Ketil Stølen

Ragnhild Kobro Runde, Atle Refsdal, Ketil Stølen: Relating computer systems to sequence diagrams: the impact of underspecification and inherent nondeterminism. Formal Asp. Comput. 25(2): 159-187 (2013)

Le Minh Sang Tran, Bjørnar Solhaug, Ketil Stølen: An Approach to Select Cost-Effective Risk Countermeasures Exemplified in CORAS. CoRR abs/1302.4689 (2013)

Aida Omerovic, Bjørnar Solhaug, Ketil Stølen: Assessing practical usefulness and performance of the PREDIQT method: An industrial case study. Information & Software Technology 54(12): 1377-1395 (2012)

André Alexandersen Hauge, Ketil Stølen: A Pattern-Based Method for Safe Control Systems Exemplified within Nuclear Power Production. SAFECOMP 2012: 13-24

Mass Soldal Lund, Bjørnar Solhaug, Ketil Stølen: Model-Driven Risk Analysis - The CORAS Approach. Springer 2011, isbn 978-3-642-12322-1, pp. I-XVI, 1-460

Bjørnar Solhaug, Ketil Stølen: Preservation of Policy Adherence under Refinement. Int. J. Software and Informatics 5(1-2): 139-157 (2011)

Gyrd Brændeland, Atle Refsdal, Ketil Stølen: A Denotational Model for Component-Based Risk Analysis. FACS 2011: 12-41

Mass Soldal Lund, Bjørnar Solhaug, Ketil Stølen: Risk Analysis of Changing and Evolving Systems Using CORAS. FOSAD 2011: 231-274

André Alexandersen Hauge, Ketil Stølen: Towards Patterns for Handling Safety Critical Adaptive Control Software. ICINCO (1) 2011: 211-214

Fredrik Seehusen, Ketil Stølen: An Evaluation of the Graphical Modeling Framework (GMF) Based on the Development of the CORAS Tool. ICMT 2011: 152-166

Olav S. Ligaarden, Mass Soldal Lund, Atle Refsdal, Fredrik Seehusen, Ketil Stølen: An architectural pattern for enterprise level monitoring tools. MESOCA 2011: 1-10

Erik G. Nilsson, Ketil Stølen: Generic functionality in user interfaces for emergency response. OZCHI 2011: 233-242

Aida Omerovic, Bjørnar Solhaug, Ketil Stølen: Evaluation of Experiences from Applying the PREDIQT Method in an Industrial Case Study. SSIRI 2011: 137-146

Bjørnar Solhaug, Ketil Stølen: Uncertainty, Subjectivity, Trust and Risk: How It All Fits together. STM 2011: 1-5

Mass Soldal Lund, Bjørnar Solhaug, Ketil Stølen: Evolution in Relation to Risk and Trust Management. IEEE Computer 43(5): 49-55 (2010)

Tormod V. Håvaldsrud, Olav S. Ligaarden, Per Myrseth, Atle Refsdal, Ketil Stølen, Jon Ølnes: Experiences from using a UML-based method for trust analysis in an industrial project on electronic procurement. Electronic Commerce Research 10(3-4): 441-467 (2010)

Gyrd Brændeland, Atle Refsdal, Ketil Stølen: Modular analysis and modelling of risk scenarios with dependencies. Journal of Systems and Software 83(10): 1995-2013 (2010)

Erik G. Nilsson, Ketil Stølen: Ad Hoc Networks and Mobile Devices in Emergency Response - A Perfect Match? - (Invited Paper). ADHOCNETS 2010: 17-33

Aida Omerovic, Anette Andresen, Håvard Grindheim, Per Myrseth, Atle Refsdal, Ketil Stølen, Jon Ølnes: Idea: A Feasibility Study in Model Based Prediction of Impact of Changes on System Quality. ESSoS 2010: 231-240

Fredrik Seehusen, Ketil Stølen: Information flow security, abstraction and composition. IET Information Security 3(1): 9-33 (2009)

Fredrik Seehusen, Bjørnar Solhaug, Ketil Stølen: Adherence preserving refinement of trace-set properties in STAIRS: exemplified for information flow properties and policies. Software and System Modeling 8(1): 45-65 (2009)

Atle Refsdal, Ketil Stølen: Employing Key Indicators to Provide a Dynamic Risk Picture with a Notion of Confidence. IFIPTM 2009: 215-233

Aida Omerovic, Ketil Stølen: Simplifying Parametrization of Bayesian Networks in Prediction of System Quality. SSIRI 2009: 447-448

Atle Refsdal, Ketil Stølen: Extending UML Sequence Diagrams to Model Trust-dependent Behavior With the Aim to Support Risk Analysis. Electr. Notes Theor. Comput. Sci. 197(2): 15-29 (2008)

Atle Refsdal, Ketil Stølen: Extending UML sequence diagrams to model trust-dependent behavior with the aim to support risk analysis. Sci. Comput. Program. 74(1-2): 34-42 (2008)

Bjørnar Solhaug, Ketil Stølen: Compositional Refinement of Policies in UML - Exemplified for Access Control. ESORICS 2008: 300-316

Fredrik Seehusen, Ketil Stølen: A Transformational Approach to Facilitate Monitoring of High-Level Policies. POLICY 2008: 70-73

Andy Ozment, Ketil Stølen (Eds.): Proceedings of the 4th ACM Workshop on Quality of Protection, QoP 2008, Alexandria, VA, USA, October 27, 2008. ACM 2008, isbn 978-1-60558-321-1

Gyrd Brændeland, Heidi E. I. Dahl, Iselin Engan, Ketil Stølen: Using Dependent CORAS Diagrams to Analyse Mutual Dependency. CRITIS 2007: 135-148

Mass Soldal Lund, Atle Refsdal, Ketil Stølen: Semantics of UML Models for Dynamic Behavior - A Survey of Different Approaches. Model-Based Engineering of Embedded Real-Time Systems 2007: 77-103

Bjørnar Solhaug, Dag Elgesem, Ketil Stølen: Specifying Policies Using UML Sequence Diagrams - An Evaluation Based on a Case Study. POLICY 2007: 19-28

Günter Karjoth, Ketil Stølen (Eds.): Proceedings of the 3th ACM Workshop on Quality of Protection, QoP 2007, Alexandria, VA, USA, October 29, 2007. ACM 2007, isbn 978-1-59593-885-5

Gyrd Brændeland, Ketil Stølen: Using model-based security analysis in component-oriented system development. QoP 2006: 11-18

Mass Soldal Lund, Ketil Stølen: A Fully General Operational Semantics for UML 2.0 Sequence Diagrams with Potential and Mandatory Choice. FM 2006: 380-395

Atle Refsdal, Ragnhild Kobro Runde, Ketil Stølen: Underspecification, Inherent Nondeterminism and Probability in Sequence Diagrams. FMOODS 2006: 138-155

Mass Soldal Lund, Ketil Stølen: Deriving Tests from UML 2.0 Sequence Diagrams with neg and assert. AST 2006: 22-28

Gyrd Brændeland, Ketil Stølen: A Semantic Paradigm for Component-Based Specification Integrating a Notion of Security Risk. Formal Aspects in Security and Trust 2006: 31-46

Fredrik Seehusen, Ketil Stølen: Maintaining Information Flow Security Under Refinement and Transformation. Formal Aspects in Security and Trust 2006: 143-157

Ida Hogganvik, Ketil Stølen: A Graphical Approach to Risk Identification, Motivated by Empirical Investigations. MoDELS 2006: 574-588

Fredrik Seehusen, Ketil Stølen: Information flow property preserving transformation of UML interaction diagrams. SACMAT 2006: 150-159

Ketil Stølen, William H. Winsborough, Fabio Martinelli, Fabio Massacci (Eds.): Trust Management, 4th International Conference, iTrust 2006, Pisa, Italy, May 16-19, 2006, Proceedings. Lecture Notes in Computer Science 3986, Springer 2006, isbn 3-540-34295-8

Folker den Braber, Arne Bjørn Mildal, Jone Nes, Ketil Stølen, Fredrik Vraalsen: Experiences from Using the CORAS Methodology to Analyze a Web Application. J. Cases on Inf. Techn. 7(3): 110-130 (2005)

Ragnhild Kobro Runde, Øystein Haugen, Ketil Stølen: Refining UML Interactions with Underspecification and Nondeterminism. Nord. J. Comput. 12(2): 157-188 (2005)

Øystein Haugen, Knut Eilif Husa, Ragnhild Kobro Runde, Ketil Stølen: STAIRS towards formal design with sequence diagrams. Software and System Modeling 4(4): 355-367 (2005)

Ragnhild Kobro Runde, Øystein Haugen, Ketil Stølen: The Pragmatics of STAIRS. FMCO 2005: 88-114

Atle Refsdal, Knut Eilif Husa, Ketil Stølen: Specification and Refinement of Soft Real-Time Requirements Using Sequence Diagrams. FORMATS 2005: 32-48

Fredrik Seehusen, Ketil Stølen: Graphical Specification of Dynamic Network Structure. ICEIS (3) 2005: 203-210

Ida Hogganvik, Ketil Stølen: Risk analysis terminology for IT-systems: does it match intuition? ISESE 2005: 13-22

Fredrik Vraalsen, Mass Soldal Lund, Tobias Mahler, Xavier Parent, Ketil Stølen: Specifying Legal Risk Scenarios Using the CORAS Threat Modelling Language. iTrust 2005: 45-60

Fredrik Vraalsen, Folker den Braber, Mass Soldal Lund, Ketil Stølen: The CORAS Tool for Security Risk Analysis. iTrust 2005: 402-405

Ida Hogganvik, Ketil Stølen: On the Comprehension of Security Risk Scenarios. IWPC 2005: 115-124

Folker den Braber, Mass Soldal Lund, Ketil Stølen, Fredrik Vraalsen: Integrating Security in the Development Process with UML. Encyclopedia of Information Science and Technology (III) 2005: 1560-1566

Gyrd Brændeland, Ketil Stølen: Using Risk Analysis to Assess User Trust: A Net-Bank Scenario. iTrust 2004: 146-160

Mass Soldal Lund, Folker den Braber, Ketil Stølen: Maintaining Results from Security Assessment. CSMR 2003: 341-350

Øystein Haugen, Knut Eilif Husa, Ragnhild Kobro Runde, Ketil Stølen: Why Timed Sequence Diagrams Require Three-Event Semantics. Scenarios: Models, Transformations and Tools 2003: 1-25

Øystein Haugen, Ketil Stølen: STAIRS - Steps to Analyze Interactions with Refinement Semantics. UML 2003: 388-402

Dimitris Raptis, Theodosis Dimitrakos, Bjørn Axel Gran, Ketil Stølen: The coras approach for model-based risk management applied to e-commerce domain. Communications and Multimedia Security 2002: 169-181

Jan Øyvind Aagedal, Folker den Braber, Theodosis Dimitrakos, Bjørn Axel Gran, Dimitris Raptis, Ketil Stølen: Model-Based Risk Assessment to Improve Enterprise Security. EDOC 2002: 51-

Theodosis Dimitrakos, Dimitris Raptis, Brian Ritchie, Ketil Stølen: Model Based Security Risk Analysis for Web Applications. EuroWeb 2002

Theodosis Dimitrakos, Brian Ritchie, Dimitris Raptis, Jan Øyvind Aagedal, Folker den Braber, Ketil Stølen, Siv Hilde Houmb: Integrating Model-based Security Risk Management into eBusiness Systems Development: The CORAS Approach. I3E 2002: 159-175

Rune Fredriksen, Monica Kristiansen, Bjørn Axel Gran, Ketil Stølen, Tom Arthur Opperud, Theodosis Dimitrakos: The CORAS Framework for a Model-Based Risk Management Process. SAFECOMP 2002: 94-105

Radu Grosu, Ketil Stølen: Stream-Based Specification of Mobile Systems. Formal Asp. Comput. 13(1): 1-31 (2001)

Ketil Stølen, P. Mohn: Experience from Using MSC, UML and SDL in the Development of the FAME Communication Manager. SAM 2000: 276-

Ketil Stølen: Specification of Dynamic Reconfiguration in the Context of Input/Output Relations. FMOODS 1999

Ketil Stølen, Max Fuchs: An Exercise in Conditional Refinement. Prospects for Hardware Foundations 1998: 390-420

Ketil Stølen, Frank Dederichs, Rainer Weber: Specification and Refinement of Networks of Asynchronously Communicating Agents Using the Assumption/Commitment Paradigm. Formal Asp. Comput. 8(2): 127-161 (1996)

Ketil Stølen: Refinement Principles Supporting the Transition from Asynchronous to Synchronous Communication. Sci. Comput. Program. 26(1-3): 255-272 (1996)

Radu Grosu, Ketil Stølen: A Model for Mobile Point-to-Point Data-flow Networks without Channel Sharing. AMAST 1996: 504-519

Ketil Stølen: Assumption/Commitment Rules for Dataflow Networks - With an Emphasis on Completeness. ESOP 1996: 356-372

Ketil Stølen: A Refinement Relation Supporting the Transition from Unbounded to Bounded Communication Buffers. MPC 1995: 423-451

Ketil Stølen: Using Relations to Solve the RPC-Memory Specification Problem. Formal Systems Specification 1994: 477-520

Eckhardt Holz, Ketil Stølen: An attempt to embed a restricted version of SDL as a target language in Focus. FORTE 1994: 324-339

Manfred Broy, Ketil Stølen: Specification and Refinement of Finite Dataflow Networks - a Relational Approach. FTRTFT 1994: 247-267

Ketil Stølen: Shared-state design modulo weak and strong process fairness. FORTE 1992: 479-498

Ketil Stølen: A Method for the Development of Totally Correct Shared-State Parallel Programs. CONCUR 1991: 510-525

Ketil Stølen: An Attempt to Reason about Shared-State Concurrency in the Style of VDM. VDM Europe (1) 1991: 324-342