Adversarial risks in social experiments with new technologies. Experimentation beyond the laboratory: new perspectives on technology.. 2017.
Fault trees on a diet: automated reduction by graph rewriting. Formal Aspects of Computing. online pre-publication:1–53.. 2017.
Priming and warnings are not effective to prevent social engineering attacks. Computers in Human Behavior. 66:75–87.. 2017.
Quantitative security and safety analysis with attack-fault trees. Proceeding of the 18th IEEE International Symposium on High Assurance Systems Engineering, Singapore.. 2017.
Uniform analysis of fault trees through model transformations. Proceedings of the 63rd Annual Reliabliity and Maintainability Symposium (RAMS 2017), Orlando, FL, USA.. 2017.
Analysing the Efficacy of Security Policies in Cyber-Physical Socio-Technical Systems. 12th International Workshop on Security and Trust Management, STM 2016, Heraklion, Crete, Greece. 9871:170–178.. 2016.
ArgueSecure: Out-of-the-box Risk Assessment. Proceedings of the 2015 IEEE 2nd Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE), Beijing, China.. 2016.
The Attack Navigator (Invited). Graphical Models for Security - Revised Selected Papers. 9390:1–17.. 2016.
Attack Trees for Practical Security Assessment: Ranking of Attack Scenarios with ADTool 2.0. 13th International Conference on Quantitative Evaluation of Systems, QEST 2016, Quebec City, QC, Canada. 9826:159–162.. 2016.
Automated Identification and Prioritization of Business Risks in e-service Networks. Proceedings of the 7th International Conference on Exploring Service Science, IESS 2016, Bucharest, Romania. 247:547–560.. 2016.
Automating Cyber Defence Responses Using Attack-Defence Trees and Game Theory. European Conference on Cyber Warfare and Security, ECCWS 2016, Munich, Germany. :163–172.. 2016.
Automating Defence Generation for Risk Assessment. 1st European Symposium on Security and Privacy, Saarbrücken, Germany. :Number6.. 2016.
Bridging Two Worlds: Reconciling Practical Risk Assessment Methodologies with Theory of Attack Trees. Third International Workshop GraMSec 2016, Lisbon, Portugal. :80–93.. 2016.
Cybersecurity as a Politikum: Implications of Security Discourses for Infrastructures. New Security Paradigms Workshop (NSPW), Colorado, USA.. 2016.
Enterprise Architecture-Based Risk and Security Modelling and Analysis. Third International Workshop, GraMSec 2016, Lisbon, Portugal. 9987:94–101.. 2016.
From A to Z: Developing a Visual Vocabulary for Information Security Threat Visualisation. Third International Workshop GraMSec 2016, Lisbon, Portugal. 9987:102–118.. 2016.
Generating attacks in SysML activity diagrams by detecting attack surfaces. Journal of Ambient Intelligence and Humanized Computing. 6:361–373.. 2016.
How to Generate Security Cameras: Towards Defence Generation for Socio-Technical Systems. Second International Workshop GraMSec 2015, Verona, Italy. 9390:55–65.. 2016.
Information Security Maturity as an Integral Part of ISMS based Risk Management Tools. SECURWARE 2016, The Tenth International Conference on Emerging Security Information, Systems and Technologies, Nice, France. :295–298.. 2016.
Integrated Safety and Security Risk Assessment Methods: A Survey of Key Characteristics and Applications. 11th International Conference on Critical Information Infrastructures Security (CRITIS), Paris, France.. 2016.
Maintenance analysis and optimization via statistical model checking: Evaluating a train pneumatic compressor. Proceedings of the 13th International Conference on Quantitative Evaluation of SysTems, QEST 2016, Québec City, Canada. 9826. 2016.
Modeling and Verification of Insider Threats Using Logical Analysis. IEEE Systems Journal.. 2016.
Modelling Attack-defense Trees Using Timed Automata. 14th International Conference on Formal Modeling and Analysis of Timed Systems, FORMATS 2016, Quebec, QC, Canada. 9884:35–50.. 2016.