Security Engineering: a Guide to Building Dependable Distributed Systems, 2001. ,
Characterising and Analysing Security Requirements Modelling Initiatives, 2011 Sixth International Conference on Availability, Reliability and Security, pp.710-715, 2011. ,
DOI : 10.1109/ARES.2011.113
A comparison of security requirements engineering methods, Requirements Engineering, vol.4, issue.2, pp.7-40, 2010. ,
DOI : 10.1007/s00766-009-0092-x
A systematic review of security requirements engineering, Computer Standards & Interfaces, vol.32, issue.4, pp.153-165, 2010. ,
DOI : 10.1016/j.csi.2010.01.006
Survey and analysis on Security Requirements Engineering, Computers & Electrical Engineering, vol.38, issue.6, pp.1785-1797, 2012. ,
DOI : 10.1016/j.compeleceng.2012.08.008
Towards a Measurement Framework for Security Risk Management, Modeling Security Workshop (MOD- SEC'08), in conjunction with the 11th International Conference on Model Driven Engineering Languages and Systems (MODELS'08), 2008. ,
UMLsec: extending UML for secure systems development. The Unified Modeling Language, Model Engineering, Languages Concepts and Tools, Fifth International Conference, 2002. ,
SecureUML: A UML-Based Modeling Language for Model-Driven Security. The Unified Modeling Language, Model Engineering , Languages Concepts and Tools, Fifth International Conference, 2002. ,
Stehney: Security quality requirements engineering (SQUARE) Methodology, Software Eng. Inst, 2005. ,
DOI : 10.1145/1083200.1083214
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.110.8758
Opdahl: Capturing security requirements by misuse cases, Presented at 14th Norwegian Informatics Conference (NIK'2001), 2001. ,
DOI : 10.1109/tools.2000.891363
Elaborating security requirements by construction of intentional anti-models, Proceedings. 26th International Conference on Software Engineering, pp.148-157, 2004. ,
DOI : 10.1109/ICSE.2004.1317437
SECURE TROPOS: A SECURITY-ORIENTED EXTENSION OF THE TROPOS METHODOLOGY, International Journal of Software Engineering and Knowledge Engineering, vol.17, issue.02, pp.285-309, 2007. ,
DOI : 10.1142/S0218194007003240
A Goal Oriented Approach for Modeling and Analyzing Security Trade-Offs, 2007. ,
DOI : 10.1007/978-3-540-75563-0_26
Strategies for developing policies and requirements for secure electronic commerce systems, 2000. ,
Model-based security analysis in seven steps ??? a guided tour to the CORAS method, BT Technology Journal, vol.24, issue.12, pp.101-117, 2007. ,
DOI : 10.1007/s10550-007-0013-9
Zannone: From trust to dependability through risk analysis, Proceedings of the international conference on availability, reliability and security (AReS, pp.19-26, 2007. ,
DOI : 10.1109/ares.2007.93
Towards a risk-based security requirements engineering framework, Proceedings of the 11th international workshop on requirements engineering: foundation for software quality (REFSQ05), in conjunction with the 17th conference on advanced information systems engineering (CAiSE05), 2005. ,
Applying a Security Requirements Engineering Process, Proceedings of the 11th European conference on Research in Computer Security, pp.192-206, 2006. ,
DOI : 10.1007/11863908_13
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.1028.592
ISO/IEC 27005:2011 Information technology ? Security techniques ? Information security risk management, 2010. ,
Bast: MDA explainedthe model driven architecture: practice and promise, 2003. ,
A systematic review of transformation approaches between user requirements and analysis models. Requirements Engineering, v.16 n.2, pp.75-99, 2011. ,
An approach based on Model-driven Engineering to define Security Policies using the access control model OrBAC.The Eight International Workshop on Frontiers in Availability, Reliability and Security (FARES 2013), conjonction with the 8th ARES Conference, pp.2-6, 2013. ,
From KAOS to RBAC: A Case Study in Designing Access Control Rules from a Requirements Analysis, 2011 Conference on Network and Information Systems Security, 2011. ,
DOI : 10.1109/SAR-SSI.2011.5931378
URL : https://hal.archives-ouvertes.fr/hal-00860807
Towards a Comprehensive Framework for Secure Systems Development, 18th International Conference on Advanced Information Systems Engineering, 2006. ,
DOI : 10.1007/11767138_5
Using Requirements Engineering in an Automatic Security Policy Derivation Process, 2011. ,
DOI : 10.1007/978-3-642-28879-1_11
URL : https://hal.archives-ouvertes.fr/hal-00738844
Software Security Engineering: A Guide for Project Managers, 2004. ,
Adapting Secure Tropos for Security Risk Management in the Early Phases of Information Systems Development, Proceedings of the 20th International Conference on Advanced Information Systems Engineering, pp.541-555, 2008. ,
DOI : 10.1007/978-3-540-69534-9_40
Aagedal: The CORAS methodology: model-based risk assessment using UML and UP, UML and the Unified Process, pp.332-357, 2003. ,
Using Abuse Frames to Bound the Scope of Security Problems, Proceedings of the 12th IEEE international Conference on Requirements Engineering, pp.354-355, 2004. ,
A Security Engineering Process based on Patterns, 18th International Conference on Database and Expert Systems Applications (DEXA 2007), pp.734-738, 2007. ,
DOI : 10.1109/DEXA.2007.36
A Problem-Based Threat Analysis in Compliance with Common Criteria, 2013 International Conference on Availability, Reliability and Security, pp.111-120, 2013. ,
DOI : 10.1109/ARES.2013.21
Security Requirements Engineering: A Framework for Representation and Analysis, IEEE Transactions on Software Engineering, vol.34, issue.1, p.133, 2008. ,
DOI : 10.1109/TSE.2007.70754
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.210.512