Effectiveness of qualitative and quantitative security obligations. Journal of Information Security and Applications. 22:3–16.. 2015.
Examining the Contribution of Critical Visualisation to Information Security. New Security Paradigm Workshop (NSPW), Twente, The Netherlands. :1–14.. 2015.
Fault Trees on a Diet - Automated Reduction by Graph Rewriting. Proceedings of the First International Symposium on Dependable Software Engineering: Theories, Tools, and Applications (SETTA 2015), Nanjing, China. 9409:3–18.. 2015.
Formal Modelling and Analysis of Socio-Technical Systems. Semantics, Logics, and Calculi: Essays Dedicated to Hanne Riis Nielson and Flemming Nielson on the Occasion of Their 60th Birthdays. 9560:54–73.. 2015.
From Cybercrime to Cyborg Crime: Botnets as Hybrid Criminal Actor-Networks. British journal of Criminology. 55:1–18.. 2015.
Genetic Approximations for the Failure-Free Security Games. Decision and Game Theory for Security, 6th International Conference, GameSec 2015, London, UK. 9406:311–321.. 2015.
"If you were attacked, you'd be sorry": Counterfactuals as security arguments. New Security Paradigm Workshop (NSPW), Twente, Netherlands. :1–12.. 2015.
Maybe Poor Johnny Really Cannot Encrypt - The Case for a Complexity Theory for Usable Security. New Security Paradigm Workshop (NSPW), Twente, Netherlands. :1–15.. 2015.
Modeling and Analysing Socio-Technical Systems. 1st International Workshop on Socio-Technical Perspective in IS development (STPIS), Stockholm, Sweden. 1374:121–124.. 2015.
Modeling and Verification of Insider Threats Using Logical Analysis. IEEE Systems Journal. 99:1–12.. 2015.
Modelling Social-Technical Attacks with Timed Automata. Proceedings of the 7th ACM CCS International Workshop on Managing Insider Security Threats (MIST), Denver, Colorado, US. :21–28.. 2015.
Pareto Efficient Solution of Attack-Defence Trees. 4th International Conference on Principles of Security and Trust, POST 2015, London, UK. 9036:95–114.. 2015.
The persuasion and security awareness experiment: reducing the success of social engineering attacks. Journal of Experimental Criminology. 11:97–115.. 2015.
A Probabilistic Analysis Framework for Malicious Insider Threats. Third International Conference on Human Aspects of Information Security, Privacy, and Trust (HAS), Los Angeles, US. 9190:178–189.. 2015.
Quantitative Attack Tree Analysis via Priced Timed Automata. Proceedings of the 13th International Conference on Formal Modeling and Analysis of Timed Systems, FORMATS 2015, Madrid, Spain. 9268:156–171.. 2015.
Regression Nodes: Extending attack trees with data from social sciences. Workshop on Socio-Technical Aspects in Security and Trust (STAST), Verona, Italy.. 2015.
Security analysis of socio-technical physical systems. Computers & Electrical Engineering. online. 2015.
Security-by-Experiment: Lessons from Responsible Deployment in Cyberspace. Science and Engineering Ethics. N/A. 2015.
Sequential and Parallel Attack Tree Modelling. Computer Safety, Reliability, and Security - Proceedings of the SAFECOM 2015 Workshops, ASSURE, DECSoS. ISSE, ReSA4CI, and SASSUR, Delft, The Netherlands. 9338:291–299.. 2015.
Socio-Technical Security Metrics (Dagstuhl Seminar 14491). Dagstuhl Reports. 4:1–28.. 2015.
Tangible Modelling to Elicit Domain Knowledge: An Experiment and Focus Group. 34th International Conference, ER 2015, Stockholm, Sweden. 9381:558–565.. 2015.
Time dependent analysis with dynamic counter measure trees. Proceedings of the 13th Workshop on Quantitative Aspects of Programming Languages and Systems (QAPL 2015), London, England.. 2015.
Tool-based Risk Assessment of Cloud Infrastructures as Socio-Technical Systems. The Cloud Security Ecosystem. :495–517.. 2015.