Enterprise Architecture-Based Risk and Security Modelling and Analysis. Third International Workshop, GraMSec 2016, Lisbon, Portugal. 9987:94–101.. 2016.
Effectiveness of qualitative and quantitative security obligations. Journal of Information Security and Applications. 22:3–16.. 2015.
Examining the Contribution of Critical Visualisation to Information Security. New Security Paradigm Workshop (NSPW), Twente, The Netherlands. :1–14.. 2015.
Effectiveness of qualitative and quantitative security obligations. Journal of Information Security and Applications. to appear:1–14.. 2014.
Experiences with formal engineering: model-based specification, implementation and testing of a software bus at Neopost. Science of computer programming. 80:188–209.. 2014.
Experimenting with Incentives: Security in Pilots for Future Grids. IEEE Security & Privacy. 12:59–66.. 2014.
Externalizing Behaviour for Analysing System Models. Journal of Internet Services and Information Security. 3:52–62.. 2013.