J27) Evangelos Ntentos, Nicole Lueger, Georg Simhandl, Uwe Zdun, Simon Schneider, Riccardo Scandariato, Nicolas Diaz-Ferreyra, On the Understandability of Design-Level Security Practices in Infrastructure-as-Code Scripts and Deployment Architectures, ACM Transactions on Software Engineering and Methodology, To appear
J26) Mazen Mohamadad, Jan-Philipp Steghöfer, Eric Knauss, Riccardo Scandariato, Managing Security Evidence in Safety-Critical Organizations, Journal of Systems and Software, Elsevier, Volume 214, 2024
J25) Nicolas E. Diaz Ferreyra, Melina Vidoni, Maritta Heisel, Riccardo Scandariato, Cybersecurity Discussions in Stack Overflow: A Developer-Centred Analysis of Engagement and Self-Disclosure Behaviour, Social Network Analysis and Mining, 14(16), 2024
J24) Quang-Cuong Bui, Ranindya Paramitha, Duc-Ly Vu, Fabio Massacci, Riccardo Scandariato, APR4Vul: An empirical study of automatic program repair techniques on real-world Java vulnerabilities, Empirical Software Engineering, 29(18), 2024 (also presented as Journal First at the International Conference on Software Engineering, ICSE 2024)
J23) Uwe Zdun, Pierre-Jean Queval, Georg Simhandl, Riccardo Scandariato, Somik Chakravarty, Marjan Jelic, Aleksandar Jovanovic, Detection Strategies for Microservice Security Tactics, IEEE Transactions on Dependable and Secure Computing, 21(3), 2024
J22) Simon Schneider, Riccardo Scandariato, Automatic Extraction of Security-Rich Dataflow Diagrams for Microservice Applications written in Java, Journal of Systems and Software, Volume 202, 2023 (also presented as Journal First at the International Conference on Automated Software Engineering, ASE 2023)
J21) Mazen Mohamad, Rodi Jolak, Örjan Askerdal, Jan-Philipp Steghöfer, Riccardo Scandariato, CASCADE: An Asset-driven Approach to Build Security Assurance Cases for Automotive Systems, ACM Transactions on Cyber-Physical Systems, 7(1), 2023
J20) Uwe Zdun, Pierre-Jean Queval, Georg Simhandl, Riccardo Scandariato, Somik Chakravarty, Marjan Jelic, Aleksandar Jovanovic, Microservice Security Metrics for Secure Communication, Identity Management, and Observability, ACM Transactions on Software Engineering and Methodology, 32(1), 2023
J19) Katja Tuma, Sven Peldszus, Daniel Strüber, Riccardo Scandariato, Jan Jürjens, Checking Security Compliance between Models and Code, Software and Systems Modeling, Volume 22, Springer, 2022
J18) Rodi Jolak, Thomas Rosenstatter, Mazen Mohamad, Kim Strandberg, Behrooz Sangchoolie, Nasser Nowdehi, Riccardo Scandariato, CONSERVE: A Framework for the Selection of Techniques for Monitoring Containers Security, Journal of Systems and Software, Elsevier, Volume 186, April 2022 (also presented as Journal First at the International Conference on Software Architecture, ICSA 2023)
J17) Katja Tuma, Christian Sandberg, Urban Thorsson, Mathias Widman, Thomas Herpel, Riccardo Scandariato, Finding Security Threats That Matter: Two Industrial Case Studies, Journal of Systems and Software, Elsevier, Volume 179, September 2021
J16) Mazen Mohamad, Jan-Philipp Steghöfer, Riccardo Scandariato, Security Assurance Cases – State of the Art of an Emerging Approach, Empirical Software Engineering, 26(70), May 2021
J15) Katja Tuma, Gul Calikli, Riccardo Scandariato, Threat analysis of software systems: A systematic literature review, Journal of Systems and Software, Elsevier, Volume 144, Pages 275-294, 2018
J14) Jeffrey Stuckman, James Walden, Riccardo Scandariato, The Effect of Dimensionality Reduction on Software Vulnerability Prediction Models, IEEE Transactions on Reliability, Volume 66, Issue 1, Pages 17-37, 2017
J13) Alexander van den Berghe, Riccardo Scandariato, Koen Yskout, Wouter Joosen, Design Notations for Secure Software: A Systematic Literature Review, Software and Systems Modeling, Springer, Volume 16, Issue 3, Pages 809–831, 2017
J12) Riccardo Scandariato, Kim Wuyts, Wouter Joosen, A descriptive study of Microsoft's threat modeling technique, Requirements Engineering, Springer, Volume 20, Issue 2, Pages 163-180, 2015
J11) Riccardo Scandariato, James Walden, Aram Hovsepyan, Wouter Joosen, Predicting Vulnerable Software Components via Text Mining, IEEE Transactions on Software Engineering, Volume 40, Issue 10, Pages 993-1006, October 2014
J10) Kim Wuyts, Riccardo Scandariato, Wouter Joosen, Empirical Evaluation of a Privacy-Focused Threat Modeling Methodology, Journal of Systems and Software, Elsevier, Volume 96, Pages 122-138, October 2014
J9) Aram Hovsepyan, Riccardo Scandariato, Maximilian Steff, Wouter Joosen, Design Churn as Predictor of Vulnerabilities?, International Journal of Secure Software Engineering, IGI Global, Volume 5, Issue 3, 2014
J8) Michael Felderer, Basel Katt, Philipp Kalb, Jan Jürjens, Martin Ochoa, Federica Paci, Le Minh Sang Tran, Thein Than Tun, Koen Yskout, Riccardo Scandariato, Frank Piessens, Dries Vanoverberghe, Elizabeta Fourneret, Matthias Gander, Bjornar Solhaug, Ruth Breu, Evolution of Security Engineering Artifacts: A State of the Art Survey, International Journal of Secure Software Engineering, IGI Global, Volume 5, Issue 4, 2014
J7) Koen Yskout, Riccardo Scandariato, Wouter Joosen, Change Patterns: Co-evolving Requirements and Architecture, Software and Systems Modeling, Springer, Elsevier, Volume 13, Issue 2, May 2014
J6) Koen Buyens, Riccardo Scandariato, Wouter Joosen, Least privilege analysis in software architectures, Software and Systems Modeling, Springer, Volume 12, Issue 2, May 2013
J5) Kim Wuyts, Griet Verhenneman, Riccardo Scandariato, Wouter Joosen, Jos Dumortier, What Electronic Health Records don't know just yet. A Privacy Analysis for Patient Communities and Health Records Interaction, Health and Technology, Springer, Volume 2, Issue 3, Pages 159-183, September 2012
J4) Bernard Spitz, Riccardo Scandariato, Wouter Joosen, Extraction of an architecture model for least privilege analysis, International Journal of Secure Software Engineering, IGI Global, Volume 3, Issue 4, October-December 2012
J3) Kim Wuyts, Riccardo Scandariato, Griet Verhenneman, Wouter Joosen, Integrating Patient Consent in e-Health Access Control, International Journal of Secure Software Engineering, IGI Global, Volume 2, Issue 2, Pages 1-24, April-June 2011
J2) Mina Deng, Kim Wuyts, Riccardo Scandariato, Bart Preneel, Wouter Joosen, A privacy threat analysis framework: Supporting the elicitation and fulfillment of privacy requirements, Requirements Engineering, Springer, Volume 16, Issue 1, Pages 3-32, Special Issue on Digital Privacy, March 2011
J1) Bart De Win, Riccardo Scandariato, Koen Buyens, Johan Gregoire, Wouter Joosen, On the secure software development process: CLASP, SDL and Touchpoints compared, Information and Software Technology, Elsevier, Volume 51, Issue 7, Pages 1152-1171, Special Issue on Software Engineering for Secure Systems, July 2009
B2) Koen Yskout, Kim Wuyts, Dimitri Van Landuyt, Riccardo Scandariato, Wouter Joosen, Empirical research on security and privacy by design: What (not) to expect as a researcher or a reviewer, in Empirical Research for Software Security: Foundations and Experience, Lotfi ben Othmane, Martin Gilje Jaatun, Edgar Weippl (Eds.), CRC Press, ISBN 9781498776417, 2017
B1) Riccardo Scandariato, Federica Paci, Le Minh Sang Tran, Katsiaryna Labunets, Koen Yskout, Fabio Massacci, Wouter Joosen, Empirical Assessment of Security Requirements and Architecture: Lessons Learned, in Engineering Secure Future Internet Services and Systems, Maritta Heisel, Wouter Joosen, Javier Lopez, Fabio Martinelli (Eds.), Springer, ISBN 9783319074528, 2014
C94) Simon Schneider, Ananya Saha, Emanuele Mezzi, Katja Tuma, Riccardo Scandariato, Designing Secure AI-based Systems: a Multi-Vocal Literature, IEEE Secure Development Conference (SecDev), 2024
C93) Simon Schneider, Alexander Bakhtin, Xiaozhou Li, Jacopo Soldani, Antonio Brogi, Tomas Cerny, Riccardo Scandariato, Davide Taibi, Comparison of Static Analysis Architecture Recovery Tools for Microservice Applications, International Conference on Mining Software Repositories - Registered Reports Track (MSR), 2024
C92) Nicolas E. Diaz Ferreyra, Mojtaba Shahin, Mansooreh Zahedi, Sodiq Quadri, Riccardo Scandariato, What Can Self-Admitted Technical Debt Tell Us About Security? A Mixed-Methods Study, International Conference on Mining Software Repositories (MSR), 2024
C91) Clinton Cao, Simon Schneider, Nicolas E. Diaz Ferreyra, Sicco Verwer, Annibale Panichella, Riccardo Scandariato, CATMA: Conformance Analysis Tool For Microservice Applications, International Conference on Software Engineering - Demonstrations Track (ICSE Demo), 2024
C90) Simon Schneider, Nicolas E. Diaz Ferreyra, Pierre-Jean Queval, Georg Simhandl, Uwe Zdun and Riccardo Scandariato, How Dataflow Diagrams Impact Software Security Analysis: an Empirical Experiment, International Conference on Software Analysis, Evolution and Reengineering (SANER), 2024
C89) Quang-Cuong Bui, Malte Laukötter and Riccardo Scandariato, DockerCleaner: Automatic Repair of Security Smells in Dockerfiles, International Conference on Software Maintenance and Evolution (ICSME), 2023
C88) Simon Schneider, Tufan Özen, Michael Chen, Riccardo Scandariato, microSecEnD: A Dataset of Security-Enriched Dataflow Diagrams for Microservice Applications, International Conference on Mining Software Repositories - Data and Tool Showcase (MSR), 2023
C87) Catherine Tony, Markus Mutas, Nicolas E. Diaz Ferreyra, Riccardo Scandariato, LLMSecEval: A Dataset of Natural Language Prompts for Security Evaluations, International Conference on Mining Software Repositories - Data and Tool Showcase (MSR), 2023
C86) Nicolas E. Diaz Ferreyra, Abdessamad Imine, Melina Vidoni, Riccardo Scandariato, Developers Need Protection, Too: Perspectives and Research Challenges for Privacy in Social Coding Platforms, International Conference on Cooperative and Human Aspects of Software Engineering (CHASE), 2023
C85) Nicolas E. Diaz Ferreyra, Gautam Kishore Shahi, Catherine Tony, Stefan Stieglitz, Riccardo Scandariato, Regret, Delete, (Do Not) Repeat: An Analysis of Self-Cleaning Practices on Twitter After the Outbreak of the COVID-19 Pandemic, ACM CHI Conference on Human Factors in Computing Systems (CHI), 2023
C84) Catherine Tony, Nicolas E. Diaz Ferreyra, Riccardo Scandariato, GitHub Considered Harmful? Analyzing Open-Source Projects for the Automatic Generation of Cryptography API Call Sequences, International Conference on Software Quality, Reliability, and Security (QRS), 2022
C83) Mazen Mohamad, Jan-Philipp Steghöfer, Alexander Åström, Riccardo Scandariato, Identifying security-related requirements in regulatory documents based on cross-project classification, International Conference on Predictive Models and Data Analytics in Software Engineering (PROMISE), 2022
C82) Anusha Bambhore Tukaram, Simon Schneider, Nicolas E. Diaz Ferreyra, Georg Simhandl, Uwe Zdun, Riccardo Scandariato, Towards a Security Benchmark for the Architectural Design of Microservice Applications, International Workshop on Continuous Software Evaluation and Certification (IWCSEC), 2022
C81) Rodi Jolak, Thomas Rosenstatter, Saif Aldaghistani, Riccardo Scandariato, RIPOSTE: A Collaborative Cyber Attack Response Framework for Automotive Systems, Euromicro Conference Series on Software Engineering and Advanced Applications (SEAA), 2022
C80) Eduard Pinconschi, Quang-Cuong Bui, Rui Abreu, Pedro Adão, Riccardo Scandariato, Maestro: A Platform for Benchmarking Automatic Program Repair Tools on Software Vulnerabilities, International Symposium on Software Testing and Analysis - Tool Demonstration Track (ISSTA), 2022
C79) Kamakshi Srikumar, Komal Kashish, Kolja Eggers, Nicolas E. Diaz Ferreyra, Julian Koch, Thorsten Schüppstuhl, Riccardo Scandariato, STRIPED: A Threat Analysis Method for IoT Systems, International Workshop on Security and Forensics of IoT (IoT-SECFOR), 2022
C78) Priyanka Billawa, Anusha Bambhore Tukaram, Nicolas Diaz Ferreyra, Jan-Philipp Steghöfer, Riccardo Scandariato, Georg Simhandl, SoK: Security of Microservice Applications: A Practitioners' Perspective on Challenges and Best Practices, International Conference on Availability, Reliability and Security (ARES), 2022
C77) Hanaa Alshareef, Katja Tuma, Sandro Stucki, Gerardo Schneider, Riccardo Scandariato, Precise Analysis of Purpose Limitation in Data Flow Diagrams, International Conference on Availability, Reliability and Security (ARES), 2022
C76) Catherine Tony, Mohana Balasubramanian, Nicolas E. Diaz Ferreyra, Riccardo Scandariato, Conversational DevBots for Secure Programming: An Empirical Study on SKF Chatbot, International Conference on Evaluation and Assessment in Software Engineering (EASE), 2022
C75) Quang-Cuong Bui, Riccardo Scandariato, Nicolas Diaz Ferreyra, Vul4J: A Dataset of Reproducible Java Vulnerabilities Geared Towards the Study of Program Repair Techniques, International Conference on Mining Software Repositories (MSR), 2022
[Best Data and Tool Showcase Paper Award]
C74) Mazen Mohamad, Örjan Askerdal, Rodi Jolak, Jan-Philipp Steghöfer, Riccardo Scandariato, Asset-driven Security Assurance Cases with Built-in Quality Assurance, International Workshop on Engineering and Cybersecurity of Critical Systems (ENCYCRIS), 2021
C73) Ivan Pashchenko, Riccardo Scandariato, Antonino Sabetta, Fabio Massacci, Secure Software Development in the Era of Fluid Multi-party Open Software and Services, International Conference on Software Engineering - New Ideas and Emerging Results Track (ICSE NIER), 2021
C72) Katja Tuma, Laurens Sion, Riccardo Scandariato, Koen Yskout, Automating the Early Detection of Security Design Flaws, International Conference on Model Driven Engineering Languages and Systems (MODELS), 2020
C71) Thomas Rosenstatter, Kim Strandberg, Rodi Jolak, Riccardo Scandariato, Tomas Olovsson, REMIND: A Framework for the Resilient Design of Automotive Systems, IEEE Secure Development Conference (SecDev), 2020
C70) Mazen Mohamad, Alexander Åström, Örjan Askerdal, Jörgen Borg, Riccardo Scandariato, Security Assurance Cases for Road Vehicles: an Industry Perspective, International Conference on Availability, Reliability and Security (ARES), 2020
C69) Shamal Faily, Riccardo Scandariato, Adam Shostack, Laurens Sion, Duncan Ki-Aries, Contextualisation of Data Flow Diagrams for security analysis, International Workshop on Graphical Models for Security (GraMSec), 2020
C68) Stefan Carl Peiser, Ludwig Friborg, Riccardo Scandariato, JavaScript malware detection using locality sensitive hashing, International Conference on ICT Systems Security and Privacy Protection (IFIP SEC), 2020
C67) Marvin Wyrich, Regina Hebig, Stefan Wagner, Riccardo Scandariato, Perception and Acceptance of an Autonomous Refactoring Bot, International Conference on Agents and Artificial Intelligence (ICAART), 2020
C66) Laurens Sion, Katja Tuma, Riccardo Scandariato, Koen Yskout, Wouter Joosen, Towards Automated Security Design Flaw Detection, International Workshop on Software Security from Design to Deployment (SEAD), 2019
C65) Katja Tuma, Daniel Hosseini, Kyriakos Malamas, Riccardo Scandariato, Inspection Guidelines to Identify Security Design Flaws, International Workshop on Designing and Measuring CyberSecurity in Software Architecture (DeMeSSA), 2019
C64) Sven Peldszus, Katja Tuma, Daniel Strüber, Jan Jürjens, Riccardo Scandariato, Secure Data-Flow Compliance Checks between Models and Code based on Automated Mappings, International Conference on Model Driven Engineering Languages and Systems (MODELS), 2019
C63) Linda Erlenhov, Francisco Gomes de Oliveira Neto, Riccardo Scandariato, Philipp Leitner, Current and Future Bots in Software Development, First Workshop on Bots in Software Engineering, (BotSE @ICSE), 2019
C62) Katja Tuma, Musard Balliu, Riccardo Scandariato, Flaws in Flows: Unveiling Design Flaws via Information Flow Analysis, International Conference on Software Architecture (ICSA), 2019
C61) Katja Tuma, Riccardo Scandariato, Two Architectural Threat Analysis Techniques Compared, European Conference on Software Architecture (ECSA), 2018
C60) Alexander van den Berghe, Koen Yskout, Riccardo Scandariato, Wouter Joosen, A Lingua Franca for Security by Design, IEEE Secure Development Conference (SecDev), 2018
C59) Thibaud Antignac, Riccardo Scandariato, Gerardo Schneider, Privacy Compliance via Model Transformations, International Workshop on Privacy Engineering (IWPE), 2018
C58) Riccardo Scandariato, Jennifer Horkhoff, Robert Feldt, Generative Secure Design, Defined, International Conference on Software Engineering - New Ideas and Emerging Results Track (ICSE NIER), 2018
C57) Stefanie Jasser, Katja Tuma, Riccardo Scandariato, Matthias Riebisch, Back to the Drawing Board: Bringing Security Constraints in an Architecture-centric Software Development Process, International Conference on Information Systems Security and Privacy (ICISSP), 2018
[also presented as poster, which received the Best Poster award]
C56) Katja Tuma, Riccardo Scandariato, Mathias Widman, Christian Sandberg, Towards security threats that matter, Workshop On The Security Of Industrial Control Systems & Of Cyber-Physical Systems (CyberICPS), 2017
C55) Vasileios Theodorou, Ilias Gerostathopoulos, Sasan Amini, Riccardo Scandariato, Christian Prehofer, Miroslaw Staron, Theta Architecture: Preserving the Quality of Analytics in Data-Driven Systems, Workshop on Novel Techniques for Integrating Big Data (BigNovelTI), 2017
C54) Laurens Sion, Koen Yskout, Riccardo Scandariato, Wouter Joosen, A modular meta-model for security solutions, Modularity in Modelling Workshop (MOMO), Brussels, Belgium, April 2017
C53) Alexander van den Berghe, Koen Yskout, Riccardo Scandariato, Wouter Joosen, A Model for Provably Secure Software Design, Workshop on Formal Models in Software Engineering (FormaliSE), Buenos Aires, Argentina, May 2017
C52) Bashar Nassar, Riccardo Scandariato, Traceability Metrics as Early Predictors of Software Defects?, IEEE International Conference on Software Architecture (ICSA), Gothenburg, Sweden, April 2017
C51) Thibaud Antignac, Riccardo Scandariato, Gerardo Schneider, A Privacy-Aware Conceptual Model for Handling Personal Data, International Symposium on Leveraging Applications of Formal Methods, Verification and Validation (ISoLA), Corfu, Greece, October 2016
C50) Mariano Ceccato, Riccardo Scandariato, Static Analysis and Penetration Testing from the Perspective of Maintenance Teams, International Symposium on Empirical Software Engineering and Measurement (ESEM), Ciudad Real, Spain, September 2016
C49) Aram Hovsepyan, Riccardo Scandariato, Wouter Joosen, Is Newer Always Better? The Case of Vulnerability Prediction Models, International Symposium on Empirical Software Engineering and Measurement (ESEM), Ciudad Real, Spain, September 2016
C48) Miroslaw Staron, Riccardo Scandariato, Data veracity in intelligent transportation systems: the slippery road warning scenario, IEEE Intelligent Vehicles Symposium, Gothenburg, Sweden, June 2016
C47) Bashar Nassar, Ali Shahrokni, Riccardo Scandariato, Traceability Data in Early Development Phases as an Enabler for Decision Support, International Workshop on Emerging Trends in DevOps and Infrastructure, Edinburgh, UK, May 2016
C46) Rakesh Rana, Miroslaw Staron, Christian Berger, Agneta Nilsson, Riccardo Scandariato, Alexandra Weilenmann, Martin Rydmark, On the role of cross-disciplinary research and SSE in addressing the challenges of the digitalization of society, IEEE International Conference on Software Engineering and Service Science (ICSESS), Beijing, China, September 2015
C45) Phu Nguyen, Koen Yskout, Thomas Heyman, Jacques Klein, Riccardo Scandariato, Yves Le Traon, SoSPa: A system of Security design Patterns for systematically engineering secure systems, International Conference on Model Driven Engineering Languages and Systems (MODELS), Ottawa, Canada, September 2015
C44) Laurens Sion, Koen Yskout, Alexander van den Berghe, Riccardo Scandariato, Wouter Joosen, MASC: Modelling Architectural Security Concerns, International Workshop on Modeling in Software Engineering (MiSE), Florence, Italy, May 2015
C43) Koen Yskout, Riccardo Scandariato, Wouter Joosen, Do Security Patterns Really Help Designers? International Conference on Software Engineering (ICSE), Florence, Italy, May 2015
C42) James Walden, Jeffrey Stuckman, Riccardo Scandariato, Predicting Vulnerable Components: Software Metrics vs Text Mining, IEEE International Symposium on Software Reliability Engineering (ISSRE), Naples, Italy, November 2014
[Best Paper Award ISSRE 2014] and [Test-of-Time Award at ISSRE 2024]
C41) Riccardo Scandariato, James Walden, Wouter Joosen, Static Analysis Versus Penetration Testing: a Controlled Experiment, IEEE International Symposium on Software Reliability Engineering (ISSRE), Pasadena, CA, USA, November 2013
C40) Alexander van den Berghe, Riccardo Scandariato, Wouter Joosen, Towards a Systematic Literature Review on Secure Software Design, Doctoral Symposium of the International Symposium on Engineering Secure Software and Systems (ESSoS-DS), Paris, France, February 2013
C39) Riccardo Scandariato, James Walden, Predicting vulnerable classes in an Android application, International Workshop on Security Measurements and Metrics (MetriSec), Lund, Sweden, September 2012
C38) Aram Hovsepyan, Riccardo Scandariato, Wouter Joosen, James Walden, Software Vulnerability Prediction using Text Analysis Techniques, International Workshop on Security Measurements and Metrics (MetriSec), Lund, Sweden, September 2012
C37) Thomas Heyman, Riccardo Scandariato, Wouter Joosen, Reusable formal models for secure software architectures, Working IEEE/IFIP Conference on Software Architecture (WICSA), Helsinki, Finland, August 2012
C36) Koen Yskout, Riccardo Scandariato, Wouter Joosen, Does Organizing Security Patterns Focus Architectural Choices?, International Conference on Software Engineering (ICSE), Zurich, Switzerland, June 2012
C35) Aram Hovsepyan, Riccardo Scandariato, Stefan Van Baelen, Wouter Joosen, Serge Demeyer, Preserving aspects via automation: a maintainability study, International Symposium on Empirical Software Engineering and Measurement (ESEM), Banff, Alberta, Canada, September 2011
C34) Aram Hovsepyan, Riccardo Scandariato, Stefan Van Baelen, Yolande Berbers, Serge Demeyer, Wouter Joosen, Maintainability Studies Investigating Aspect Preservation via Automation: Lessons Learned, International Workshop onEmpirical Evaluation of Software Composition Techniques (ESCOT), Lancaster, UK, July 2011
C33) Koen Buyens Riccardo Scandariato, Wouter Joosen, Composition of least privilege analysis results in software architectures, International Workshop on Software Engineering for Secure Systems (SESS), Honolulu, Hawaii, USA, May 2011
C32) Koen Yskout, Olivier-Nathanael Ben David, Riccardo Scandariato, Benoit Baudry, Requirements-driven runtime reconfiguration for security, International Workshop on Eternal Systems (EternalS), Budapest, Hungary, May 2011
C31) Thomas Heyman, Koen Yskout, Riccardo Scandariato, Holger Schmidt, Yijun Yu, The security twin peaks, International Symposium on Engineering Secure Software and Systems (ESSoS), Madrid, Spain, February 2011
C30) Aram Hovsepyan, Riccardo Scandariato, Stefan Van Baelen, Yolande Berbers, Serge Demeyer, Wouter Joosen, An Experimental Design for Evaluating the Maintainability of Aspect-Oriented Models Enhanced with Domain-Specific Constructs, International Workshop on Aspect-Oriented Modeling (AOM), Oslo, Norway, October 2010
C29) Riccardo Scandariato, Fabio Massacci, SecureChange: Security engineering for lifelong evolvable systems, International Symposium On Leveraging Applications of Formal Methods, Verification and Validation (ISOLA), Crete, Greece, October 2010 (invited)
C28) Riccardo Scandariato, Koen Buyens, Wouter Joosen, Automated detection of least privilege violations in software architectures, European Conference on Software Architecture (ECSA), Copenhagen, Denmark, August 2010
C27) Thomas Heyman, Riccardo Scandariato, Wouter Joosen, Security in context: Analysis and refinement of software architectures, Annual IEEE Computer Software and Applications Conference (COMPSAC), Seoul, Republic of Korea, July 2010
C26) Aram Hovsepyan, Riccardo Scandariato, Stefan Van Baelen, Yolande Berbers, Wouter Joosen, From Aspect-Oriented Models to Aspect-Oriented Code? The Maintenance Perspective, International Conference on Aspect-Oriented Software Development (AOSD), Rennes, France, March 2010
C25) Koen Buyens, Riccardo Scandariato, Wouter Joosen, Measuring the interplay of security principles in software architectures, International Workshop on Security Measurements and Metrics (MetriSec), Lake Buena Vista, Florida, USA, October 2009
C24) Kim Wuyts, Riccardo Scandariato, Bart De Decker, Wouter Joosen, Linking privacy solutions to developer goals, International Workshop on Secure Software Engineering (SecSE), Fukuoka, Japan, March 2009
C23) Thomas Heyman, Riccardo Scandariato, Wouter Joosen, Risk-driven architectural decomposition, International Conference on Availability, Reliability and Security (ARES), Fukuoka, Japan, March 2009
C22) Mina Deng, Riccardo Scandariato, Danny De Cock, Bart Preneel, Wouter Joosen, Identity in federated electronic healthcare, IFIP Wireless Days Conference, Dubai, United Arab Emirates, November 2008
C21) Koen Yskout, Riccardo Scandariato, Bart De Win, Wouter Joosen, Transforming security requirements into architecture, Symposium on Requirements Engineering for Information Security (SREIS), Barcelona, Spain, March 2008
C20) Eryk Kulikowski, Riccardo Scandariato, Wouter Joosen, Using multi-level security annotations to improve software assurance, IEEE High Assurance Systems Engineering Symposium (HASE), Nanjing, China, December 2008
C19) Riccardo Scandariato, Yoram Ofek, Paolo Falcarin, Mario Baldi, Application-oriented trust in distributed computing, International Conference on Availability, Reliability and Security (ARES), Barcelona, Spain, March 2008
C18) Thomas Heyman, Riccardo Scandariato, Christophe Huygens, Wouter Joosen, Using security patterns to combine security metrics, International Workshop on Secure Software Engineering (SecSE), Barcelona, Spain, March 2008
C17) Kim Wuyts, Riccardo Scandariato, Geert Claeys, Wouter Joosen, Hardening XDS-based architectures, International Conference on Availability, Reliability and Security (ARES), Barcelona, Spain, March 2008
C16) Artsiom Yautsiukhin, Riccardo Scandariato, Thomas Heyman, Fabio Massacci, Wouter Joosen, Towards a quantitative assessment of security in software architectures, Nordic Workshop on Secure IT Systems (NordSec), Copenhagen, Denmark, October 2008
C15) Koen Buyens, Riccardo Scandariato, Wouter Joosen, Process activities supporting security principles, IEEE International Workshop on Security in Software Engineering (IWSSE), Beijing, China, July 2007
C14) Thomas Heyman, Koen Yskout, Riccardo Scandariato, Wouter Joosen, An analysis of the security patterns landscape, IEEE Workshop on Software Engineering for Secure Systems (SESS), Minneapolis, MN, USA, May 2007
C13) Johan Gregoire, Koen Buyens, Bart De Win, Riccardo Scandariato, Wouter Joosen, On the secure software development process: CLASP and SDL compared, IEEE Workshop on Software Engineering for Secure Systems (SESS), Minneapolis, MN, USA, May 2007
C12) Steven Op de beeck, Dimitri Van Landuyt, Johan Gregoire, Riccardo Scandariato, Wouter Joosen, Andrew Jackson, Siobhan Clarke, Aspectual vs. component-based decomposition: A quantitative study, First Workshop on Aspects in Architectural Description (AARCH), Vancouver, British Columbia, Canada, March 2007
C11) Dimitri Van Landuyt, Steven Op de beeck, Johan Gregoire, Riccardo Scandariato, Wouter Joosen, Andrew Jackson, Siobhan Clarke, Comparing aspect-oriented and component based design: a quantitative study, First Workshop on Assessment of Aspect-Oriented Technologies (ASAT), Vancouver, British Columbia, Canada, March 2007
C10) Riccardo Scandariato, Bart De Win, Wouter Joosen, Towards a measuring framework for security properties of software, ACM Workshop on Quality of Protection (QoP), Alexandria, VA, USA, October 2006
C9) Paolo Falcarin, Riccardo Scandariato, Mario Baldi, Remote trust with aspect-oriented programming, IEEE International Conference on Advanced Information Networking and Applications (AINA), Vienna, Austria, April 2006
C8) Riccardo Scandariato, John C. Knight, The design and evaluation of a defense system for Internet worms, IEEE Symposium on Reliable Distributed Systems (SRDS), Florianopolis, Brazil, October 2004
C7) Riccardo Scandariato, Fulvio Risso, Advanced VPN support on FreeBSD systems, European BSD Conference (EuroBSD), Amsterdam, Netherlands, November 2002
C6) Riccardo Scandariato, Patricia Lago, Luigi Ciminiera, Policy-based control of VPNs, TINA Workshop, Petaling Jaya, Malaysia, October 2002
C5) Patricia Lago, Riccardo Scandariato, The gate to virtual communities, TINA Workshop, Petaling Jaya, Malaysia, October 2002
C4) Riccardo Scandariato, Fulvio Risso, Patricia Lago, LMAP: a protocol to automate the setup of logical networks, IEEE International Conference on Networks (ICON), Singapore, August 2002
C3) Riccardo Scandariato, Patricia Lago, An architecture for dynamic provisioning of virtual networks, ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD), Madrid, Spain, June 2002
C2) Patricia Lago, Riccardo Scandariato, Maurizio Morisio, An approach to evolution control in component-based software product lines, ACM Workshop on Software Product Line, Orlando, FL, May 2002
C1) Patricia Lago, Riccardo Scandariato, A TINA-based solution for dynamic VPN provisioning on heterogeneous networks, IEEE Telecommunications Information Networking Architecture Conference (TINA), Paris, France, September 2000
E5) Michael Felderer, Riccardo Scandariato, Exploring Security in Software Architecture and Design, IGI Global, 2019
E4) Martin Gilje Jaatun, Riccardo Scandariato, Lillian Røstad, Special Issue of the International Journal of Secure Software Engineering, Vol. 5, No. 2, April-June 2014
E3) Jan Jürjens, Ben Livshits, Riccardo Scandariato, Engineering Secure Software and Systems, Springer LNCS 7781, 2013
E2) Gilles Barthe, Ben Livshits, Riccardo Scandariato, Engineering Secure Software and Systems, Springer LNCS 7159, 2012
E1) Alessandro Moschitti, Riccardo Scandariato, Eternal Systems, Springer CCIS 255, 2011