Conference / Workshop Publications

Dasanayake, S., Markkula, M., Aaramaa, S. & Oivo, M. (2015) Software Architecture Decision-making Practices and Challenges: An Industrial Case Study24th Australasian Software Engineering Conference (ASWEC), Adelaide, Australia, 28 September – 02 October 2015

Aaramaa, S., Saukkonen, S., Hyysalo, J., Similä, J., Kuvaja, P. & Oivo, M. (2015) Design for Excellence in the Context of Very Large-Scale Requirements Engineering. 11th International Conference on Software Engineering and Applications (ICSOFT-EA), Colmar, France, July 20-22, 2015

Khelladi, D., Hebig, R., Bendraou, R., Robin, J. &  Gervais, M. (2015). Detecting Complex Changes During Metamodel Evolution. 27th International Conference on Advanced Information Systems Engineering (CAiSE), Stockholm, Sweden, June 2014

Wiander, T., Hämäläinen, M. & Martikka, E. (2015) Computer Security and Safeguards. International Conference on Computer Security in a Nuclear World, Vienna, Austria, 1-5 June 2015

Valkama, R. & Wiander, T. (2015) Transition into digital industrial automation and control systems within the nuclear regime. International Conference on Computer Security in a Nuclear World, Vienna, Austria, 1-5 June 2015

Holappa, J., Aalto-Setälä, S. & Wiander, T. (2015) Threat-based computer security supervisory oversight process. International Conference on Computer Security in a Nuclear World, Vienna, Austria, 1-5 June 2015

Paul, S. & Rioux, L. (2015) Over 20 Years of Research in Cybersecurity and Safety Engineering: a short Bibliography. 6th International Conference on Safety and Security Engineering (SAFE). Opatija, Croatia, May 2015.

Paul, S. (2015) On the Meaning of Security for Safety (S4S)6th International Conference on Safety and Security Engineering (SAFE). Opatija, Croatia, May 2015.

Sion, L., Yskout, K., van den Berghe, A., Scandariato, R. & Joosen, W. (2015) MASC: Modelling architectural security concernsModelling in Software Engineering (MiSE), Florence, 16-17 May 2015

Khelladi, D., Bendraou, R., Baarir, S. &  Laurent, Y. (2015). A framework to formally verify conformance of a software process to a software method30th ACM/SIGAPP Symposium On Applied Computing (SAC), Spain, April 2015

Martikka, E., Hack, T., Honkamaa, T., Hämäläinen, M. & Wiander, T. (2015) Challenges to the effective implementation of the 3S – Safety, Security and Safeguards – approach with some practical experiences. XIX Amaldi Conference on International Cooperation for Enhancing Nuclear Safety, Security, Safeguards and Non-proliferation. Rome Italy, 30 – 31 March 2015

Brunel J., Chemouil, D., Rioux, L., Bakkali, M. & Vallée, F. (2014) A Viewpoint-Based Approach for Formal Safety & Security Assessment of System Architectures11th Workshop on Model-Driven Engineering, Verification and Validation, Spain, Sep 2014.

Vallée, F., Bakkali, M. & Briones J. F. (2014) MERgE AVIONICS USE CASE: Example of an integrated safety toolchainLambda Mu 2014, Dijon, France, October 2014

Hovsepyan, A., Van Landuyt, D., Op de beeck, S., Michiels, S., Joosen, W., Rangel, G., Briones, J. F. & Depauw, J. (2014) Model-Driven Software Development of Safety-Critical Avionics Systems: an Experience Report1st International Workshop on Model-Driven Development Processes and Practices co-located with ACM/IEEE 17th International Conference on Model Driven Engineering Languages & Systems (MoDELS 2014) , volume 1249, Valencia, SPAIN, 28 September 2014

Van Landuyt, D., Op de beeck, S., Hovsepyan, A., Michiels, S., Joosen, W., Meynckens, S., de Jong, G., Barais, O. & Acher, M. (2014) Towards managing variability in the safety design of an automotive hall effect sensor. In Proceedings of the 18th International Software Product Line Conference, Florence, September 15-19, 2014

Laurent, Y., Bendraou, R., Baarir, S. &  Gervais, M. (2014). Alloy4SPV : A Formal Framework for Software Process Verification10th European Conference on Modelling Foundations and Applications, York, UK, 21-25 July 2014

Dasanayake, S., Markkula, J., & Oivo, M. (2014). Concerns in Software Development – A Systematic Mapping Study. In Proceedings of the 18th International Conference on Evaluation and Assessment in Software Engineering (EASE 2014), (pp. 197-200). ACM.

Laurent, Y., Bendraou, R., Baarir, S. &  Gervais, M. (2014). Formalization of fUML: An Application to Process Verification26th International Conference on Advanced Information Systems Engineering (CAiSE), Thessaloniki, Greece, 16-20 June 2014

Paul, S. (2014). Towards Automating the Construction & Maintenance of Attack Trees: a Feasibility Study. In Proceedings of the 1st International Workshop on Graphical Models for Security (GraMSec 2014) co-located with The European Joint Conferences on Theory and Practice of Software (ETAPS 2014), (pp. 31-46). arXiv.org.

Beslic, A., Bendraou, R., Sopena, J., & Rigolet, J. Y. (2013). Towards a solution avoiding Vendor Lock-in to enable Migration Between Cloud Platforms. In Proceedings of the 2nd International Workshop on Model-Driven Engineering for High Performance and CLoud computing (MDHPCL 2013) co-located with 16th International Conference on Model Driven Engineering Languages and Systems (MODELS 2013),(pp. 5-14). CEUR-WS.org.

Fall, I., Bendraou, R., Gervais, M. P., & Blanc, X. (2013). Towards a Full Specification and Use of Overlap Relationships between Work Products in MDE Software Processes. In IEEE 22nd International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), (pp. 209-217). IEEE.

Bergomi, F., Paul, S., Solhaug, B., & Vignon-Davillier, R. (2013). Beyond Traceability: Compared Approaches to Consistent Security Risk Assessments. In Eighth International Conference on Availability, Reliability and Security (ARES), (pp. 814-820). IEEE.

Laurent, Y., Bendraou, R., & Gervais, M. P. (2013). Generation of process using multi-objective genetic algorithm. In Proceedings of the 2013 International Conference on Software and System Process, (pp. 161-165). ACM.

Juuso, A., Takanen, A., & Kittilä, K. (2013). Proactive Cyber Defense: Understanding and Testing for Advanced Persistent Threats (APTs) In Proceedings of the European Conference on Informations Warfare and Security (pp. 383). ACPI Press.

 

Journal Articles and Book Chapters

Falleri, J.R., Blanc, X, Bendraou, R. Almeida, M.A. & Teyton, C. (2014). Incremental inconsistencies detection in low memory overhead In Journal of Software Practice and Experience, 44(5)

Almeida Da Silva, M. A., Blanc, X., Bendraou, R., & Gervais, M. P. (2013). Experiments on the impact of deviations to process execution. In Ingénierie des systèmes d’information, 18(3), 95-119.

Aaramaa, S., Kinnunen, T., Lehto, J., & Taušan, N. (2013). Managing Constant Flow of Requirements: Screening Challenges in Very Large-Scale Requirements Engineering. In Product-Focused Software Process Improvement (pp. 123-137). Springer Berlin Heidelberg.

 

Training / Workshop Presentations

TGS (2015, June). Transformations, Patterns, Version Control: Where there is modeling, there is merging. Presented at Eclipse Con France, Eclipse Con France.

Bendraou, R. (2013, June). Alloy4SPV: a Framework for Software Processes Verification. Presented at MDDay at LIP6/UPMC, Paris, Finland.

STUK (2013, May). Information security in STUK. Presented at STUK internal educational program for all personnel, Helsinki, Finland.

STUCK, SSM. (2013, May). Safety, security and safeguards collaboration workshop, Sweden.

Kuipers, R. (nSense) (2013, April). Fuzzing SCADA demonstrations. Demonstrated at the training course on safety and security of I & C systems of nuclear power plant, Helsinki, Finland.

Takanen, A. (Codenomicon) (2013, April). Fuzzing and Unknown Vulnerability Discovery in SCADA/ICS.Presented at the training course on safety and security of I & C systems of nuclear power plant, Helsinki, Finland.

Wiander, T. (STUK)(2013, April). NPP Computer Based Systems DBT & DBV, introduction to NPP cyber security issues, requirements, from plant level to systems level testing. Presented at the training course on safety and security of I & C systems of nuclear power plant, Helsinki, Finland.

STUK (2013, April). NPP Computer Based Systems DBT & DBV, introduction to NPP cyber security issues, requirements, from plant level to systems level testing. Presented at the training course on safety and security of I & C systems of nuclear power plant, Helsinki, Finland.

STUCK, SSM. (2013, March). Safety, security and safeguards collaboration workshop, Finland.

 

White papers

Juuso, A. (2013, April). Fuzzing Best Practices for SCADA networks. Codenomicon.