• Publications
  • Influence
Model-Driven Risk Analysis - The CORAS Approach
TLDR
The term risk is known from many fields, and we are used to references to contractual risk, economic risk, operational risk, legal risk, security risk, and so forth. Expand
  • 358
  • 44
Model-based security analysis in seven steps — a guided tour to the CORAS method
TLDR
This paper presents the CORAS method for model-based security analysis. Expand
  • 202
  • 11
  • PDF
The CORAS methodology: model-based risk assessment using UML and UP
This chapter introduces the CORAS methodology in which Unified Modeling Language (UML) and Unified Process (UP) are combined to support a model-based risk assessment on security-critical systems. TheExpand
  • 69
  • 6
Towards a UML Profile for Model-Based Risk Assessment
TLDR
The EU-funded CORAS project (IST-2000-25031) is developing a framework for model-based risk assessment of security-critical systems. Expand
  • 61
  • 4
  • PDF
Model-based risk assessment – the CORAS approach
TLDR
The EU-funded CORAS project (IST-2000-25031) is developing a framework for model-based risk assessment of security-critical systems. Expand
  • 37
  • 4
  • PDF
A Guided Tour of the CORAS Method
TLDR
This chapter presents a guided tour of the CORAS method. Expand
  • 26
  • 4
  • PDF
A Fully General Operational Semantics for UML 2.0 Sequence Diagrams with Potential and Mandatory Choice
TLDR
We present an operational semantics for UML 2.0 sequence diagrams that we believe gives a solid starting point for developing methods for automated analysis. Expand
  • 44
  • 3
  • PDF
Risk Analysis of Changing and Evolving Systems Using CORAS
TLDR
We introduce general techniques and guidelines for managing risk in changing systems, and then instantiate these in the CORAS approach to model-driven risk analysis. Expand
  • 44
  • 2
  • PDF
Specifying Legal Risk Scenarios Using the CORAS Threat Modelling Language
TLDR
The paper makes two main contributions: (1) It presents experiences from using the CORAS language for security threat modelling to specify legal risk scenarios. Expand
  • 25
  • 2
  • PDF
...
1
2
3
4
5
...