Selected Publications

Atle Refsdal, Bjørnar Solhaug and Ketil Stølen. Security risk analysis of system changes exemplified within the oil and gas domain. International Journal on Software Tools for Technology Transfer, 2014 Model-driven risk analysis of evolving critical infrastructures. Journal of Ambient Intelligence and Humanized Computing, 5(2):187-204, 2014.	Springer page
Bjørnar Solhaug and Ketil Stølen. The CORAS Language - Why it is designed the way it is. In Safety, Reliability, Risk and Life-Cycle Performance of Structures and Infrastructures, proc. of 11th International Conference on Structural Safety & Reliability (ICOSSAR'13), pp. 3155-3162. CRC Press, 2013.
Bjørnar Solhaug and Fredrik Seehusen. Model-driven risk analysis of evolving critical infrastructures. Journal of Ambient Intelligence and Humanized Computing, 5(2):187-204, 2014.	Springer page
Fredrik Seehusen, Bjørnar Solhaug. Tool-supported risk modeling and analysis of evolving critical infrastructures. In Multidisciplinary Research and Practice for Information Systems (CD-ARES), LNCS 7465, pp. 562-577, 2012.
Mass Soldal Lund, Bjørnar Solhaug, Ketil Stølen. Risk analysis of changing and evolving systems using CORAS. Foundations of Security Analysis and Design VI (FOSAD'11), number 6858 in Lecture Notes in Computer Science, pages 231-274, Springer 2011.	pdf
Mass Soldal Lund, Bjørnar Solhaug, Ketil Stølen. Model-Driven Risk Analysis. The CORAS Approach. Springer, 2010.	Springer page
Atle Refsdal, Ketil Stølen. Employing key indicators to provide a dynamic risk picture with a notion of confidence. Trust Management III. Third IFIP WG 11.11 International Conference (IFIPTM 2009), pages 215-233, Springer, 2009.	pdf
Gyrd Brændeland, Heidi E. I. Dahl, Iselin Engan, Ketil Stølen. Using dependent CORAs diagams to analyse mutual dependency. In Second International Workshop on Critial Information Infrastructures Security (CRITIS'07), number 5141 in Lecture Notes in Computer Science, pages 135-148, Springer, 2008.	pdf
Heidi E. I. Dahl. The CORAS method for security risk analysis. Tutorial presentation at 7th Estonian Summer School on Computer and Systems Science in cooperation with the Nordic Network On DEpendable Systems (NODES), Otepää, Estonia, August 24-29, 2008.	pdf
Folker den Braber, Ida Hogganvik, Mass Soldal Lund, Ketil Stølen, Fredrik Vraalsen. Model-based security analysis in seven steps – a guided tour to the CORAS method. BT Technology Journal, 25(1):101-117, January 2007. (©2007 Springer)	pdf
Fredrik Vraalsen, Tobias Mahler, Mass Soldal Lund, Ida Hogganvik, Folker den Braber, Ketil Stølen. Assessing enterprise risk level: The CORAS approach. In, Djamel Khadraoui and Francine Merrmann (eds.), Advances in Enterprise Information Technology Security, chapter XVIII, pages 311-333, Information Science Reference, 2007.	link
Ida Hogganvik. A graphical approach to security risk analysis. PhD thesis, Faculty of Mathematics and Natural Sciences, University of Oslo, 2007.	pdf
Heidi E. I. Dahl, Ida Hogganvik, Ketil Stølen. Structured semantics for the CORAS security risk modelling language. In Pre-proceedings of the 2nd International Workshop on Interoperability solutions on Trust, Security, Policies and QoS for Enhanced Enterprise Systems (IS-TSPQ'07). Report B-2007-3, pages 79-92, Department of Computer Science, University of Helsinki, 2007.	pdf
Heidi E. I. Dahl and Ida Hogganvik and Ketil Stølen. Structured semantics for the CORAS security risk modelling language. Technical report STF07 A970, SINTEF Information and Communication Technology, 2007.	pdf
Ida Hogganvik, Ketil Stølen. A Graphical Approach to Risk Identification, Motivated by Empirical Investigations. In 9th International Conference on Model Driven Engineering Languages and Systems (MoDELS 2006), number 4199 in Lecture Notes in Computer Science, pages 574-588, Springer, 2006. (©2006 Springer)	pdf
UML Profile for Modeling Quality of Service and Fault Tolerance Characteristics and mechanisms. OMG document formal/06-05-02, Object Management Group, May 2006.	OMG

Page updated October 23, 2014