Responsable LIMOS : LAFOURCADE Pascal
Coordinator : Ylès Falcone
Begin of project : May 1, 2021 - Fin du projet : May 1, 2025


This project proposal is about electronic assessment and testing (e-TAS) systems (also known under several other names, such as electronic exams, digital assessment, online-assessment, or computer-based assessment systems). e-TAS are general protocols and applications originally proposed in educational testing, and they are employed to assess the skills, knowledge, and the performances of single individuals or organizations. OASYS, for example, is a platform yearly employed in Luxembourg to test the quality of education in the country which offers tests to thousands of students and which runs both on desktops and mobile devices.

The revolution brought up by ICT is amplifying the educational potential of e-TAS in terms of accessibility and scalability. However, the use of ICT is also extending the attack surface and e-TAS will face new threats, domain-specific. Despite that, the sector still suffers for an insufficient understanding of its security issues---let alone clear definitions of properties, methods and tools of analysis, and verified solutions. Till today, there is a lack of initiative and of coordinated research to address these issues. Low security continues to set the standard.

This project proposal is how to make e-TAS secure. Security, here, is interpreted broadly, including also aspects of usability security.

A secure e-TAS subsumes a long list of domain-specific security properties (e.g., anonymous marking, questions secrecy, fair grading, dispute resolution, marking accountability, etc) and different adversary models (e.g., cheating test-takers, greedy authorities, corrupted graders, untrusted servers, etc.). A systematic study and formalization of e-TAS, their security
requirements, and threats models, as well as a revision of appropriate tools of analysis and novel design and implementation of protocols for the application sector of e-TAS are goals within this project proposal's aim. With a more systematic, substantial, and coordinated effort SEVERITAS aims to drive the security research community to have an impact on the practice and business of electronic assessment worldwide.


partner organism :

Financeur : ANR