/* vim: set formatoptions+=l textwidth=0 nowrap: */ /* $Id: ethics,v 19.1 2019/08/26 09:51:36 karst Exp $ */ ~~META:title=Ethics Procedures~~ ====== Ethics Procedures for the Master SNE ====== Ethics play an important role in Security and Network Engineering. Professionals and students often come into contact with sensitive information containing private personal information or related to vulnerabilities. During the course of the year we teach this to the students in different contexts. To cope with these issues in student projects we have defined {{:info:ecos3-procedure.pdf|Ethical Procedures}} for projects performed by students throughout the year. This means that the students must include an 'ethics considerations' paragraph in their projects proposal. The projects are then ranked and get increasing supervision on the ethics part depending on the ranking. Should students find vulnerabilities or other problems with products of outside companies, we will coordinate with these companies and perform a responsible disclosure procedure where we will adhere to the [[https://english.ncsc.nl/publications/publications/2019/juni/01/coordinated-vulnerability-disclosure-the-guideline|guidelines]] as set by the Dutch [[https://www.ncsc.nl/|National Cyber Security Center]]. ===== Ethics Committee ===== The ethics considerations are primarily reviewed by the teacher of the course, after which these are reviewed by the Ethics Committee of the Master SNE ("ECOS3"). This Ethics Committee is comprised of three members: * Networking Lecturer: Paola Grosso (chair) * Ethics Advisor: Jan Joris Vereijken * Ethics Advisor: Vincent Breider The Ethics Committee can be reached by email via //ecos3 at os3 dot nl//. The Ethics Committee will decide on proposals as soon as possible. Should there be any disagreement, it is possible to apply the case with the Ethics Committee of the Informatics Institute (IvI). Our experiences with this ethics procedure are published in the article [[https://www.usenix.org/jesa/0101/van-der-ham|"Embedding Ethics in System Administration Education"]], Jeroen van der Ham, National Cyber Security Centre-NL, University of Amsterdam, USENIX Journal of Education in System Administration, Volume 1, Number 1 • September 2015.