To achieve rigorous evidence-based results for WP4 Usable Security, we found it crucial to not only undertake studies on the core research questions such as trust of users in CASCAde primitives themselves, but to secure the foundations of our work. In general, that meant adopting evidence-based research methods and practices for quality assurance, evaluating the instruments we intend to use, and to evaluate the reliability of existing results in the field as possible foundations for our work.

We organize our evidence-based methods outputs according to their purposes:

Pre-Registrations. Are statements of research intentions, which generally ensure that studies are specified and researcher degrees of freedom limited before statistical inferences are undertaken. They buttress confirmatory studies with clear prescriptions a priori of the results being known.

Instruments. Empirical studies are at the mercy of the reliability and validity of the instruments employed in their execution. Hence, we evaluate existing instruments and develop new instruments ourselves.

Meta-Research. We engaged in the evaluation of the state-of-play of cyber security user studies, including analyses on reporting fidelity, reliability of results, meta-analyses and research synthesis.