1. L. Apvrille (2013): TTool website. In:
  2. L. Apvrille & A. Becoulet (2012): Prototyping an Embedded Automotive System from its UML/SysML Models. In: ERTSS'2012, Toulouse, France.
  3. L. Apvrille & P. De Saqui-Sannes (2013): Requirements Analysis. Embedded Systems: Analysis and Modeling with SysML, UML and AADL.
  4. L. Apvrille, W. Muhammad, R. Ameur-Boulifa, S. Coudert & R. Pacalet (2006): A UML-Based Environment for System Design Space Exploration. In: Electronics, Circuits and Systems, 2006. ICECS '06. 13th IEEE International Conference on, pp. 1272 –1275, doi:10.1109/ICECS.2006.379694.
  5. A. Armando, D. Basin, Y. Boichut, Y. Chevalier, L. Compagna, J. Cuellar, P.Hankes Drielsma, P.C. Heám, O. Kouchnarenko, J. Mantovani, S. Mödersheim, D. Oheimb, M. Rusinowitch, J. Santiago, M. Turuani, L. Viganò & L. Vigneron (2005): The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications. In: Kousha Etessami & SriramK. Rajamani: Computer Aided Verification, Lecture Notes in Computer Science 3576. Springer Berlin Heidelberg, pp. 281–285, doi:10.1007/11513988_27.
  6. F. Assolini (2012): The Tale of One Thousand and One DSL Modems, Kaspersky Lab. Available at
  7. F. Balarin, Y. Watanabe, H. Hsieh, L. Lavagno, C. Passerone & A. Sangiovanni-Vincentelli (2003): Metropolis: An Integrated Electronic System Design Environment. Computer 36(4), pp. 45–52, doi:10.1109/MC.2003.1193228.
  8. J. Bengtsson & W. Yi. (2004): Timed Automata: Semantics, Algorithms and Tools. In: Lecture Notes on Concurrency and Petri Nets. W. Reisig and G. Rozenberg (eds.), LNCS 3098, Springer-Verlag, pp. 87–124, doi:10.1007/978-3-540-27755-2.
  9. B. Blanchet (2009): Automatic Verification of Correspondences for Security Protocols. Journal of Computer Security 17(4), pp. 363–434, doi:10.3233/JCS-2009-0339.
  10. M. Drouineaud, M. Bortin, P. Torrini & K. Sohr: A First Step Towards Formal Verification of Security Policy Properties for RBAC. In: QSIC'04, Washington, DC, USA, pp. 60–67, doi:10.1109/QSIC.2004.1357945.
  11. D. P. Eames & J. D. Moffett (1999): The Integration of Safety and Security Requirements. In: SAFECOMP, pp. 468–480, doi:10.1007/3-540-48249-0_40.
  12. S. Esser (2011): Exploiting the iOS Kernel. In: BlackHat 2011.
  13. O. Henniger, L. Apvrille, A. Fuchs, Y. Roudier, A. Ruddle & B. Weyl: Security Requirements for Automotive On-Board Networks. In: ITST 2009, Lille, France, doi:10.1109/ITST.2009.5399279.
  14. T. Hoppe, S. Kiltz & J. Dittmann (2011): Security Threats to Automotive CAN Networks - Practical Examples and Selected Short-Term Countermeasures. Rel. Eng. & Sys. Safety 96(1), pp. 11–25. Available at
  15. A. Huang (2002): Keeping Secrets in Hardware: the Microsoft XBox Case Study, AI Memo 2002-008, Massachusetts Institute of Technology, Artificial Intelligence Laboratory. Technical Report.
  16. M. S. Idrees (2012): A Requirements Engineering Driven Approach to Security Architecture Design for Distributed Embedded Systems. Telecom ParisTech.
  17. J. Jürjens (2002): Using UMLsec and Goal-Trees for Secure Systems Development. In: G. B. Lamont, H. Haddad, G. Papadopoulos & B. Panda: Proceedings of the 2002 Symposium of Applied Computing (SAC). ACM, Madrid, Spain, pp. 1026–1031, doi:10.1145/508791.508990. Proceedings of the 2002 ACM Symposium of Applied Computing.
  18. J. Jürjens (2007): Developing Secure Embedded Systems: Pitfalls and How to Avoid Them. In: 29th International Conference on Software Engineering (ICSE 2007). ACM, pp. 182–183.
  19. E. Kelling, M. Friedewald, T. Leimbach, M. Menzel, P. Säger, H. Seudié & B. Weyl (2009): Specification and Evaluation of e-Security Relevant Use cases. Technical Report Deliverable D2.1. EVITA Project.
  20. D. Knorreck (2011): UML-based Design Space Exploration, Fast Simulation and Static Analysis. In: Ph.D. of Ecole doctorale informatique, télécommunications et électronique of Paris.
  21. D. Knorreck, L. Apvrille & P. De Saqui-Sannes (2011): TEPE: A SysML Language for Time-Constrained Property Modeling and Formal Verification. ACM SIGSOFT Software Engineering Notes 36(1), pp. 1–8, doi:10.1145.1921532.1921556.
  22. Barbara Kordy, Piotr Kordy, Sjouke Mauw & Patrick Schweitzer (2013): ADTool: Security Analysis with Attack–Defense Trees. In: Kaustubh Joshi, Markus Siegle, Mariëlle Stoelinga & PedroR. D’Argenio: Quantitative Evaluation of Systems, Lecture Notes in Computer Science 8054. Springer Berlin Heidelberg, pp. 173–176, doi:10.1007/978-3-642-40196-1_15.
  23. A. Maña & G. Pujol (2008): Towards Formal Specification of Abstract Security Properties. In: The Third International Conference on Availability, Reliability and Security 0-7695-3102-4/08. IEEE.
  24. A. Nhlabatsi, B. Nuseibeh & Y. Yu (2010): Security Requirements Engineering for Evolving Software Systems: a survey. Technical Report 1. The Open University.
  25. B. Nuseibeh (2001): Weaving Together Requirements and Architectures. IEEE Computer 34(3), pp. 115–117, doi:10.1109/2.910904.
  26. G. Pedroza (2013): Assisting the Design of Secured Applications for Mobile Vehicles. In: Ph.D. of Ecole doctorale informatique, télécommunications et électronique of Paris.
  27. G. Pedroza, M. S. Idrees, L. Apvrille & Y. Roudier (2011): A Formal Methodology Applied to Secure Over-The-Air Automotive Applications. In: VTC-Fall2011, IEEE 74th Vehicular Technology Conference, 5-8 September 2011, San Francisco, USA, San Francisco, USA, doi:10.1109/VETECF.2011.6093061.
  28. L. Pietre-Cambacedes & M. Bouissou (2013): Cross-fertilization between safety and security engineering. Rel. Eng. & Sys. Safety 110, pp. 110–126, doi:10.1016/j.ress.2012.09.011.
  29. C. Raspotnig & A. L. Opdahl (2013): Comparing risk identification techniques for safety and security requirements. Journal of Systems and Software 86(4), pp. 1124–1151, doi:10.1016/j.jss.2012.12.002.
  30. Y. Roudier, M. S. Idrees & L. Apvrille (2013): Towards the Model-Driven Engineering of Security Requirements for Embedded Systems. In: proceedings of MoDRE'13, Rio de Janeiro, Brazil, doi:10.1109/MoDRE.2013.6597264.
  31. A. Ruddle & et al (2009): Security Requirements for Automotive On-board Networks Based on Dark-side Scenarios. Technical Report Deliverable D2.3. EVITA Project.
  32. B. Schneier (1999): Attack Trees: Modeling Security Threats.
  33. H. Schweppe, Y. Roudier, B. Weyl, L. Apvrille & D. Scheuermann (2011): C2X Communication: Securing the Last Meter. In: The 4th IEEE International Symposium on Wireless Vehicular Communications: WIVEC2011, San Francisco, USA.
  34. H. Teso (2013): Aircraft Hacking. In: HITB Security Conference, Amsterdam, The Netherlands.
  35. M. J. Toussaint (1993): A New Method for Analyzing the Security of Cryptographic Protocols. In: Journal on Selected Areas in Communications 11, No. 5. IEEE.
  36. A. Van Lamsweerde (2007): Engineering Requirements for System Reliability and Security. Software System Reliability and Security 9, pp. 196–238.

Comments and questions to:
For website issues: