{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,28]],"date-time":"2025-08-28T12:44:35Z","timestamp":1756385075796,"version":"3.40.3"},"publisher-location":"Cham","reference-count":68,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319748597"},{"type":"electronic","value":"9783319748603"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-74860-3_9","type":"book-chapter","created":{"date-parts":[[2018,1,18]],"date-time":"2018-01-18T04:34:39Z","timestamp":1516250079000},"page":"115-126","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":13,"title":["New Directions in Attack Tree Research: Catching up with Industrial Needs"],"prefix":"10.1007","author":[{"given":"Olga","family":"Gadyatskaya","sequence":"first","affiliation":[]},{"given":"Rolando","family":"Trujillo-Rasua","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,1,19]]},"reference":[{"key":"9_CR1","unstructured":"Amenaza: Creating secure systems through attack tree modeling (2003). http:\/\/www.amenaza.com\/"},{"key":"9_CR2","unstructured":"ANSSI: EBIOS \u2013 Expression des Besoins et Identification des Objectifs de Securite (2010)"},{"key":"9_CR3","doi-asserted-by":"crossref","unstructured":"Arnold, F., Guck, D., Kumar, R., Stoelinga, M.: Sequential and parallel attack tree modelling. In: Proceedings of SAFECOMP and Workshops, pp. 291\u2013299 (2015)","DOI":"10.1007\/978-3-319-24249-1_25"},{"key":"9_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"95","DOI":"10.1007\/978-3-662-46666-7_6","volume-title":"Principles of Security and Trust","author":"Z Aslanyan","year":"2015","unstructured":"Aslanyan, Z., Nielson, F.: Pareto efficient solutions of attack-defence trees. In: Focardi, R., Myers, A. (eds.) POST 2015. LNCS, vol. 9036, pp. 95\u2013114. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46666-7_6"},{"key":"9_CR5","doi-asserted-by":"crossref","unstructured":"Aslanyan, Z., Nielson, F., Parker, D.: Quantitative verification and synthesis of attack-defence scenarios. In: Proceedings of CSF. IEEE (2016)","DOI":"10.1109\/CSF.2016.15"},{"key":"9_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1007\/978-3-319-46263-9_2","volume-title":"Graphical Models for Security","author":"M Audinot","year":"2016","unstructured":"Audinot, M., Pinchinat, S.: On the soundness of attack trees. In: Kordy, B., Ekstedt, M., Kim, D.S. (eds.) GraMSec 2016. LNCS, vol. 9987, pp. 25\u201338. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-46263-9_2"},{"issue":"2","key":"9_CR7","doi-asserted-by":"crossref","first-page":"1","DOI":"10.4018\/jsse.2012040101","volume":"3","author":"A Bagnato","year":"2012","unstructured":"Bagnato, A., Kordy, B., Meland, P.H., Schweitzer, P.: Attribute decoration of attack-defense trees. Int. J. Secure Softw. Eng. (IJSSE) 3(2), 1\u201335 (2012)","journal-title":"Int. J. Secure Softw. Eng. (IJSSE)"},{"key":"9_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1007\/11962977_19","volume-title":"Critical Information Infrastructures Security","author":"A Buldas","year":"2006","unstructured":"Buldas, A., Laud, P., Priisalu, J., Saarepera, M., Willemson, J.: Rational choice of security measures via multi-parameter attack trees. In: Lopez, J. (ed.) CRITIS 2006. LNCS, vol. 4347, pp. 235\u2013248. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11962977_19"},{"key":"9_CR9","unstructured":"Bundesamt fur Sicherheit in der Informationstechnik: IT-Grundschutz-Catalogues, 13th version (2013)"},{"key":"9_CR10","doi-asserted-by":"crossref","unstructured":"Buyens, K., De Win, B., Joosen, W.: Empirical and statistical analysis of risk analysis-driven techniques for threat management. In: Proceedings of ARES. IEEE (2007)","DOI":"10.1109\/ARES.2007.78"},{"key":"9_CR11","unstructured":"Buzan, T., Buzan, B.: The mind map book: how to use radiant thinking to maximize your brain\u2019s untapped potential. Plume, reprint edn., Mar 1996. http:\/\/www.amazon.com\/exec\/obidos\/redirect?tag=citeulike07-20&path=ASIN\/0452273226"},{"issue":"4","key":"9_CR12","doi-asserted-by":"crossref","first-page":"12","DOI":"10.1109\/MCG.2005.91","volume":"25","author":"C Chen","year":"2005","unstructured":"Chen, C.: Top 10 unsolved information visualization problems. IEEE Comput. Graph. Appl. 25(4), 12\u201316 (2005)","journal-title":"IEEE Comput. Graph. Appl."},{"key":"9_CR13","unstructured":"Cleveland, W.: The elements of graphing data. AT&T Bell Laboratories (1994)"},{"issue":"3","key":"9_CR14","doi-asserted-by":"crossref","first-page":"621","DOI":"10.1147\/sj.453.0621","volume":"45","author":"K Czarnecki","year":"2006","unstructured":"Czarnecki, K., Helsen, S.: Feature-based survey of model transformation approaches. IBM Syst. J. 45(3), 621\u2013645 (2006)","journal-title":"IBM Syst. J."},{"key":"9_CR15","series-title":"Lecture Notes in Business Information Processing","doi-asserted-by":"publisher","first-page":"326","DOI":"10.1007\/978-3-319-48393-1_24","volume-title":"The Practice of Enterprise Modeling","author":"M Fraile","year":"2016","unstructured":"Fraile, M., Ford, M., Gadyatskaya, O., Kumar, R., Stoelinga, M., Trujillo-Rasua, R.: Using attack-defense trees to analyze threats and countermeasures in an ATM: a case study. In: Horkoff, J., Jeusfeld, M.A., Persson, A. (eds.) PoEM 2016. LNBIP, vol. 267, pp. 326\u2013334. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-48393-1_24"},{"key":"9_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1007\/978-3-319-29968-6_4","volume-title":"Graphical Models for Security","author":"O Gadyatskaya","year":"2016","unstructured":"Gadyatskaya, O.: How to generate security cameras: towards defence generation for socio-technical systems. In: Mauw, S., Kordy, B., Jajodia, S. (eds.) GraMSec 2015. LNCS, vol. 9390, pp. 50\u201365. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-29968-6_4"},{"key":"9_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1007\/978-3-319-44878-7_3","volume-title":"Formal Modeling and Analysis of Timed Systems","author":"O Gadyatskaya","year":"2016","unstructured":"Gadyatskaya, O., Hansen, R.R., Larsen, K.G., Legay, A., Olesen, M.C., Poulsen, D.B.: Modelling attack-defense trees using timed automata. In: Fr\u00e4nzle, M., Markey, N. (eds.) FORMATS 2016. LNCS, vol. 9884, pp. 35\u201350. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-44878-7_3"},{"key":"9_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1007\/978-3-319-46263-9_5","volume-title":"Graphical Models for Security","author":"O Gadyatskaya","year":"2016","unstructured":"Gadyatskaya, O., Harpes, C., Mauw, S., Muller, C., Muller, S.: Bridging two worlds: reconciling practical risk assessment methodologies with theory of attack trees. In: Kordy, B., Ekstedt, M., Kim, D.S. (eds.) GraMSec 2016. LNCS, vol. 9987, pp. 80\u201393. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-46263-9_5"},{"key":"9_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"159","DOI":"10.1007\/978-3-319-43425-4_10","volume-title":"Quantitative Evaluation of Systems","author":"O Gadyatskaya","year":"2016","unstructured":"Gadyatskaya, O., Jhawar, R., Kordy, P., Lounis, K., Mauw, S., Trujillo-Rasua, R.: Attack trees for practical security assessment: ranking of attack scenarios with ADTool 2.0. In: Agha, G., Van Houdt, B. (eds.) QEST 2016. LNCS, vol. 9826, pp. 159\u2013162. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-43425-4_10"},{"key":"9_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"164","DOI":"10.1007\/978-3-319-68063-7_11","volume-title":"Security and Trust Management","author":"O Gadyatskaya","year":"2017","unstructured":"Gadyatskaya, O., Jhawar, R., Mauw, S., Trujillo-Rasua, R., Willemse, T.A.C.: Refinement-aware generation of attack trees. In: Livraga, G., Mitchell, C. (eds.) STM 2017. LNCS, vol. 10547, pp. 164\u2013179. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-68063-7_11"},{"key":"9_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"196","DOI":"10.1007\/978-3-319-04897-0_13","volume-title":"Engineering Secure Software and Systems","author":"H Ghani","year":"2014","unstructured":"Ghani, H., Luna Garcia, J., Petkov, I., Suri, N.: User-centric security assessment of software configurations: a case study. In: J\u00fcrjens, J., Piessens, F., Bielova, N. (eds.) ESSoS 2014. LNCS, vol. 8364, pp. 196\u2013212. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-04897-0_13"},{"key":"9_CR22","doi-asserted-by":"crossref","unstructured":"Hall, P., Heath, C., Coles-Kemp, L., Tanner, A.: Examining the contribution of critical visualisation to information security. In: Proceedings of NSPW. ACM (2015)","DOI":"10.1145\/2841113.2841118"},{"issue":"11","key":"9_CR23","doi-asserted-by":"crossref","first-page":"1813","DOI":"10.1111\/j.1539-6924.2011.01636.x","volume":"31","author":"I Hogganvik Gr\u00f8ndahl","year":"2011","unstructured":"Hogganvik Gr\u00f8ndahl, I., Lund, M.S., St\u00f8len, K.: Reducing the effort to comprehend risk models: text labels are often preferred over graphical means. Risk Anal. 31(11), 1813\u20131831 (2011)","journal-title":"Risk Anal."},{"key":"9_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"82","DOI":"10.1007\/978-3-319-29968-6_6","volume-title":"Graphical Models for Security","author":"MG Ivanova","year":"2016","unstructured":"Ivanova, M.G., Probst, C.W., Hansen, R.R., Kamm\u00fcller, F.: Transforming graphical system models to graphical attack models. In: Mauw, S., Kordy, B., Jajodia, S. (eds.) GraMSec 2015. LNCS, vol. 9390, pp. 82\u201396. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-29968-6_6"},{"key":"9_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"138","DOI":"10.1007\/978-3-319-46598-2_10","volume-title":"Security and Trust Management","author":"R Jhawar","year":"2016","unstructured":"Jhawar, R., Lounis, K., Mauw, S.: A stochastic framework for quantitative analysis of attack-defense trees. In: Barthe, G., Markatos, E., Samarati, P. (eds.) STM 2016. LNCS, vol. 9871, pp. 138\u2013153. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-46598-2_10"},{"key":"9_CR26","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"339","DOI":"10.1007\/978-3-319-18467-8_23","volume-title":"ICT Systems Security and Privacy Protection","author":"R Jhawar","year":"2015","unstructured":"Jhawar, R., Kordy, B., Mauw, S., Radomirovi\u0107, S., Trujillo-Rasua, R.: Attack trees with sequential conjunction. In: Federrath, H., Gollmann, D. (eds.) SEC 2015. IAICT, vol. 455, pp. 339\u2013353. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-18467-8_23"},{"issue":"3","key":"9_CR27","doi-asserted-by":"crossref","first-page":"294","DOI":"10.1016\/j.infsof.2013.10.004","volume":"56","author":"P Karpati","year":"2014","unstructured":"Karpati, P., Redda, Y., Opdahl, A., Sindre, G.: Comparing attack trees and misuse cases in an industrial setting. Inf. Softw. Technol. 56(3), 294\u2013308 (2014)","journal-title":"Inf. Softw. Technol."},{"key":"9_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1007\/978-3-642-37682-5_5","volume-title":"Information Security and Cryptology \u2013 ICISC 2012","author":"B Kordy","year":"2013","unstructured":"Kordy, B., Mauw, S., Schweitzer, P.: Quantitative questions on attack\u2013defense trees. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol. 7839, pp. 49\u201364. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-37682-5_5"},{"key":"9_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"105","DOI":"10.1007\/978-3-319-54876-0_8","volume-title":"Risks and Security of Internet and Systems","author":"B Kordy","year":"2017","unstructured":"Kordy, B., Kordy, P., van den Boom, Y.: SPTool \u2013 equivalence checker for SAND attack trees. In: Cuppens, F., Cuppens, N., Lanet, J.-L., Legay, A. (eds.) CRiSIS 2016. LNCS, vol. 10158, pp. 105\u2013113. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-54876-0_8"},{"key":"9_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"173","DOI":"10.1007\/978-3-642-40196-1_15","volume-title":"Quantitative Evaluation of Systems","author":"B Kordy","year":"2013","unstructured":"Kordy, B., Kordy, P., Mauw, S., Schweitzer, P.: ADTool: security analysis with attack\u2013defense trees. In: Joshi, K., Siegle, M., Stoelinga, M., D\u2019Argenio, P.R. (eds.) QEST 2013. LNCS, vol. 8054, pp. 173\u2013176. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40196-1_15"},{"issue":"1","key":"9_CR31","doi-asserted-by":"crossref","first-page":"55","DOI":"10.1093\/logcom\/exs029","volume":"24","author":"B Kordy","year":"2014","unstructured":"Kordy, B., Mauw, S., Radomirovi\u0107, S., Schweitzer, P.: Attack-defense trees. J. Log. Comput. 24(1), 55\u201387 (2014). http:\/\/people.rennes.inria.fr\/Barbara.Kordy\/papers\/ADT12.pdf","journal-title":"J. Log. Comput."},{"key":"9_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1007\/978-3-319-22975-1_11","volume-title":"Formal Modeling and Analysis of Timed Systems","author":"R Kumar","year":"2015","unstructured":"Kumar, R., Ruijters, E., Stoelinga, M.: Quantitative attack tree analysis via priced timed automata. In: Sankaranarayanan, S., Vicario, E. (eds.) FORMATS 2015. LNCS, vol. 9268, pp. 156\u2013171. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-22975-1_11"},{"key":"9_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"191","DOI":"10.1007\/978-3-319-54045-0_15","volume-title":"Requirements Engineering: Foundation for Software Quality","author":"K Labunets","year":"2017","unstructured":"Labunets, K., Massacci, F., Paci, F.: On the equivalence between graphical and tabular representations for security risk assessment. In: Gr\u00fcnbacher, P., Perini, A. (eds.) REFSQ 2017. LNCS, vol. 10153, pp. 191\u2013208. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-54045-0_15"},{"key":"9_CR34","doi-asserted-by":"crossref","unstructured":"Labunets, K., Massacci, F., Paci, F.: An experimental comparison of two risk-based security methods. In: Proceedings of ESEM. pp. 163\u2013172. IEEE (2013)","DOI":"10.1109\/ESEM.2013.29"},{"issue":"6","key":"9_CR35","doi-asserted-by":"crossref","first-page":"3017","DOI":"10.1007\/s10664-017-9502-8","volume":"22","author":"K Labunets","year":"2017","unstructured":"Labunets, K., Massacci, F., Paci, F., Marczak, S., de Oliveira, F.: Model comprehension for security risk assessment: an empirical comparison of tabular vs. graphical representations. Empir. Softw. Eng. 22(6), 3017\u20133056 (2017)","journal-title":"Empir. Softw. Eng."},{"issue":"9","key":"9_CR36","doi-asserted-by":"crossref","first-page":"1520","DOI":"10.1109\/TVCG.2011.279","volume":"18","author":"H Lam","year":"2012","unstructured":"Lam, H., Bertini, E., Isenberg, P., Plaisant, C., Carpendale, S.: Empirical studies in information visualization: seven scenarios. IEEE Trans. Vis. Comput. Graph. 18(9), 1520\u20131536 (2012)","journal-title":"IEEE Trans. Vis. Comput. Graph."},{"key":"9_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"102","DOI":"10.1007\/978-3-319-46263-9_7","volume-title":"Graphical Models for Security","author":"E Li","year":"2016","unstructured":"Li, E., Barendse, J., Brodbeck, F., Tanner, A.: From A to Z: developing a visual vocabulary for information security threat visualisation. In: Kordy, B., Ekstedt, M., Kim, D.S. (eds.) GraMSec 2016. LNCS, vol. 9987, pp. 102\u2013118. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-46263-9_7"},{"key":"9_CR38","series-title":"Lecture Notes in Business Information Processing","doi-asserted-by":"publisher","first-page":"332","DOI":"10.1007\/978-3-662-43745-2_23","volume-title":"Enterprise, Business-Process and Information Systems Modeling","author":"R Matulevi\u010dius","year":"2014","unstructured":"Matulevi\u010dius, R.: Model comprehension and stakeholder appropriateness of security risk-oriented modelling languages. In: Bider, I., Gaaloul, K., Krogstie, J., Nurcan, S., Proper, H.A., Schmidt, R., Soffer, P. (eds.) BPMDS\/EMMSAD -2014. LNBIP, vol. 175, pp. 332\u2013347. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-43745-2_23"},{"key":"9_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1007\/11734727_17","volume-title":"Information Security and Cryptology - ICISC 2005","author":"S Mauw","year":"2006","unstructured":"Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186\u2013198. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11734727_17"},{"key":"9_CR40","unstructured":"Microsoft: Threat modeling (2003). https:\/\/msdn.microsoft.com\/en-us\/library\/ff648644.aspx"},{"key":"9_CR41","unstructured":"Nielsen, J.: Evaluating information assurance control effectiveness on an air force supervisory control and data acquisition (SCADA) system. Technical report, DTIC Document (2011)"},{"key":"9_CR42","unstructured":"NIST: Special Publication 800-53 Revision 4. Security and privacy controls for federal information systems and organizations (2013). http:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-53r4.pdf"},{"issue":"5","key":"9_CR43","doi-asserted-by":"crossref","first-page":"916","DOI":"10.1016\/j.infsof.2008.05.013","volume":"51","author":"AL Opdahl","year":"2009","unstructured":"Opdahl, A.L., Sindre, G.: Experimental comparison of attack trees and misuse cases for security threat identification. Inf. Softw. Technol. 51(5), 916\u2013932 (2009)","journal-title":"Inf. Softw. Technol."},{"key":"9_CR44","unstructured":"OWASP: CISO AppSec guide: criteria for managing application security risks (2013)"},{"key":"9_CR45","unstructured":"Schweitzer, P.: Attack\u2013defense trees. Ph.D. thesis, University of Luxembourg (2013)"},{"key":"9_CR46","doi-asserted-by":"crossref","unstructured":"Paul, S.: Towards automating the construction & maintenance of attack trees: a feasibility study. In: Proceedings of GraMSec (2014)","DOI":"10.4204\/EPTCS.148.3"},{"issue":"3","key":"9_CR47","first-page":"165","volume":"19","author":"S Paul","year":"2014","unstructured":"Paul, S., Vignon-Davillier, R.: Unifying traditional risk assessment approaches with attack trees. J. Inf. Secur. Appl. 19(3), 165\u2013181 (2014)","journal-title":"J. Inf. Secur. Appl."},{"issue":"3","key":"9_CR48","doi-asserted-by":"crossref","first-page":"14","DOI":"10.1109\/MSP.2016.47","volume":"14","author":"W Pieters","year":"2016","unstructured":"Pieters, W., Barendse, J., Ford, M., Heath, C., Probst, C.W., Verbij, R.: The navigation metaphor in security economics. IEEE Secur. Priv. 14(3), 14\u201321 (2016)","journal-title":"IEEE Secur. Priv."},{"key":"9_CR49","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"201","DOI":"10.1007\/978-3-319-17016-9_13","volume-title":"Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance","author":"W Pieters","year":"2015","unstructured":"Pieters, W., Davarynejad, M.: Calculating adversarial risk from attack trees: control strength and probabilistic attackers. In: Garcia-Alfaro, J., Herrera-Joancomart\u00ed, J., Lupu, E., Posegga, J., Aldini, A., Martinelli, F., Suri, N. (eds.) DPM\/QASA\/SETOP -2014. LNCS, vol. 8872, pp. 201\u2013215. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-17016-9_13"},{"key":"9_CR50","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"363","DOI":"10.1007\/978-3-319-15201-1_24","volume-title":"Software Engineering and Formal Methods","author":"S Pinchinat","year":"2015","unstructured":"Pinchinat, S., Acher, M., Vojtisek, D.: Towards synthesis of attack trees for supporting computer-aided risk analysis. In: Canal, C., Idani, A. (eds.) SEFM 2014. LNCS, vol. 8938, pp. 363\u2013375. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-15201-1_24"},{"key":"9_CR51","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"97","DOI":"10.1007\/978-3-319-29968-6_7","volume-title":"Graphical Models for Security","author":"S Pinchinat","year":"2016","unstructured":"Pinchinat, S., Acher, M., Vojtisek, D.: ATSyRa: an integrated environment for synthesizing attack trees. In: Mauw, S., Kordy, B., Jajodia, S. (eds.) GraMSec 2015. LNCS, vol. 9390, pp. 97\u2013101. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-29968-6_7"},{"key":"9_CR52","unstructured":"Fredslund, M.P.: Automated synthesis of attack-defense trees using a library of component attacks. Master thesis, University of Luxembourg (2015)"},{"key":"9_CR53","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-319-29968-6_1","volume-title":"Graphical Models for Security","author":"CW Probst","year":"2016","unstructured":"Probst, C.W., Willemson, J., Pieters, W.: The attack navigator. In: Mauw, S., Kordy, B., Jajodia, S. (eds.) GraMSec 2015. LNCS, vol. 9390, pp. 1\u201317. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-29968-6_1"},{"key":"9_CR54","doi-asserted-by":"crossref","first-page":"4","DOI":"10.1145\/264216.264222","volume":"2","author":"HC Purchase","year":"1997","unstructured":"Purchase, H.C., Cohen, R.F., James, M.I.: An experimental study of the basis for graph drawing algorithms. J. Exp. Algorithmics (JEA) 2, 4 (1997)","journal-title":"J. Exp. Algorithmics (JEA)"},{"key":"9_CR55","doi-asserted-by":"crossref","unstructured":"Roy, A., Kim, D.S., Trivedi, K.: Scalable optimal countermeasure selection using implicit enumeration on attack countermeasure trees. In: Proceedings of DSN. IEEE (2012)","DOI":"10.1109\/DSN.2012.6263940"},{"issue":"4","key":"9_CR56","first-page":"124","volume":"23","author":"V Saini","year":"2008","unstructured":"Saini, V., Duan, Q., Paruchuri, V.: Threat modeling using attack trees. J. Comput. Sci. Coll. 23(4), 124\u2013131 (2008)","journal-title":"J. Comput. Sci. Coll."},{"issue":"12","key":"9_CR57","first-page":"21","volume":"24","author":"B Schneier","year":"1999","unstructured":"Schneier, B.: Attack trees. Dr. Dobb\u2019s J. Softw. Tools 24(12), 21\u201329 (1999). http:\/\/www.ddj.com\/security\/184414879","journal-title":"Dr. Dobb\u2019s J. Softw. Tools"},{"key":"9_CR58","volume-title":"Secrets and Lies: Digital Security in a Networked World","author":"B Schneier","year":"2011","unstructured":"Schneier, B.: Secrets and Lies: Digital Security in a Networked World. Wiley, New York (2011)"},{"key":"9_CR59","volume-title":"Threat Modeling: Designing for Security","author":"A Shostack","year":"2014","unstructured":"Shostack, A.: Threat Modeling: Designing for Security. Wiley, Hoboken (2014)"},{"issue":"1","key":"9_CR60","doi-asserted-by":"crossref","first-page":"85","DOI":"10.1145\/1044834.1044837","volume":"14","author":"I Sommerville","year":"2005","unstructured":"Sommerville, I., Ransom, J.: An empirical study of industrial requirements engineering process assessment and improvement. ACM Trans. Softw. Eng. Methodol. 14(1), 85\u2013117 (2005)","journal-title":"ACM Trans. Softw. Eng. Methodol."},{"key":"9_CR61","doi-asserted-by":"crossref","unstructured":"Staheli, D., Yu, T., Crouser, R.J., Damodaran, S., Nam, K., O\u2019Gwynn, D., McKenna, S., Harrison, L.: Visualization evaluation for cyber security: trends and future directions. In: Proceedings of VizSec. ACM (2014)","DOI":"10.1145\/2671491.2671492"},{"key":"9_CR62","unstructured":"Synopsis: How mapping the Ocean\u2019s Eleven heist can make you better at application security testing (2015). https:\/\/www.synopsys.com\/blogs\/software-security\/oceans-eleven-make-you-better-at-application-security-testing\/"},{"key":"9_CR63","doi-asserted-by":"crossref","unstructured":"Ten, C.W., Liu, C.C., Govindarasu, M.: Vulnerability assessment of cybersecurity for scada systems using attack trees. In: Power Engineering Society General Meeting. IEEE (2007)","DOI":"10.1109\/PES.2007.385876"},{"key":"9_CR64","doi-asserted-by":"crossref","unstructured":"T\u00f8ndel, I.A., Jensen, J., R\u00f8stad, L.: Combining misuse cases with attack trees and security activity models. In: Proceedings of ARES. pp. 438\u2013445. IEEE (2010)","DOI":"10.1109\/ARES.2010.101"},{"key":"9_CR65","unstructured":"TREsPASS: Technology-supported Risk Estimation by Predictive Assessment of Socio-technical Security, FP7 project, grant agreement 318003 (2012\u20132016). http:\/\/www.trespass-project.eu\/"},{"key":"9_CR66","doi-asserted-by":"crossref","unstructured":"Vigo, R., Nielson, F., Nielson., H.R.: Automated generation of attack trees. In: Proceedings of CSF. IEEE (2014)","DOI":"10.1109\/CSF.2014.31"},{"key":"9_CR67","volume-title":"Risk Analysis: A Quantitative Guide","author":"D Vose","year":"2008","unstructured":"Vose, D.: Risk Analysis: A Quantitative Guide. Wiley, New York (2008)"},{"key":"9_CR68","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-29044-2","volume-title":"Experimentation in Software Engineering","author":"C Wohlin","year":"2012","unstructured":"Wohlin, C., Runeson, P., H\u00f6st, M., Ohlsson, M., Regnell, B., Wessl\u00e9n, A.: Experimentation in Software Engineering. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29044-2"}],"container-title":["Lecture Notes in Computer Science","Graphical Models for Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-74860-3_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,9]],"date-time":"2019-10-09T09:59:29Z","timestamp":1570615169000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-74860-3_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319748597","9783319748603"],"references-count":68,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-74860-3_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2018]]}}}