Haley, C., Laney, R., Moffett, J., and Nuseibeh, B. (2008).
Security requirements engineering: A framework for
representation and analysis. IEEE Transactions on
Software Engineering, 34(1):133–153.
Haley, C. B. and Laney, R. C. Using trust assumptions in
security requirements engineering. Citeseer.
Helmi
¨
o, P. et al. (2017). Open source in industrial internet
of things: A systematic literature review.
Henzinger, T., Lee, E. A., Sangiovanni-Vincentelli, A., Sas-
try, S., Aiken, A., Auslander, D., Bajcsy, R., Hedrick,
K., Keutzer, K., Necula, G., et al. (2008). Center for
hybrid and embedded software systems.
Hu, F., Lu, Y., Vasilakos, A. V., Hao, Q., Ma, R., Patil, Y.,
Zhang, T., Lu, J., Li, X., and Xiong, N. N. (2016). Ro-
bust cyber–physical systems: Concept, models, and
implementation. Future generation computer systems,
56:449–475.
Jeschke, S., Brecher, C., Meisen, T.,
¨
Ozdemir, D., and Es-
chert, T. (2017). Industrial internet of things and cy-
ber manufacturing systems. In Industrial internet of
things, pages 3–19. Springer.
Li, T. and Horkoff, J. (2014). Dealing with security require-
ments for socio-technical systems: Holistic approach.
In Advanced Information Systems Engineering - 26th
International Conference, CAiSE 2014, Thessaloniki,
Greece, June 16-20, 2014. Proceedings, pages 285–
300.
Li, T., Horkoff, J., and Mylopoulos, J. (2014). Integrating
security patterns with security requirements analysis
using contextual goal models. In The Practice of En-
terprise Modeling - 7th IFIP WG 8.1 Working Confer-
ence, PoEM 2014, Manchester, UK, November 12-13,
2014. Proceedings, pages 208–223.
Li, T., Horkoff, J., and Mylopoulos, J. (2018). Software &
Systems Modeling, 17(4):1253–1285.
Li, T., Horkoff, J., Paja, E., Beckers, K., and Mylopoulos, J.
(2015). Analyzing attack strategies through anti-goal
refinement. In IFIP Working Conference on The Prac-
tice of Enterprise Modeling, pages 75–90. Springer.
Moore, A. P., Ellison, R. J., and Linger, R. C. (2001).
Attack modeling for information security and sur-
vivability. Technical report, CARNEGIE-MELLON
UNIV PITTSBURGH PA SOFTWARE ENGINEER-
ING INST.
Morais, A., Hwang, I., Cavalli, A., and Martins, E. (2013).
Generating attack scenarios for the system security
validation. Networking science, 2(3-4):69–80.
Mouratidis, H., Weiss, M., and Giorgini, P. (2006). Mod-
eling secure systems using an agent-oriented ap-
proach and security patterns. International Journal
of Software Engineering and Knowledge Engineering,
16(03):471–498.
M
¨
uller, H., Litoiu, M., and Mylopoulos, J. (2016). Engi-
neering cybersecurity in cyber physical systems. In
Proceedings of the 26th Annual International Confer-
ence on Computer Science and Software Engineering,
pages 316–320. IBM Corp.
Phillips, C. and Swiler, L. P. (1998). A graph-based system
for network-vulnerability analysis. In Proceedings of
the 1998 workshop on New security paradigms, pages
71–79. ACM.
Poovendran, R. (2010). Cyber–physical systems: Close en-
counters between two parallel worlds [point of view].
Proceedings of the IEEE, 98(8):1363–1366.
Poulsen, K. (2003). Slammer worm crashed ohio nuke plant
network. http://www. securityfocus. com/news/6767.
Shafi, Q. (2012). Cyber physical systems security: A brief
survey. In 2012 12th International Conference on
Computational Science and Its Applications, pages
146–150. IEEE.
Shostack, A. (2014). Threat modeling: Designing for secu-
rity. John Wiley & Sons.
Silva Souza, V. E., Lapouchnian, A., Robinson, W. N., and
Mylopoulos, J. (2011). Awareness requirements for
adaptive systems. In Proceedings of the 6th interna-
tional symposium on Software engineering for adap-
tive and self-managing systems, pages 60–69. ACM.
Souza, S. and Mylopoulos, J. (2012). Requirements-based
software system adaptation.
Turk, R. J. (2005). Cyber incidents involving control sys-
tems. Technical report, Idaho National Lab.(INL),
Idaho Falls, ID (United States).
T
¨
urpe, S. (2017). The trouble with security requirements.
In Requirements Engineering Conference (RE), 2017
IEEE 25th International, pages 122–133. IEEE.
Van Lamsweerde, A. (2001). Goal-oriented requirements
engineering: A guided tour. In Requirements Engi-
neering, 2001. Proceedings. Fifth IEEE International
Symposium on, pages 249–262. IEEE.
Van Lamsweerde, A. (2004). Elaborating security require-
ments by construction of intentional anti-models. In
Proceedings of the 26th International Conference on
Software Engineering, pages 148–157. IEEE Com-
puter Society.
Van Lamsweerde, A. (2009). Requirements engineering:
From system goals to UML models to software, vol-
ume 10.
Wang, E. K., Ye, Y., Xu, X., Yiu, S.-M., Hui, L. C. K.,
and Chow, K.-P. (2010). Security issues and chal-
lenges for cyber physical system. In Proceedings of
the 2010 IEEE/ACM Int’l Conference on Green Com-
puting and Communications & Int’l Conference on
Cyber, Physical and Social Computing, pages 733–
738. IEEE Computer Society.
ICISSP 2023 - 9th International Conference on Information Systems Security and Privacy
732