Publications
] .
2015. Transforming Graphical System Models To Graphical Attack Models. The Second International Workshop on Graphical Models for Security (GraMSec 2015), Verona, Italy. :1–15.
.
2015. Tangible Modelling to Elicit Domain Knowledge: An Experiment and Focus Group. 34th International Conference, ER 2015, Stockholm, Sweden. 9381:558–565.
.
2014. Argumentation-Based Security Requirements Elicitation: The Next Round. Proceedings of the 2014 IEEE 1st International Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE), Karlskrona, Sweden. :7–12.
.
2016. Automated Identification and Prioritization of Business Risks in e-service Networks. Proceedings of the 7th International Conference on Exploring Service Science, IESS 2016, Bucharest, Romania. 247:547–560.
.
2015. Using Value Models for Business Risk Analysis in e-Service Networks. 8th IFIP WG 8.1. Working Conference, PoEM 2015, Valencia, Spain. 235:239–253.
.
2016. ArgueSecure: Out-of-the-box Risk Assessment. Proceedings of the 2015 IEEE 2nd Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE), Beijing, China.
.
2014. Modelling telecom fraud with e3value.
.
2015. Investigating the usability and utility of tangible modelling of socio-technical architectures.
.
2016. A study on tangible participative enterprise modelling. ER 2016 Workshops AHA, MoBID, MORE-BI, MReBA, QMMQ, and WM2SP, Gifu, Japan, November 14-17, 2016, Proceedings, Gifu, Japan. 9975:139–148.
.
2014. Context-sensitive Information security Risk identification and evaluation techniques. 22nd IEEE International Requirements Engineering Conference (RE14), Karlskrona, Sweden. :485–488.
.
2016. Value-Driven Risk Analysis of Coordination Models. 9th IFIP WG 8.1. Working Conference, PoEM 2015, Proceedings, Skovde, Sweden. 267:102–116.
.
2014. Meer vrouwen in de ict, waarom eigenlijk? Bits en chips. 9:20–21.
.
2016. The Value of Attack-Defence Diagrams. Proceedings of the 5th International Conference on Principles of Security and Trust, POST 2016, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016, Eindhoven, Netherlands. 9635:163–185.
.
2015. "If you were attacked, you'd be sorry": Counterfactuals as security arguments. New Security Paradigm Workshop (NSPW), Twente, Netherlands. :1–12.
.
2014. Logical Lego? Co-constructed perspectives on service design Proceedings of NordDesign 2014, Melbourne, Australia. :416–425.
.
2015. Critical visualization: a case for rethinking how we visualize risk and security. Journal of Cybersecurity. 1:93–108.
.
2015. Examining the Contribution of Critical Visualisation to Information Security. New Security Paradigm Workshop (NSPW), Twente, The Netherlands. :1–14.
.
2014. Modelling and analysis of Markov reward automata. Proceedings of the 12th International Symposium on Automated Technology for Verification and Analysis, ATVA 2014, Sydney, NSW, Australia. 8837:168–184.
.
2016. Understanding How Components of Organisations Contribute to Attacks. 21st Nordic Conference, NordSec 2016, Oulu, Finland. 10014:54–66.
.
2015. Socio-Technical Security Metrics (Dagstuhl Seminar 14491). Dagstuhl Reports. 4:1–28.
.
2016. How to Generate Security Cameras: Towards Defence Generation for Socio-Technical Systems. Second International Workshop GraMSec 2015, Verona, Italy. 9390:55–65.
.
2016. Towards Empirical Evaluation of Automated Risk Assessment Methods. 11th International Conference on Risks and Security of Internet and Systems, CRiSIS 2016, Roscoff, France.
.
2016. Modelling Attack-defense Trees Using Timed Automata. 14th International Conference on Formal Modeling and Analysis of Timed Systems, FORMATS 2016, Quebec, QC, Canada. 9884:35–50.
