• Secure Software Engineering
• Foundations of Security
• Code Security Analysis
• Industrial Applications
• Automated Formal Security Analysis
• Security Requirements Engineering
• Secure Software Maintenance
• Security Testing
• Security Monitoring
• Secure Embedded Systems
• Aspect-Oriented Security
• Secure Service-based Systems
• UMLsec Profile
• IT-Security Risk Assessment
• Secure Information Systems
• Model-based Security Engineering (Misc.)
• Program Comprehension
• Code Analysis
• Dependable Systems
• UML Model Analysis

Secure Software Engineering

General

• J. Jürjens and B. Nuseibeh, Software Engineering for Secure Systems (slides (TODO)), 33rd International Conference on Software Engineering (ICSE 2011), Technical Briefing. ACM 2011.

Foundations of Security

• M. Abadi and J. Jürjens, Formal Eavesdropping and its Computational Interpretation (paper (ps), paper (pdf), Bibentry, (older) slides, extended version (pdf)), Theoretical Aspects of Computer Software (4th International Symposium, TACS 2001), volume 2215 of Lecture Notes in Computer Science, Springer, 2001, pages 82-94. © Springer-Verlag
• J. Jürjens, Secrecy-preserving Refinement (paper (.pdf), paper (.ps), slides, Bibentry), International Symposium on Formal Methods Europe (FME 2001), volume 2021 of Lecture Notes in Computer Science, Springer, 2001, pages 135-152. © Springer-Verlag
• J. Jürjens, Secure information flow for concurrent processes (paper (.ps.gz), paper (.pdf), slides), Concur 2000, International Conference on Concurrency Theory, Pennsylvania, 22–25 August 2000, LNCS 1877 © Springer-Verlag

Code Security Analysis

• M. Aizatulin, A.D. Gordon, J. Jürjens, Extracting and Verifying Cryptographic Models from C Protocol Code by Symbolic Execution (bibtex TODO), 18th ACM Conference on Computer and Communications Security (CCS 2011), ACM 2011
• F. Dupressoir, A.D. Gordon, J. Jürjens, D. Naumann: Guiding a General-Purpose C Verifier to Prove Cryptographic Protocols. 24th IEEE Computer Security Foundations Symposium (CSF 2011), IEEE 2011. (bibtex TODO). Long version: TechReport MSR-TR-2011-50
• J. Jürjens, Yijun Yu, and A. Bauer: Tools for Traceable Security Verification. BCS Visions of Computer Science Conference, 2008. (paper, slides, bibtex TODO)
• J. Jürjens. Security Analysis of Crypto-based Java Programs using Automated Theorem Provers. 21st International Conference on Automated Software Engineering (ASE 2006), IEEE/ACM, 2006, pages 167-176. (paper, slides, bibtex)
• J. Jürjens and M. Yampolskiy. Code Security Analysis with Assertions. 20th International Conference on Automated Software Engineering (ASE 2005), IEEE/ACM, 2005, pp. 392-395. (paper, bibtex)
• J. Jürjens. Code Security Analysis of a Biometric Authentication System Using Automated Theorem Provers. In 21st Annual Computer Security Applications Conference (ACSAC 2005) IEEE, 2005, pp. 138-149. (paper, slides, bibtex)
• J. Jürjens. Understanding Security Goals Provided by Crypto-Protocol Implementations. 21st International Conference on Software Maintenance (ICSM 2005), IEEE, 2005, pp. 643-646. (paper, slides, bibtex)
• J. Jürjens. Verification of Low-level Crypto-Protocol Implementations Using Automated Theorem Proving. Third International Conference on Formal Methods and Models for Codesign (MEMOCODE 2005) ACM/IEEE, 2005, pp. 89-98. (paper, slides, bibtex)

Industrial Applications

• J. Lloyd, J. Jürjens, Security Analysis of a Biometric Authentication System using UMLsec and JML. in: 12th International Conference on Model Driven Engineering Languages and Systems (Models 2009), LNCS 5795, © Springer, 15 pp. (paper)
• J. Jürjens, J. Schreck, P. Bartmann: Model-based Security Analysis for Mobile Communications. ICSE 2008, pp. 683-692. (paper, slides, bibtex)
• B. Best, J. Jürjens, and B. Nuseibeh: Model-based Security Engineering of Distributed Information Systems using UMLsec 29th International Conference on Software Engineering (ICSE 2007), ACM, 2007, pp. 581-590. (paper, slides, bibtex)
• J. Jürjens: Model-based Security Engineering for Real (Industry Day Invited Paper). 14th International Symposium on Formal Methods (FM 2006), volume 4085 of Lecture Notes in Computer Science, Springer, 2006, pp. 600-606. (paper, slides, bibtex)

Automated Formal Security Analysis

• M. Ochoa, J. Jürjens, D. Warzecha A Sound Decision Procedure for the Compositionality of Secrecy (bibtex TODO), 4th International Symposium on Engineering Secure Software and Systems (ESSOS 2012), Springer, LNCS, 2012.
• J. Jürjens, L. Marchal, M. Ochoa, H. Schmidt: Incremental Security Verication for Evolving UMLsec models. In: Seventh European Conference on Modelling Foundations and Applications (ECMFA 2011), Birmingham 6-9 June 2011. ( slides TODO, bibtex TODO)
• J. Jürjens: Automated Security Hardening for Evolving UML Models. 33rd International Conference on Software Engineering (ICSE 2011), Research tool paper. ACM 2011. (bibtex TODO)
• L. Montrieux, J. Jürjens, C.B. Haley, Yijun Yu, P.-Y. Schobbens, H. Toussaint. Tool Support for Code Generation from a UMLsec Property. 25th IEEE/ACM International Conference on Automated Software Engineering (ASE'10). (paper, bibtex TODO)
• J. Jürjens, T. Weber, Finite Models in FOL-based Crypto-Protocol Verification. in: ARSPA-WITS 2009, LNCS, © Springer, 15 pp. (paper)
• S. Höhn and J. Jürjens: Rubacon: Automated Support for Model-based Compliance Engineering. ICSE 2008. (paper, slides, bibtex)
• J. Jürjens, J. Schreck, and Yijun Yu: Automated Analysis of Permission-Based Security using UMLsec. FASE 2008 (ETAPS), pp. 292-295. (paper, slides, bibtex)
• Yijun Yu, J. Jürjens, and J. Schreck. Tools for Traceability in Secure Software Development. 23nd Intern. Conference on Automated Software Engineering (ASE 2008).
• J. Jürjens and Yijun Yu: Tools for Model-based Security Engineering: Models vs. Code. 22nd International Conference on Automated Software Engineering (ASE 2007), IEEE/ACM, 2007.
• J. Jürjens and J. Fox: Tools for Model-based Security Engineering. 28th International Conference on Software Engineering (ICSE 2006), ACM, 2006. pp. 819-822. (paper, bibtex)
• J. Jürjens, Sound Methods and Effective Tools for Model-based Security Engineering with UML, (slides, paper, bibtex) 27th International Conference on Software Engineering, ACM, 2005, pages 322-331.
• J. Jürjens and P. Shabalin, Tools for Secure Systems Development with UML: Security Analysis with ATPs (paper, slides, audio, Bibentry), FASE 2005, Edinburgh, 2-10 April 2005, LNCS, © Springer-Verlag
• J. Jürjens and P. Shabalin, Automated Verification of UMLsec Models for Security Requirements (paper, slides, audio, Bibentry), UML 2004, Lisabon, Portugal Oct. 11–15, 2004, LNCS, © Springer-Verlag

Security Requirements Engineering

• H. Schmidt, J. Jürjens: Connecting Security Requirements Analysis and Secure Design Using Patterns and UMLsec. In: 23rd International Conference on Advanced Information System Engineering (CAiSE 2011), London, 20-24 June 2011. Lecture Notes in Computer Science TBD, Springer, pp. TBD. ( bibtex (TODO))
• D. Hatebur, M. Heisel, J. Jürjens, H. Schmidt: Systematic Development of UMLsec Design Models Based On Security Requirements. In: 14th International Conference on Fundamental Approaches to Software Engineering (FASE 2011), Saarbrücken, Germany, 26 March - 3 April, 2011. Lecture Notes in Computer Science TBD, Springer, pp. TBD. (bibtex (TODO))
• E. Knauss, S. Houmb, K. Schneider, S. Islam, J. Jürjens: Supporting Requirements Engineers in Recognising Security Issues. In: 17th International Working Conference on Requirements Engineering: Foundation for Software Quality (REFSQ 2011), Essen, 28-30 Mar. 2011. Lecture Notes in Computer Science TBD, Springer, pp. TBD. (bibtex (TODO))
• H. Mouratidis, A. Sunyaev, J. Jürjens, Secure Information Systems Engineering: Experiences and Lessons Learned from two Health Care Projects. in: Computer Aided Information Systems Engineering (CAiSE 2009), LNCS, © Springer, 15 pp. (paper)
• H. Mouratidis, J. Jürjens, and J. Fox. Towards a Comprehensive Framework for Secure Systems Development. 18th Conference on Advanced Information Systems Engineering (CAiSE 2006), volume 4001 of Lecture Notes in Computer Science, Springer, 2006, pp. 48-62. (paper, bibtex)

Secure Software Maintenance

• Yijun Yu, J. Jürjens, J. Mylopoulos: Application of Traceability to Maintenance of Secure Software. 24th IEEE International Conference on Software Maintenance (ICSM), 2008, pp. 297-306. (paper, slides, bibtex TODO)

Security Testing

• E. Fourneret, M. Ochoa, F. Bouquet, J. Botella, J. Jürjens, P. Yousefi: Model-Based Security Verification and Testing for Smart-cards. In: Sixth International Conference on Availability, Reliability and Security (AReS 2011), Vienna, August 22-26, 2011.
• G. Wimmel and J. Jürjens, Specification-based Test Generation for Security-Critical Systems Using Mutations (paper (ps), paper (pdf), slides available on request, Bibentry), ICFEM 2002, October 22–25, 2002 Shanghai, China, LNCS, © Springer-Verlag
• J. Jürjens and G. Wimmel, Formally Testing Fail-safety of Electronic Purse Protocols (paper, slides, Bibentry), Automated Software Engineering (ASE 2001), San Diego, 26–29 November 2001 © IEEE Computer Society
• J. Jürjens and G. Wimmel, Specification-based Testing of Firewalls (paper (ps), paper (pdf), slides, Bibentry), Andrei Ershov 4th International Conference "Perspectives of System Informatics" (PSI'01), 3–6 July 2001, Novosibirsk, Russia, LNCS © Springer-Verlag

Security Monitoring

• A. Pironti, J. Jürjens. Formally-Based Black-Box Monitoring of Security Protocols. International Symposium on Engineering Secure Software and Systems (ESSOS 2010), Lecture Notes in Computer Science, Springer, pp. TBD. (paper, bibtex TODO)
• J. Jürjens, Model-based Run-time Checking of Security Permissions using Guarded Objects. Runtime-Verification 2008 (RV`08 @ ETAPS 2008). Springer, LNCS 5289, pp. 36-50. (paper, slides, bibtex)

Secure Embedded Systems

• J. Jürjens, Developing Secure Embedded Systems: Pitfalls and How to Avoid Them. 29th International Conference on Software Engineering (ICSE 2007), ACM, 2007, Companion Volume pp.182-183. (paper, slides, bibtex)

Aspect-Oriented Security

• J. Jürjens and S.H. Houmb. Dynamic Secure Aspect Modeling with UML: From Models to Code. 8th International Conference on Model Driven Engineering Languages and Systems (Models 2005) (formerly the UML series of conferences) ACM/IEEE, 2005, pp. 142-155. (paper, slides, bibtex)

Secure Service-based Systems

• M. Deubler, J. Grünbauer, J. Jürjens, and G. Wimmel, Sound Development of Secure Service-based Systems (paper (ps), paper (pdf), slides, Bibentry), 2nd International Conference on Service Oriented Computing (ICSOC 2004) © ACM

UMLsec Profile

• J. Jürjens, UMLsec: Extending UML for Secure Systems Development (paper (ps), paper (pdf), slides, Bibentry), 5th International Conference on The Unified Modeling Language (UML 2002), volume 2460 of Lecture Notes in Computer Science, Springer, 2002, pages 412-425. © Springer-Verlag
• J. Jürjens, Towards Secure Systems Development with UMLsec (paper (ps), paper (pdf), slides), Fundamental Approaches to Software Engineering (FASE/ETAPS) 2001, International Conference, Genoa 4–6 April 2001, LNCS, © Springer-Verlag

IT-Security Risk Assessment

• S. Taubenberger, J. Jürjens, B. Nuseibeh, Yijun Yu: Problem Analysis of Traditional IT-Security Risk Assessment Methods - An Experience Report from the Insurance and Auditing Domain. In: 26th IFIP International Information Security Conference (IFIP SEC 2011), Lucerne, 7-9 June 2011.
• S.H. Houmb, G. Georg, R. France, J. Bieman, J. Jürjens, Cost-Benefit Trade-Off Analysis using BBN for Aspect-Oriented Risk-Driven Development, (paper(pdf)) ICECCS 2005, Shanghai, © IEEE Computer Society
• S.H. Houmb and J. Jürjens, Developing Secure Networked Web-Based Systems Using Model-based Risk Assessment and UMLsec (paper, slides, Bibentry), 10th Asia-Pacific Software Engineering Conference (APSEC 2003), Chiangmai (Thailand), 10–12 December 2003 © IEEE Computer Society

Secure Information Systems

• C. Blanco, E. Fernandez-Medina, J. Trujillo, J. Jürjens. Towards the Secure Modelling of OLAP Users Behaviour. 7th Workshop on Secure Data Management (SDM @ VLDB 2010), Lecture Notes in Computer Science, Springer, pp. TBD. (paper, bibtex TODO)

Model-based Security Engineering (Misc.)

• J. Jürjens, M. Lehrhuber, G. Wimmel, Model-Based Design and Analysis of Permission-Based Security, (paper(pdf)) ICECCS 2005, Shanghai, © IEEE Computer Society
• J. Fox and J. Jürjens, Introducing Security Aspects with Model Transformation, (paper (pdf)) 12th Annual IEEE International Conference on the Engineering of Computer-Based Systems (ECBS 2005), 4-5 April 2005, Greenbelt, © IEEE Computer Society
• J. Jürjens, Developing High-Assurance Secure Systems with UML: An electronic purchase protocol (ps, audio, slides), Eighth IEEE International Symposium on High Assurance Systems Engineering (HASE '04), 25–26 March, 2004, Tampa Florida © IEEE Computer Society
• J. Grünbauer, H. Hollmann, J. Jürjens and G. Wimmel, Modelling and Verification of Layered Security Protocols: A Bank Application (paper (ps), paper (pdf), slides, Bibentry), SAFECOMP 2003, 23–26 September 2003 Edinburgh, GB, LNCS, © Springer-Verlag
• J. Jürjens, Algebraic State Machines: Concepts and Applications to Security (paper (ps), paper (pdf), slides, audio, Bibentry), Andrei Ershov 5th International Conference "Perspectives of System Informatics" (PSI'03), 9–12 July 2003, Novosibirsk, Russia, LNCS © Springer-Verlag
• S. Höhn, J. Jürjens, Automated Checking of SAP Security Permissions (paper (ps.gz), paper (pdf), Bibentry), 6TH IFIP WG 11.5 Working Conference on Integrity and Internal Control in Information Systems (IICIS), Lausanne, Switzerland, Nov. 13–14, 2003 © Kluwer
• G. Popp, J. Jürjens, G. Wimmel, and R. Breu, Security-Critical System Development with Extended Use Cases (paper, slides, Bibentry), 10th Asia-Pacific Software Engineering Conference (APSEC 2003), Chiangmai (Thailand), 10–12 December 2003 © IEEE Computer Society
• R. Breu, K. Burger, M. Hafner, J. Jürjens, G. Popp, G. Wimmel and V. Lotz, Key Issues of a Formally based Process Model for Security Engineering (paper, slides, Bibentry), ICSSEA 2003 – Sixteenth International Conference "Software & Systems Engineering & their Applications", Paris, December 2–4, 2003
• J. Jürjens, Using UMLsec and Goal-Trees for Secure Systems Development (paper (ps), paper (pdf), slides, audio, Bibentry), Symposium of Applied Computing (SAC 2002), Madrid, March 10–14, 2002 © ACM
• J. Jürjens, Encapsulating Rules of Prudent Security Engineering (paper (ps), paper (pdf), slides, Bibentry), International Workshop on Security Protocols, Cambridge 25–27 April 2001, LNCS, © Springer-Verlag
• J. Jürjens, Modelling audit security for smart-card payment schemes with UMLsec (paper (ps), paper (pdf), Bibentry, slides, audio1, audio2, audio3), IFIP/SEC 2001 – 16th International Conference on Information Security, Paris, 11–13 June 2001 © Kluwer Best student paper award
• J. Jürjens, Secure Java Development with UML (paper (ps), paper (pdf), slides, Bibentry), I-NetSec 01 – First International IFIP TC-11 WG 11.4 Working Conference on Network Security, Leuven (Belgium), November 26–27, 2001 © Kluwer
• J. Jürjens and G. Wimmel, Security Modelling for Electronic Commerce: The Common Electronic Purse Specifications (paper, Bibentry, slides), First IFIP conference on e-commerce, e-business, and e-government (I3E), Zürich, 3–5 October 2001 © Kluwer
• J. Jürjens, Composability of Secrecy (paper (ps), paper (pdf), Bibentry, slides), International Workshop on Mathematical Methods, Models and Architectures for Computer Networks Security (MMM 2001), May 21–23, 2001, St. Petersburg, Russia, LNCS 2052 © Springer-Verlag

Program Comprehension

• D. Ratiu, R. Marinescu, J. Jürjens, The Logical Modularity of Programs. in: Working Conference for Reverse Engineering (WCRE 2009), (paper)
• D. Ratiu and J. Jürjens: Evaluating the Reference and Representation of Domain Concepts in APIs. 16th IEEE International Conference on Program Comprehension (ICPC 2008), IEEE, 2008, pp. TODO. (paper, slides, bibtex TODO)
• D. Ratiu, M. Feilkas, and J. Jürjens: Extracting Domain Ontologies from Domain Specific APIs. 12th European Conference on Software Maintenance and Reengineering (CSMR 08), IEEE. (paper, slides, bibtex)
• D. Ratiu and J. Jürjens: The Reality of Libraries. 11th European Conference on Software Maintenance and Reengineering (CSMR 2007), IEEE, 2007, pp. 307-318. (paper, bibtex)

Code Analysis

• S. Wagner, J. Jürjens, Claudia Koller, Peter Trischberger, Comparing Bug Finding Tools with Reviews and Tests., Testcom 2005, LNCS, © Springer-Verlag (paper, bibtex)

Dependable Systems

• M.S. Sadi, M.N. Uddin, M.M.R. Khan, J. Jürjens. Mitigating Soft Error Risks through Protecting Critical Variables and Blocks. International Conference on Computer Science, Engineering & Applications (ICCSEA'11), LNCS, Springer, 2011.
• M.S. Sadi, D.G. Myers, C. Ortega, J. Jürjens, A Novel Approach to Minimizing the Risks of Soft Errors in Mobile and Ubiquitous Systems. in: IEEE TENCON 2009 (paper)
• J. Jürjens, D. Trachtenherz, and D. Reiss: Model-based Quality Assurance of Automotive Software. ACM/IEEE 11th International Conference on Model Driven Engineering Languages and Systems (Models 2008) (paper, slides, bibtex, experimental data)
• S. Wagner and J. Jürjens. Model-Based Identification of Fault-Prone Components., 5th European Dependable Computing Conference on Dependable Computing (EDCC-5), volume 3463 of Lecture Notes in Computer Science, Springer, 2005, pp. 435-452. (paper, bibtex)
• J. Botaschanjan and J. Jürjens, Modeling and Analyzing Time-Constraints, 12th Annual IEEE International Conference on the Engineering of Computer-Based Systems (ECBS 2005), 4–5 April 2005, Greenbelt (paper, bibtex)
• J. Jürjens, Developing safety-critical systems with UML (paper (ps), paper (pdf), slides, Bibentry), audio UML 2003, San Francisco, Oct. 20–24, 2003, LNCS, © Springer-Verlag
• J. Jürjens and S.H. Houmb, Development of Safety-Critical Systems and Model-based Risk Analysis with UML, (Bibentry) Dependable Computing (LADC 2003), São Paulo (Brazil), Oct. 21–24, 2003, LNCS, © Springer-Verlag
• J. Romberg, J. Jürjens, G. Wimmel, O. Slotosch, G. Hahn, AUTOFOCUS and the MoDe Tool (paper), Third International Conference on Application of Concurrency to System Design (ACSD),Guimaraes (Portugal), June 18–20, 2003, © IEEE Computer Society
• J. Jürjens, J. Grünbauer, Critical Systems Development with UML: Overview with Automotive Case-study (slides, audio1, audio2, ps, paper, Bibentry) , 4th International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD'03), Lübeck (Germany), October 16–18, 2003
• J. Jürjens, Abstracting from Failure Probabilities (paper (.ps), paper(.pdf), slides, Bibentry), ICACSD 2001 (International Conference on Application of Concurrency to System Design), Newcastle, 25–29 June 2001 © IEEE Computer Society

UML Model Analysis

• J. Jürjens and P. Shabalin, Tools for Critical Systems Development with UML. UML Modeling Languages and Applications, UML 2004 Satellite Activities, Revised Selected Papers, volume 3297 of Lecture Notes in Computer Science, pp. 250-253. Springer, 2004. (paper, bibtex)
• J. Jürjens and P. Shabalin, A Foundation for Tool-Supported Critical Systems Development with UML (pdf, slides), 11th Annual IEEE International Conference on the Engineering of Computer Based Systems (ECBS 2004), May 24–26, 2004, Brno, Czech Republic © IEEE Computer Society
• J. Jürjens, Formal Semantics for Interacting UML subsystems (paper (ps), paper (pdf), slides, audio (MS Outlook), Bibentry), IFIP TC6/WG6.1 Fifth International Conference on Formal Methods for Open Object-Based Distributed Systems (FMOODS 2002), Twente, March 20–22, 2002 © Kluwer
• J. Jürjens, A UML statecharts semantics with message-passing, Symposium of Applied Computing (SAC 2002) (paper (ps), paper (pdf), slides, audio, Bibentry), Madrid, March 10–14, 2002 © ACM