The following paper and presentations give an overview on my research (as of 2006):

• Jan Jürjens, Model-based Security Engineering, SECRYPT, Portugal, June 2006 (invited talk) (paper, slides, bibtex)
• 5 min white-board presentation (low-quality .wmv (2 MB) or .rm (3 MB); medium-quality .wmv (6 MB) or .rm (8 MB); high-quality .wmv (14 MB) or .rm (14 MB); white board)
• 5 min poster presentation (low-quality .wmv (2 MB) or .rm (5 MB); medium-quality .wmv (5 MB) or .rm (7 MB); poster)
• 60 min slide presentation (.wmv (13 MB), .rm (19 MB), corresponding slides)
• 60min slide presentation including discussion: mov (122 MB !), streaming mov (87 MB !)

Overview on the Fraunhofer Attract project "Architectures for Auditable Business Process Engineering (APEX)": slides (in German)

The picture below gives a good summary of much (but not all) of my research:

Note for searching citations etc. in public databases: Citeseer does not seem to be able to deal with the Umlaut in my name. Google scholar does a slightly better job at this but only using this search fixing an apparent OCR problem (and then one still needs to add up the citations for the different spellings for each document...). See also my DBLP publication list (which lists me as one of the roughly 4000 most prolific DBLP authors - whatever that means...).

In Mar. 2011, a search delivered more than 2100 citations of my publications at Google Scholar, with an h-index 24 (using the link above). According to the Google Scholar citations, my most highly-used research outputs include the UMLsec research monograph (at least 418 citations according to Google Scholar in Jan. 2010, without counting all entries for the different spellings) and the conference papers at UML'02 (at least 292 citations and the 4th most cited UML conference article according to Google Scholar in Aug. 2009), TACS'01 (at least 156 citations and the 10th most cited TACS article) and FASE'01 (at least 111 citations and among the 5 most cited FASE articles).

Relevant overviews from other sources

Model-Driven Security is considered an important emerging technology in the following Gartner report: Gartner Briefing G00151498, Model-Driven Security: Enabling a Real-Time, Adaptive Security Infrastructure, 21st September 2007

Wikipedia entry on Model-Driven Security.

Nice overview on Software Engineering for Secure Software: K. R. Jayaram and Aditya Mathur, Software Engineering for Secure Software - State of the Art: A Survey. August 2005.Technical Report CERIAS-TR-2005-67, SERC-TR-279

Interesting industrial application of secure software engineering: Axelle Apvrille, Makan Pourzandi: Secure Software Development by Example. IEEE Security & Privacy 3(4): 10-17 (2005)

Relevant article in the Build Security In body of knowledge: Samuel T. Redwine: Introduction to Modeling Tools for Software Security, 2007

Overview on Software Assurance by Sam Redwine.

State of the art regarding secure software development in practice today, with some recommendations how to improve on that: Bill Whyte and John Harrison: Secure Software Development - a White Paper, 2008

Suggestions for future research in secure software engineering: Martin Wirsing: Software Engineering for Secure Software-Intensive Systems, Consultation meeting on "Engineering Secure Software Systems" in the context of the preparation of the EU FP7 ICT work programme 2009-2010.