Publications

24 results
2016
[24]15 Years of Model-based Security Engineering with \UML\: Supporting Secure Evolution (Keynote) (), In Sixth International Symposium on Business Modeling and Software Design (BMSD 2016), . [bibtex]
[23]Consistency checks of design specifications against requirements using graph-based linguistic analysis (, and ), In Proceedings of the 31st Annual ACM Symposium on Applied Computing - SAC '16, ACM, . [bibtex] [pdf] [doi]
[22]How do we read specifications? experiences from an eye tracking study (, and ), In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Springer, volume 9619, . [bibtex] [doi]
2015
[21]The CoCoME Platform: A Research Note on Empirical Studies in Information System Evolution (, , , , , and ), Karlsruhe Institute of Technology, volume 25, . [bibtex] [pdf] [doi]
[20]Restoring Security of Long-Living Systems by Co-evolution (, , , , and ), In Proceedings - International Computer Software and Applications Conference, volume 2, . [bibtex] [doi]
[19]Preserving Validity of Batch-Job Nets under Change at Run-Time (, , and ), In Proceedings - International Computer Software and Applications Conference, volume 2, . [bibtex] [doi]
[18]A Platform for Empirical Research on Information System Evolution (, , , , , and ), In Proceedings of the 27th International Conference on Software Engineering and Knowledge Engineering (SEKE'15), KSI Research Inc., . [bibtex] [pdf] [doi]
[17]Restoring security of evolving software models using graph transformation (, and ), In International Journal on Software Tools for Technology Transfer, volume 17, . [bibtex] [doi]
2014
[16]Specifying model changes with UMLchange to support security verification of potential evolution (, , and ), In Computer Standards and Interfaces, Elsevier BV, volume 36, . [bibtex] [pdf] [doi]
[15]Maintaining requirements for long-living software systems by incorporating security knowledge (, , and ), In 2014 IEEE 22nd International Requirements Engineering Conference, RE 2014 - Proceedings, . [bibtex] [doi]
[14]Security Certification in the Presence of Evolution: Models vs. Code (Invited talk) (), In International Workshop on Safety and Formal Methods (SaFoMe@SEFM 2014), . [bibtex]
[13]Evolution of Security Engineering Artifacts (, , , , , , , , , , , , , , and ), In International Journal of Secure Software Engineering, volume 5, . [bibtex] [pdf] [doi]
[12]\M\odel-based \S\ecurity \E\ngineering with \UML\: \M\anaged \C\o-\E\volution of \S\ecurity \K\nowledge and \S\oftware \M\odels (, , , and ), In Foundations of Security Analysis and Desing VII: FOSAD Tutorial Lectures (Aldini, A, Lopez, J, Martinelli, F, eds.), volume 8604, . [bibtex]
[11]Versioning and Evolution Requirements for Model-Based System Development (, , , and ), In Proceedings of the International Workshop on Comparison and Versioning of Software Models (CVSM), . [bibtex]
[10]Using ontologies to analyze compliance requirements of cloud-based processes (, , , , and ), In Communications in Computer and Information Science, Springer, volume 453, . [bibtex] [doi]
[9]Towards Adaptation and Evolution of Domain-Specific Knowledge for Maintaining Secure Systems (, , , and ), In 15th Int. Conf. of Product Focused Software Development and Process Improvement (Profes'14), Springer, volume 8892, . [bibtex] [pdf] [doi]
[8]The SecReq approach: From Security Requirements to Secure Design while Managing Software Evolution ( and ), In Software Engineering (SE2014), GI, volume Lecture Notes in Informatics, . [bibtex]
[7]Semiautomatic security requirements engineering and evolution using decision documentation, heuristics, and user monitoring (, , , , and ), In 2014 IEEE 1st International Workshop on Evolving Security and Privacy Requirements Engineering, ESPRE 2014 - Proceedings, IEEE, . [bibtex] [doi]
[6]Zielgerichtete Anpassung von Software nach der Evolution von kontextspezifischem Wissen (, and ), In CEUR Workshop Proceedings, volume 1129, . [bibtex]
2013
[5]Model-centric Security Verification Subject to Evolution (), . [bibtex] [pdf]
[4]\C\apturing and \D\ocumentation of \D\ecisions in \S\ecurity \R\equirements \E\ngineering through \H\euristics (, , and ), . [bibtex]
2012
[3]Supporting security assurance in the context of evolution: Modular modeling and analysis with UMLsec ( and ), In Proceedings of IEEE International Symposium on High Assurance Systems Engineering, IEEE CS, . [bibtex] [doi]
[2]On modelling non-functional requirements evolution with UML ( and ), In Modelling and Quality in Requirements Engineering (Essays Dedicatedto Martin Glinz on the Occasion of His 60th Birthday), Verlagshaus Monsenstein und Vannerdat, . [bibtex]
2010
[1]Eliciting security requirements and tracing them to design: An integration of Common Criteria, heuristics, and UMLsec (, , , and ), In Requirements Engineering, volume 15, . [bibtex] [doi]

Previous Project-related Publications

11 results
2012
[11]Enhancing security requirements engineering by organizational learning (, , and ), In Requirements Engineering, Published online., volume 17, . [bibtex] [doi]
2011
[10]Generische Refactoring-Spezifikation für Korrektheitsbeweise in mehrsichtigen Modellsprachen (), PhD thesis, Universität Paderborn, . [bibtex]
[9]Run-time security traceability for evolving systems (, and ), In Computer Journal, Oxford Univ. Press, volume 54, . [bibtex] [doi]
2010
[8]From goal-driven security requirements engineering to secure design ( and ), In International Journal of Intelligent Systems, volume 25, . [bibtex] [doi]
[7]Eliciting security requirements and tracing them to design: An integration of Common Criteria, heuristics, and UMLsec (, , , and ), In Requirements Engineering, volume 15, . [bibtex] [doi]
2009
[6]Modeling and Improving Information Flows in the Development of Large Business Applications ( and ), In Software Architecture Knowledge Management, Springer, volume NA, . [bibtex]
[5]Refinement-Preserving Co-evolution ( and ), In Formal Methods and Software Engineering, 11th International Conference on Formal Engineering Methods, ICFEM 2009, Rio de Janeiro, Brazil, December 9-12, 2009. (Breitman, Karin, Cavalcanti, Ana, eds.), Springer, volume 5885, . [bibtex] [doi]
2008
[4]Using event-driven process chains for model-driven development of business applications (, , and ), In International Journal of Business Process Integration and Management, volume 3, . [bibtex] [pdf] [doi]
2007
[3]Model-based Security (, and ), In Engineering of Distributed Information Systems using UMLsec. 29th International Conference on Software Engineering (ICSE 2007), ACM, . [bibtex]
2006
[2]Rationale as a by-product (), In Rationale Management in Software Engineering, Springer, . [bibtex] [doi]
1996
[1]Prototypes as assets, not toys. Why and how to extract knowledge from prototypes (), In Proceedings of IEEE 18th International Conference on Software Engineering, . [bibtex] [pdf] [doi]