required to respond were long and the contents of the answers showed considerable variability. A follow-up study in several EU countries is planned and will in due time give a better picture of what the GDPR right to meaningful information actually means in practice. Based on interviews with some 30 senior managers and board members within banking and insurance, possibilities and challenges of implementing transparent and explainable AI in large organizations are discussed. Difficulties include coming to grips with different points of view and creating common frames of reference. The perspective of the Swedish insurance industry on AI and transparency was also investigated through interviews. There is a widespread belief that transparency could be a competitive advantage, but most informants are uncertain about how this advantage can actually be realized. It is also apparent that AI is not yet used in the insurance core business in Sweden, meaning that the questions of transparent and explainable AI are still somewhat theoretical to the industry. Still, they are expected to become important in due time. The report is concluded with some observations that are practically relevant to insurance, and a few directions for future research.

    Fulltekst (pdf)
    Rapport
    Fulltekst (pdf)
    Bilaga
  • 39.
    Franke, Ulrik
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system. KTH Royal Institute of Technology, Sweden.
    Two Metaverse Dystopias2024Inngår i: Res Publica, ISSN 1356-4765, E-ISSN 1572-8692Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    In recent years, the metaverse—some form of immersive digital extension of the physical world—has received much attention. As tech companies present their bold visions, scientists and scholars have also turned to metaverse issues, from technological challenges via societal implications to profound philosophical questions. This article contributes to this growing literature by identifying the possibilities of two dystopian metaverse scenarios, namely one based on the experience machine and one based on demoktesis—two concepts from Nozick (Anarchy, State, and Utopia, Basic Books, 1974). These dystopian scenarios are introduced, and the potential for a metaverse to evolve into either of them is explained. The article is concluded with an argument for why the two dystopian scenarios are not strongly wedded to any particular theory of ethics or political philosophy, but constitute a more general contribution.

    Fulltekst (pdf)
    fulltext
  • 40.
    Franke, Ulrik
    et al.
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system. KTH Royal Institute of Technology, Sweden.
    Andreasson, A.
    KTH Royal Institute of Technology, Sweden.
    Artman, H.
    KTH Royal Institute of Technology, Sweden; FOI Swedish Defence Research Agency, Sweden.
    Brynielsson, J.
    KTH Royal Institute of Technology, Sweden; FOI Swedish Defence Research Agency, Sweden.
    Varga, S.
    KTH Royal Institute of Technology, Sweden; Swedish Armed Forces, Sweden.
    Vilhelm, N.
    KTH Royal Institute of Technology, Sweden; Norwegian National Security Authority, Norway.
    Cyber situational awareness issues and challenges2022Inngår i: Cybersecurity and Cognitive Science, Elsevier , 2022, s. 235-265Kapittel i bok, del av antologi (Annet vitenskapelig)
    Abstract [en]

    Today, most enterprises are increasingly reliant on information technology to carry out their operations. This also entails an increasing need for cyber situational awareness—roughly, to know what is going on in the cyber domain, and thus be able to adequately respond to events such as attacks or accidents. This chapter argues that cyber situational awareness is best understood by combining three complementary points of view: the technological, the socio-cognitive, and the organizational perspectives. In addition, the chapter investigates the prospects for reasoning about adversarial actions. This part also reports on a small empirical investigation where participants in the Locked Shields cyber defense exercise were interviewed about their information needs with respect to threat actors. The chapter is concluded with a discussion regarding important challenges to be addressed along with suggestions for further research. 

  • 41.
    Franke, Ulrik
    et al.
    RISE - Research Institutes of Sweden, ICT, SICS.
    Buschle, M.
    Zeb.consulting, Sweden.
    Jung, J.
    Frankfurt University of Applied Sciences, Germany.
    Message from the TEAR 2018 Workshop Chairs2018Inngår i: Proceedings - IEEE International Enterprise Distributed Object Computing Workshop, EDOCW, 2018, s. XVI-XVIIKonferansepaper (Annet vitenskapelig)
    Abstract [en]

    This paper gives a brief overview of the 13th Workshop on Trends in Enterprise Architecture Research (TEAR) organized in conjunction with EDOC 2018. The paper introduces the Workshop research topics and presents the accepted papers.

  • 42.
    Franke, Ulrik
    et al.
    RISE., Swedish ICT, SICS, Software and Systems Engineering Laboratory. KTH Royal Institute of Technology, Sweden.
    Buschle, Markus
    KTH Royal Institute of Technology, Sweden; Zeb/Consulting, Sweden.
    Experimental Evidence on Decision-Making in Availability Service Level Agreements2016Inngår i: IEEE Transactions on Network and Service Management, ISSN 1932-4537, E-ISSN 1932-4537, Vol. 13, nr 1, s. 58-70, artikkel-id 7360206Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    As more enterprises buy information technology services, studying their underpinning contracts becomes more important. With cloud computing and outsourcing, these service level agreements (SLAs) are now often the only link between the business and the supporting IT services. This paper presents an experimental economics investigation of decision-making with regard to availability SLAs, among enterprise IT professionals. The method and the ecologically valid subjects make the study unique to date among IT service SLA studies. The experiment consisted of pairwise choices under uncertainty, and subjects (N=46) were incentivized by payments based on one of their choices, randomly selected. The research question investigated in this paper is: Do enterprise IT professionals maximize expected value when procuring availability SLAs, as would be optimal from the business point of view? The main result is that enterprise IT professionals fail to maximize expected value. Whereas some subjects do maximize expected value, others are risk-seeking, risk-averse, or exhibit nonmonotonic preferences. The nonmonotonic behavior in particular is an interesting observation, which has no obvious explanation in the literature. For a subset of the subjects (N=29), a few further hypotheses related to associations between general attitude to risk or professional experience on the one hand, and behavior in SLAs on the other hand, were investigated. No support for these associations was found. The results should be interpreted with caution, due to the limited number of subjects. However, given the prominence of SLAs in modern IT service management, the results are interesting and call for further research, as they indicate that current professional decision-making regarding SLAs can be improved. In particular, if general attitude to risk and professional experience do not impact decision-making with regard to SLAs, more extensive use of decision-support systems might be called for in order to facilitate proper risk management.

  • 43.
    Franke, Ulrik
    et al.
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS.
    Ciccozzi, Federico
    Mälardalen University, Sweden.
    Characterization of trade-off preferences between non-functional properties2018Inngår i: Information Systems, ISSN 0306-4379, E-ISSN 1873-6076, Vol. 74, s. 86-102Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    Efficient design and evolution of complex software intensive systems rely on the ability to make informed decisions as early as possible in the life cycle. Such informed decisions should take both the intended functional and non-functional properties into account. Especially regarding the latter, it is both necessary to be able to predict properties and to prioritize them according to well-defined criteria. In this paper we focus on the latter problem, that is to say how to make trade-offs between non-functional properties of software intensive systems. We provide an approach based on the elicitation of utility functions from stake-holders and subsequent checks for consistency among these functions. The approach is exploitable through an easy-to-use GUI, which is also presented. Moreover, we describe the setup and the outcome of our two-fold validation based on exploratory elicitations with students and practitioners

    Fulltekst (pdf)
    fulltext
  • 44.
    Franke, Ulrik
    et al.
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS. FOI Swedish Defence Research Agency, Sweden.
    Cohen, Mika
    FOI Swedish Defence Research Agency, Sweden.
    Sigholm, Johan
    FHS Swedish Defence University, Sweden.
    What can we learn from enterprise architecture models? An experiment comparing models and documents for capability development2018Inngår i: Software and Systems Modeling, ISSN 1619-1366, E-ISSN 1619-1374, Vol. 17, nr 2, s. 695-711Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    Enterprise architecture (EA) has been established as a discipline to cope with the complex interactions of business operations and technology. Models, i.e., formal descriptions in terms of diagrams and views, are at the heart of the approach. Though it is widely thought that such architecture models can contribute to improved understanding and decision making, this proposition has not rigorously been tested. This article describes an experiment conducted with a real EA model and corresponding real traditional documents, investigating whether the model or the documents lead to better and faster understanding. Understanding is interesting to study, as it is a prerequisite to other EA uses. The subjects (N=98">N=98N=98 ) were officer cadets, and the experiment was carried out using a comprehensive description of military Close Air Support capability either (1) in the form of a MODAF model or (2) in the form of traditional documents. Based on the results, the model seems to lead to better, though not faster, understanding.

  • 45.
    Franke, Ulrik
    et al.
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS.
    Draeger, Joachim
    IABG mbH, Germany.
    Two simple models of business interruption accumulation risk in cyber insurance2019Konferansepaper (Fagfellevurdert)
    Abstract [en]

    As modern society becomes ever more dependenton IT services, risk management of cyber incidents becomes more important. Cyber insurance is one tool, among others, for such risk management that has received much attentionin the past few years. One obstacle to well-functioning cyberinsurance, however, is the fact that cyber accumulation risk remains poorly understood, despite efforts from practitioners and scientists.

    In this article, we address the accumulation risk of business interruption incidents, an area that has received less attention than the accumulation risk of data breach incidents. Two simple models are introduced: First, a model that takes the insurer’s perspective and explores the impact on aggregated claims cost from incidents that unintentionally propagate between firms. Second, a model that takes the insured’s perspective, considering the impacts of limited incident management capacity and showing that there is sometimes an economic case for collectively funding additional incident managers. The paper is concluded with some reflections on the models and an outlook.

    Fulltekst (pdf)
    fulltext
  • 46.
    Franke, Ulrik
    et al.
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system.
    Friberg, Even
    Tallinn University of Technology, Estonia.
    Bahşi, Hayretdin
    Tallinn University of Technology, Estonia.
    Maritime cyber-insurance: The Norwegian case2022Inngår i: International Journal of Critical Infrastructures, ISSN 1475-3219, E-ISSN 1741-8038, Vol. 18, nr 3, s. 267-286Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    Major cyber incidents such as the Maersk case have demonstrated that the lack of cyber security can induce huge operational losses in the maritime sector. Cyber-insurance is an instrument of risk transfer, enabling organisations to insure themselves against financial losses caused by cyber incidents and get access to incident management services. This paper provides an empirical study of the use of cyber-insurance in the Norwegian maritime sector, with a particular emphasis on the effects of the General Data Protection Regulation and the Directive on Security of Network and Information Systems. Norway constitutes a significant case as a country having a highly mature IT infrastructure and well-developed maritime industry. Interviews were conducted with supplier- and demand-side maritime actors. Findings point to a widespread lack of knowledge about cyber-insurance. Furthermore, neither GDPR nor NIS were found to be significant drivers of cyber-insurance uptake among maritime organisations. 

  • 47.
    Franke, Ulrik
    et al.
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system. KTH Royal Institute of Technology, Sweden.
    Hoxell, Amanda
    Uppsala University, Sweden; Länsförsäkringar, Sweden.
    Observable cyber risk on cournot oligopoly data storage markets2020Inngår i: Risks, E-ISSN 2227-9091, Vol. 8, nr 4, artikkel-id 119Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    With the emergence of global digital service providers, concerns about digital oligopolies have increased, with a wide range of potentially harmful effects being discussed. One of these relates to cyber security, where it has been argued that market concentration can increase cyber risk. Such a state of affairs could have dire consequences for insurers and reinsurers, who underwrite cyber risk and are already very concerned about accumulation risk. Against this background, the paper develops some theory about how convex cyber risk affects Cournot oligopoly markets of data storage. It is demonstrated that with constant or increasing marginal production cost, the addition of increasing marginal cyber risk cost decreases the differences between the optimal numbers of records stored by the oligopolists, in effect offsetting the advantage of lower marginal production cost. Furthermore, based on the empirical literature on data breach cost, two possibilities are found: (i) that such cyber risk exhibits decreasing marginal cost in the number of records stored and (ii) the opposite possibility that such cyber risk instead exhibits increasing marginal cost in the number of records stored. The article is concluded with a discussion of the findings and some directions for future research. © 2020 by the authors. 

  • 48.
    Franke, Ulrik
    et al.
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS.
    Kaati, Lisa
    FOI Swedish Defence Research Agency, Sweden.
    Rantzer, Martin
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS.
    IT-beroende och sårbarhet i det moderna samhället2017Inngår i: Sverige – värt att skydda: Ett sårbart samhälle kräver ett modernt civilt försvar / [ed] Thomas Hörberg, Stockholm: Kungl Krigsvetenskapsakademien , 2017, s. 109-124Kapittel i bok, del av antologi (Annet (populærvitenskap, debatt, mm))
    Abstract [en]

    Chapter 5 analyses the increasing digitalization of Sweden's Society's critical infrastructure and its connection to the internet. The increased efficiency brings with it enlarged risks and vulnerability to cyber-attacks and information operations. Vulnerabilities include both civil society and military capabilities, which are directly affected by the threat of cyber warfare and indirectly threatened through a possible collapse of civilian functions on which the armed forces depend. Sweden stands on the threshold of a new digitized society, and requires a digital immune system that reduces the vulnerability of society, through increased risk awareness among government agencies, industry, and politicians and better preparedness to counter threats by planning, exercises and possibly an early warning system.

    Fulltekst (pdf)
    fulltext
  • 49.
    Franke, Ulrik
    et al.
    RISE - Research Institutes of Sweden (2017-2019), ICT, SICS.
    Meland, Per Håkon
    SINTEF Digital, Norway.
    Demand side expectations of cyber insurance2019Konferansepaper (Fagfellevurdert)
    Abstract [en]

    Cyber insurance has attracted much attention fromboth practitioners, policymakers and academics in the past fewyears. However, it also faces some challenges before it can reachits full potential as a tool for better cyber risk management. Onesuch challenge is the gap between what customers expect andwhat insurers really offer.

    This paper investigates this gap empirically, based on interviewswith informant companies in Norway and Sweden consideringcyber insurance. The expectations expressed in the interviewsare compared to anonymized incident claims reports and claimsstatistics for 2018 from a global insurance intermediary.

    The results show no obvious pattern of discrepancies betweendifferent domains. However, informant expectations on businessinterruption coverage are much greater than one would expectfrom its share of claims. In this respect, informant expectationson business interruption coverage are more aligned with somerecently published scenarios on possible major business interruptions.

    Fulltekst (pdf)
    fulltext
  • 50.
    Franke, Ulrik
    et al.
    RISE Research Institutes of Sweden, Digitala system, Mobilitet och system. KTH Royal Institute of Technology, Sweden.
    Wernberg, Joakim
    Swedish Entrepreneurship Forum Stockholm, Sweden.
    A survey of cyber security in the Swedish manufacturing industry2020Inngår i: 2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, Cyber SA 2020, Institute of Electrical and Electronics Engineers Inc. , 2020Konferansepaper (Fagfellevurdert)
    Abstract [en]

    In this paper we explore cyber security practices in Swedish manufacturing firms. Manufacturing is being transformed by new technologies under the label of smart industry or industry 4.0. Most of these technologies are either digital themselves or depend on digital connectivity. Their use is made possible by electronic sensors, actuators, and other devices as well as by data-driven analysis. This technological change entails a fundamental shift in risk and security as devices become interconnected, making information and control transmissible both within and to varying degree outside the firm's organization. These issues must be addressed to prevent both unintentional and intentional security incidents. Thus, there will be no smart industry without cyber security. Based on a sector-wide survey with 649 respondents (17% response rate) carried out in collaboration with the Association of Swedish Engineering Industries, we map risk perception and the controls put in place to address these risks across firms. We present three primary findings: (i) Compared to how firms value further investments in digitalization, risk perception related to cyber security issues is fairly low and business interruption is a greater cause for worry than data breach, (ii) there is a gap between the anticipated impact of digitalization and the perceived need for cyber security measures across business functions within firms, and (iii) the implementation of cyber security measures is still in its infancy with a significant bias towards technological measures, leaving organizational and social cyber security measures underrepresented. The paper is concluded with the identification of a few interesting follow-up questions for future work.

    Fulltekst (pdf)
    fulltext
12 1 - 50 of 69
RefereraExporteraLink til resultatlisten
Permanent link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
v. 2.43.0