Publications by Mathias Ekstedt
Peer reviewed
Articles
[1]
S. Katsikeas et al., "Development and validation of coreLang : A threat modeling language for the ICT domain," Computers & security (Print), vol. 146, 2024.
[2]
S. Katsikeas et al., "Empirical evaluation of a threat modeling language as a cybersecurity assessment tool," Computers & security (Print), vol. 140, 2024.
[3]
E. Ling and M. Ekstedt, "A threat modeling language for generating attack graphs of substation automation systems," International Journal of Critical Infrastructure Protection, pp. 100601-100601, 2023.
[4]
M. Balliu et al., "Challenges of Producing Software Bill of Materials for Java," IEEE Security and Privacy, vol. 21, no. 6, pp. 12-23, 2023.
[5]
E. Rencelj Ling and M. Ekstedt, "Estimating Time-To-Compromise for Industrial Control System Attack Techniques Through Vulnerability Data," SN Computer Science, vol. 4, no. 3, 2023.
[6]
W. Widel et al., "The meta attack language-a formal description," Computers & security (Print), vol. 130, pp. 103284, 2023.
[7]
M. Ekstedt et al., "Yet another cybersecurity risk assessment framework," International Journal of Information Security, vol. 22, no. 6, pp. 1713-1729, 2023.
[8]
W. Widel, P. Mukherjee and M. Ekstedt, "Security Countermeasures Selection Using the Meta Attack Language and Probabilistic Attack Graphs," IEEE Access, vol. 10, pp. 89645-89662, 2022.
[9]
S. Katsikeas et al., "Research communities in cyber security: A comprehensive literature review," Computer Science Review, vol. 42, pp. 100431-100431, 2021.
[10]
S. Hacks et al., "powerLang : a probabilistic attack simulation language for the power domain," Energy Informatics, vol. 3, no. 1, 2020.
[11]
A. Iqbal, F. Mahmood and M. Ekstedt, "Digital Forensic Analysis of Industrial Control Systems Using Sandboxing : A Case of WAMPAC Applications in the Power Systems," Energies, vol. 12, no. 13, 2019.
[12]
P. Johnson et al., "Can the Common Vulnerability Scoring System be Trusted? : A Bayesian Analysis," IEEE Transactions on Dependable and Secure Computing, vol. 15, no. 6, pp. 1002-1015, 2018.
[13]
A. Vernotte et al., "Load Balancing of Renewable Energy : A Cyber Security Analysis," Energy Informatics, vol. 1, 2018.
[14]
M. Ekstedt et al., "Message from the EDOC 2018 Workshop and Demo Chairs," 22nd IEEE International Enterprise Distributed Object Computing Conference Workshops, EDOCW 2018, vol. 2018-October, 2018.
[15]
R. Lagerström et al., "Automated Probabilistic System Architecture Analysis in the Multi-Attribute Prediction Language (MAPL) : Iteratively Developed using Multiple Case Studies," International Journal of Complex Systems Informatics and Modeling Quarterly (CSIMQ), vol. June/July, no. 11, pp. 38-68, 2017.
[16]
M. Korman, R. Lagerström and M. Ekstedt, "Modeling Enterprise Authorization : A Unified Metamodel and Initial Validation," Complex Systems Informatics and Modeling Quarterly, no. 7, pp. 1-24, 2016.
[17]
W. Rocha Flores and M. Ekstedt, "Shaping intention to resist social engineering through transformational leadership, information security culture and awareness," Computers & security (Print), vol. 59, pp. 26-44, 2016.
[18]
P. Johnson and M. Ekstedt, "The Tarpit - A general theory of software engineering," Information and Software Technology, vol. 70, pp. 181-203, 2016.
[19]
P. Johnson et al., "Time between vulnerability disclosures : A measure of software product vulnerability," Computers & security (Print), vol. 62, pp. 278-295, 2016.
[20]
H. Holm, M. Korman and M. Ekstedt, "A Bayesian network model for likelihood estimations of acquirement of critical software vulnerabilities and exploits," Information and Software Technology, vol. 58, pp. 304-318, 2015.
[21]
W. Rocha Flores et al., "Investigating personal determinants of phishing and the effect of national culture," Information Management & Computer Security, vol. 23, no. 2, 2015.
[22]
H. Holm et al., "P2CySeMoL : Predictive, Probabilistic Cyber Security Modeling Language," IEEE Transactions on Dependable and Secure Computing, vol. 12, no. 6, pp. 626-639, 2015.
[23]
M. Ekstedt and A. Dahlgren, "Safe care also in the home : a future challenge," Läkartidningen, vol. 112, no. 22, pp. 1040-1041, 2015.
[24]
P. Gustafson et al., "Safer Swedish healthcare requires coherent and persistent efforts," Läkartidningen, vol. 112, 2015.
[25]
P. Johnson et al., "Towards general theories of software engineering," Science of Computer Programming, vol. 101, pp. 1-5, 2015.
[26]
P. Närman, M. Buschle and M. Ekstedt, "An enterprise architecture framework for multi-attribute information systems analysis," Software and Systems Modeling, vol. 13, no. 3, pp. 1085-1116, 2014.
[27]
H. Holm et al., "Automatic data collection for enterprise architecture models," Software and Systems Modeling, vol. 13, no. 2, pp. 825-841, 2014.
[28]
P. Närman et al., "Enterprise Architecture Availability Analysis Using Fault Trees and Stakeholder Interviews," Enterprise Information Systems, vol. 8, no. 1, pp. 1-25, 2014.
[29]
H. Holm et al., "Indicators of expert judgement and their significance : An empirical investigation in the area of cyber security," Expert systems (Print), vol. 3, no. 4, pp. 299-318, 2014.
[30]
W. Rocha Flores, E. Antonsen and M. Ekstedt, "Information security knowledge sharing in organizations : Investigating the effect of behavioral information security governance and national culture," Computers & security (Print), vol. 43, pp. 90-110, 2014.
[31]
T. Sommestad et al., "Quantifying the Effectivenness of Intrusion Detection Systems in Operation through Domain Experts," Journal of Information System Security, vol. 10, no. 2, pp. 3-35, 2014.
[32]
H. Holm and M. Ekstedt, "Estimates on the effectiveness of web application firewalls against targeted attacks," Information Management & Computer Security, vol. 21, no. 4, pp. 250-265, 2013.
[33]
T. Sommestad, M. Ekstedt and H. Holm, "The Cyber Security Modeling Language : A Tool for Assessing the Vulnerability of Enterprise System Architectures," IEEE Systems Journal, vol. 7, no. 3, pp. 363-373, 2013.
[34]
P. Närman et al., "Using enterprise architecture analysis and interview data to estimate service response time," Journal of strategic information systems, vol. 22, no. 1, pp. 70-85, 2013.
[35]
Q. Lambert et al., "Business models for an aggregator," Information Management & Computer Security, 2012.
[36]
G. Dán et al., "Challenges in Power System Information Security," IEEE Security and Privacy, vol. 10, no. 4, pp. 62-70, 2012.
[37]
H. Holm, M. Ekstedt and D. Andersson, "Empirical Analysis of System-Level Vulnerability Metrics through Actual Attacks," IEEE Transactions on Dependable and Secure Computing, vol. 9, no. 6, pp. 825-837, 2012.
[38]
T. Sommestad, H. Holm and M. Ekstedt, "Estimates of success rates of remote arbitrary code execution attacks," Information Management & Computer Security, vol. 20, no. 2, pp. 107-122, 2012.
[39]
H. Holm et al., "Success Rate of Remote Code Execution Attacks : Expert Assessments and Observations," Journal of universal computer science (Online), vol. 18, no. 6, pp. 732-749, 2012.
[40]
P. Johnson, M. Ekstedt and I. Jacobson, "Where's the theory for software engineering?," IEEE Software, vol. 29, no. 5, pp. 94-95, 2012.
[41]
W. Rocha Flores et al., "Assessing Future Value of Investments in Security-Related IT Governance Control Objectives : Surveying IT Professionals," Electronic Journal of Information Systems Evaluation, vol. 14, no. 2, pp. 216-227, 2011.
[42]
P. Närman et al., "Data accuracy assessment using enterprise architecture," Enterprise Information Systems, vol. 5, no. 1, pp. 37-58, 2011.
[43]
M. Simonsson et al., "It governance decision support using the it organization modeling and assesment tool," International Journal of Innovation and Technology Management (IJITM), vol. 8, no. 2, pp. 167-189, 2011.
[44]
T. Sommestad et al., "Security mistakes in information system deployment projects," Information Management & Computer Security, vol. 19, no. 2, pp. 80-94, 2011.
[45]
M. Gammelgård, M. Ekstedt and P. Närman, "A method for assessing the business value of information system scenarios with an estimated credibility of the result," International Journal of Services Technology and Management, vol. 13, no. 1-2, pp. 105-133, 2010.
[46]
T. Sommestad, M. Ekstedt and P. Johnson, "A probabilistic relational model for security risk analysis," Computers & security (Print), vol. 29, no. 6, pp. 659-679, 2010.
[47]
R. Lagerström, P. Johnson and M. Ekstedt, "Architecture analysis of enterprise systems modifiability - A metamodel for software change cost estimation," Software quality journal, vol. 18, no. 4, pp. 437-468, 2010.
[48]
M. Simonsson, P. Johnson and M. Ekstedt, "The Effect of IT Governance Maturity on IT Governance Performance," Information systems management, vol. 27, no. 1, pp. 10-24, 2010.
[49]
T. Sommestad, M. Ekstedt and L. Nordström, "Modeling Security of Power Communication Systems Using Defense Graphs and Influence Diagrams," IEEE Transactions on Power Delivery, vol. 24, no. 4, pp. 1801-1808, 2009.
[50]
Å. Lindstrom et al., "A survey on CIO concerns - do enterprise architecture frameworks support them?," Information Systems Frontiers, vol. 8, no. 2, pp. 81-90, 2006.
[51]
E. Johansson, M. Ekstedt and P. Johnson, "Assessment of Enterprise Information Security : The Importance of Information Search Cost," Proceedings of the Annual Hawaii International Conference on System Sciences, vol. 9, pp. 219a, 2006.
Conference papers
[52]
V. Engström, G. Nebbione and M. Ekstedt, "A Metalanguage for Dynamic Attack Graphs and Lazy Generation," in ARES 2024 - 19th International Conference on Availability, Reliability and Security, Proceedings, 2024.
[53]
M. Balliu et al., "Software Bill of Materials in Java," in SCORED 2023 - Proceedings of the 2023 Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses, 2023, pp. 75-76.
[54]
P. Fahlander et al., "Containment Strategy Formalism in a Probabilistic Threat Modelling Framework," in Proceedings of the 8th international conference on information systems security and privacy (ICISSP), 2022, pp. 108-120.
[55]
O. Kraft et al., "Development and Implementation of a Holistic Flexibility Market Architecture," in 2022 IEEE Power and Energy Society Innovative Smart Grid Technologies Conference, ISGT 2022, 2022.
[56]
E. Rencelj Ling and M. Ekstedt, "Estimating the Time-To-Compromise of Exploiting Industrial Control System Vulnerabilities," in Proceedings of the 8th International Conference on Information Systems Security and Privacy - ICISSP, 2022, pp. 96-107.
[57]
N. Muller et al., "Threat Scenarios and Monitoring Requirements for Cyber-Physical Systems of Flexibility Markets," in 2022 IEEE PES Generation, Transmission and Distribution Conference and Exposition - Latin America, IEEE PES GTD Latin America 2022, 2022.
[58]
E. Rencelj Ling and M. Ekstedt, "Generating Threat Models and Attack Graphs based on the IEC 61850 System Configuration description Language," in Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems, 2021.
[59]
A. Gylling et al., "Mapping Cyber Threat Intelligence to Probabilistic Attack Graphs," in PROCEEDINGS OF THE 2021 IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND RESILIENCE (IEEE CSR), 2021, pp. 304-311.
[60]
E. Ling, R. Lagerström and M. Ekstedt, "A Systematic Literature Review of Information Sources for Threat Modeling in the Power Systems Domain," in Critical Information Infrastructures Security, CRITIS. 15th International Conference, CRITIS 2020, Bristol, UK, September 2–3, 2020, Proceedings, 2020, pp. 47-58.
[61]
S. Katsikeas et al., "An Attack Simulation Language for the IT Domain," in Graphical Models for Security : 7th International Workshop, GraMSec 2020, Boston, MA, USA, June 22, 2020, Revised Selected Papers, 2020, pp. 67-86.
[62]
R. Lagerström, W. Xiong and M. Ekstedt, "Threat modeling and attack simulations of smart cities : A literature review and explorative study," in ICISSP 2020 - Proceedings of the 6th International Conference on Information Systems Security and Privacy, 2020, pp. 369-376.
[63]
X. Mao et al., "Conceptual Abstraction of Attack Graphs : a Use Case of securiCAD," in Graphical Models for Security. GraMSec 2019., 2019, pp. 186-202.
[64]
M. Ekstedt and I. Rychkova, "Message from the EDOC 2019 workshop and demo chairs," in Proceedings 23rd IEEE International Enterprise Distributed Object Computing Workshop, EDOCW 2019, 2019.
[65]
M. Almgren et al., "RICS-el : Building a national testbed for research and training on SCADA security (short paper)," in Lect. Notes Comput. Sci., 2019, pp. 219-225.
[66]
P. Johnson, R. Lagerström and M. Ekstedt, "A Meta Language for Threat Modeling and Attack Simulations," in ACM International Conference Proceeding Series, 2018.
[67]
A. Iqbal, F. Mahmood and M. Ekstedt, "An Experimental Forensic Test bed: Attack-based Digital Forensic Analysis of WAMPAC Applications," in The 11th Mediterranean Conference on Power Generation, Transmission, Distribution and Energy Conversion (MedPower 2018), 2018.
[68]
A. Iqbal, F. Mahmood and M. Ekstedt, "An experimental forensic testbed : Attack-based digital forensic analysis of WAMPAC applications," in IET Conference Publications, 2018.
[69]
R. Terruggia, G. Dondossola and M. Ekstedt, "Cyber security analysis of Web-of-Cells energy architectures," in Proceedings of the 5th International Symposium for ICS & SCADA Cyber Security Research (ICS-CSR), 2018.
[70]
A. Iqbal, M. Ekstedt and H. Alobaidli, "Digital Forensic Readiness in Critical Infrastructures : A case of substation automation in the power sector," in Digital Forensics and Cyber Crime : 9th International Conference, ICDF2C 2017, Prague, Czech Republic, October 9-11, 2017, Proceedings, 2018, pp. 117-129.
[71]
A. Iqbal et al., "Identification of Attack-based Digital Forensic Evidences for WAMPAC Systems," in Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018, 2018, pp. 3078-3086.
[72]
M. Korman et al., "Analyzing the effectiveness of attack countermeasures in a SCADA system," in Proceedings - 2017 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017 (part of CPS Week), 2017, pp. 73-78.
[73]
R. Lagerström, P. Johnson and M. Ekstedt, "Automatic Design of Secure Enterprise Architecture," in Proceedings of the 2017 IEEE 21st International Enterprise Distributed Object Computing Conference Workshops and Demonstrations (EDOCW 2017), 2017, pp. 65-70.
[74]
A. Iqbal, M. Ekstedt and H. Alobaidli, "Exploratory studies into forensic logs for criminal investigation using case studies in industrial control systems in the power sector," in 2017 IEEE International Conference on Big Data (Big Data), 2017, pp. 3657-3661.
[75]
A. Vernotte et al., "In-Depth Modeling of the UNIX Operating System for Architectural Cyber Security Analysis," in PROCEEDINGS OF THE 2017 IEEE 21ST INTERNATIONAL ENTERPRISE DISTRIBUTED OBJECT COMPUTING CONFERENCE WORKSHOPS AND DEMONSTRATIONS (EDOCW 2017), 2017, pp. 127-136.
[76]
R. Blom et al., "Analyzing attack resilience of an advanced meter infrastructure reference model," in Joint Workshop on Cyber-Physical Security and Resilience in Smart Grids (CPSR-SG), 2016.
[77]
M. Välja et al., "Automated Architecture Modeling for Enterprise Technology Management Using Principles from Data Fusion : A Security Analysis Case," in PORTLAND INTERNATIONAL CONFERENCE ON MANAGEMENT OF ENGINEERING AND TECHNOLOGY (PICMET 2016) : TECHNOLOGY MANAGEMENT FOR SOCIAL INNOVATION, 2016, pp. 14-22.
[78]
P. Johnson, M. Ekstedt and R. Lagerström, "Automatic Probabilistic Enterprise IT Architecture Modeling : a Dynamic Bayesian Networks Approach," in 2016 IEEE 20TH INTERNATIONAL ENTERPRISE DISTRIBUTED OBJECT COMPUTING WORKSHOP (EDOCW), 2016, pp. 122-129.
[79]
R. Udd et al., "Exploiting bro for intrusion detection in a SCADA system," in CPSS 2016 - Proceedings of the 2nd ACM International Workshop on Cyber-Physical System Security, Co-located with Asia CCS 2016, 2016, pp. 44-51.
[80]
P. Johnson et al., "Modeling and analyzing systems-of-systems in the Multi-Attribute Prediction Language (MAPL)," in Proceedings - 4th International Workshop on Software Engineering for Systems-of-Systems, SESoS 2016, 2016, pp. 1-7.
[81]
B. Kordy, M. Ekstedt and D. S. Kim, "Preface," in 3rd International Workshop on Graphical Models for Security, GraMSec 2016, 2016, pp. V-VI.
[82]
P. Johnson et al., "Quantitative Information Security Risk Estimation using Probabilistic Attack Graphs," in RISK: International Workshop on Risk Assessment and Risk-driven Testing : 4th International Workshop, RISK 2016, Held in Conjunction with ICTSS 2016, Graz, Austria, October 18, 2016, Revised Selected Papers, 2016, pp. 37-52.
[83]
M. Korman et al., "Technology Management through Architecture Reference Models : A Smart Metering Case," in PORTLAND INTERNATIONAL CONFERENCE ON MANAGEMENT OF ENGINEERING AND TECHNOLOGY (PICMET 2016) : TECHNOLOGY MANAGEMENT FOR SOCIAL INNOVATION, 2016, pp. 2338-2350.
[84]
P. Johnson et al., "pwnPr3d: an Attack Graph Driven Probabilistic Threat Modeling Approach," in Availability, Reliability and Security (ARES), 2016 11th International Conference on, 2016.
[85]
M. Välja et al., "A Requirements Based Approach for Automating Enterprise IT Architecture Modeling Using Multiple Data Sources," in 2015 IEEE 19th International Enterprise Distributed Object Computing Workshop (EDOCW), 2015, pp. 79-87.
[86]
E. Ericsson et al., "Developing a Design for Six Sigma Framework For the Analysis of Product Development Processes," in 2015 PORTLAND INTERNATIONAL CONFERENCE ON MANAGEMENT OF ENGINEERING AND TECHNOLOGY (PICMET'15), 2015, pp. 1549-1561.
[87]
W. Rocha Flores, E. Antonson and M. Ekstedt, "Exploring the link between behavioural information security governance and employee information security awareness," in Proceedings of the 9th International Symposium on Human Aspects of Information Security & Assurance, 2015.
[88]
P. Johnson and M. Ekstedt, "Exploring theory of cognition for general theory of software engineering : Predicting the effort of programming language comprehension," in Proceedings - 4th SEMAT Workshop on General Theory of Software Engineering, GTSE 2015, 2015, pp. 15-24.
[89]
W. Rocha Flores et al., "Investigating the correlation between intention and action in the context of social engineering in two different national cultures," in 2015 48th Hawaii International Conference on System Sciences, 2015, pp. 3508-3517.
[90]
M. Korman, R. Lagerström and M. Ekstedt, "Modeling Authorization in Enterprise-wide Contexts," in PoEM-SDC 2015: Short and Doctoral Consortium Papers at PoEM 2015 : Proceedings of Short and Doctoral Consortium Papers Presented at the 8th IFIP WG 8.1 Working Conference on the Practice of Enterprise Modelling (PoEM 2015) Valencia, Spain, November 10-12, 2015., 2015, pp. 81-90.
[91]
R. Lagerström, P. Johnson and M. Ekstedt, "Search-Based Design of Large Software Systems-of-Systems," in Proceedings - 3rd International Workshop on Software Engineering for Systems-of-Systems, SESoS 2015, 2015, pp. 44-47.
[92]
M. Ekstedt et al., "securiCAD by foreseeti : A CAD tool for enterprise cyber security management," in Proceedings of the 2015 IEEE 19th International Enterprise Distributed Object Computing Conference Workshops and Demonstrations, EDOCW 2015, 2015.
[93]
W. Rocha Flores et al., "An empirical investigation of the effect of target-related information in phishing attacks," in 2014 IEEE 18th International Enterprise Distributed Object Computing Conference Workshops and Demonstrations (EDOCW), 2014, pp. 357-363.
[94]
R. Lagerström and M. Ekstedt, "Extending a General Theory of Software to Engineering," in Proceedings of the 3rd SEMAT Workshop on General Theories of Software Engineering, 2014, pp. 36-39.
[95]
M. Korman et al., "Overview of Enterprise Information Needs in Information Security Risk Assessment," in Proceedings of the 18th IEEE International EDOC Conference (EDOC 2014), 2014.
[96]
M. Ekstedt, "An empirical approach to a general theory of software (engineering)," in 2013 2nd SEMAT Workshop on a General Theory of Software Engineering (GTSE), 2013, pp. 23-26.
[97]
M. Ekstedt et al., "Application of a cyber security assessment framework to smart grid architectures," in International Council on Large Electric Systems (Cigré) SC D2 2013 Colloquium; Mysore, Karnataka, India, 13-15 November, 2013, 2013.
[98]
M. B. O. Larsson, G. Björkman and M. Ekstedt, "Assessment of Social Impact Costs and Social Impact Magnitude from Breakdowns in Critical Infrastructures," in Critical Information Infrastructures Security : 7th International Workshop, CRITIS 2012, Lillehammer, Norway, September 17-18, 2012, Revised Selected Papers, 2013, pp. 240-251.
[99]
W. Rocha Flores and M. Ekstedt, "Countermeasures for Social Engineering-based Malware Installation Attacks," in CONF-IRM 2013 Proceedings, 2013.
[100]
H. Holm, T. Sommestad and M. Ekstedt, "CySeMoL : A tool for cyber security analysis of enterprises," in CIRED, 2013.
[101]
H. Holm, M. Ekstedt and T. Sommestad, "Effort estimates on web application vulnerability discovery," in Hawaii International Conference on System Sciences 46 (HICSS), January 7 - 10, 2013, Grand Wailea, Maui, Hawaii, 2013.
[102]
J. P. A. Almeida, M. Ekstedt and J. Lapalme, "Message from the TEAR 2013 workshop chairs," in 2013 17th IEEE International Enterprise Distributed Object Computing Conference Workshops (EDOCW), 2013, pp. 287-288.
[103]
W. Rocha Flores and M. Ekstedt, "A Model for Investigating Organizational Impact on Information Security Behavior," in Proceedings of the Seventh Pre-ICIS Workshop on Information Security and Privacy, Orlando, December 15, 2012., 2012.
[104]
M. Buschle et al., "A Tool for automatic Enterprise Architecture modeling," in IS Olympics : Information Systems in a Diverse World, 2012, pp. 1-15.
[105]
H. Holm and M. Ekstedt, "A metamodel for web application injection attacks and countermeasures," in Trends in Enterprise Architecture Research and Practice-Driven Research on Enterprise Transformation : 7th Workshop, TEAR 2012, and 5th Working Conference, PRET 2012, Held at The Open Group Conference 2012, Barcelona, Spain, October 23-24, 2012. Proceedings, 2012, pp. 198-217.
[106]
M. Buschle et al., "Automating enterprise architecture documentation using an enterprise service bus," in 18th Americas Conference on Information Systems 2012, AMCIS 2012 : Volume 6, 2012, 2012, pp. 4213-4226.
[107]
J. Zerbst et al., "Cyber attack modelling and security graded approach : Key elements when designing security architecture for Electric Power Utilities (EPUs)," in 44th International Conference on Large High Voltage Electric Systems 2012, 2012, pp. 1-8.
[108]
T. Sommestad, H. Holm and M. Ekstedt, "Effort estimates for vulnerability discovery projects," in Proceedings of the 45th Hawaii International Conference on System Sciences, 2012, pp. 5564-5573.
[109]
M. van Sinderen et al., "Preparing the Future Internet for ad-hoc business networks support," in Architecture Modeling for the Future Internet enabled Enterprise (AMFInE) workshop, 2012.
[110]
M. Buschle et al., "A tool for automatic enterprise architecture modeling," in Proceedings of the CAiSE Forum 2011, 2011, pp. 25-32.
[111]
J. König, L. Nordström and M. Ekstedt, "An Architecture-Based Framework for Reliability Analysis of ICT for Power Systems," in Power and Energy Society General Meeting, 2011 IEEE, 2011.
[112]
J. Saat et al., "Analysis of IT/Business Alignment Situations as a Precondition for the Design and Engineering of Situated IT/Business Alignment Solutions," in Proceedings of the Hawaii International Conference on System Sciences (HICSS-44), 2011, pp. 1-9.
[113]
W. Rocha Flores et al., "Assessing Future Value of Investments in Security-Related IT Governance Control Objectives : Surveying IT Professionals," in 2nd International Conference on Information Management and Evaluation, ICIME. Toronto, Canada. 27-28 April 2011, 2011.
[114]
R. Lagerström et al., "Enterprise architecture managements impact on information technology success," in Proceedings of the Hawaii International Conference on System Sciences (HICSS-44), 2011, pp. 1-10.
[115]
T. Sommestad, H. Holm and M. Ekstedt, "Estimates of Success Rates of Denial-of-Service Attacks," in 2011 IEEE 10th International Conference : Trust, Security and Privacy in Computing and Communications (TrustCom), 2011, pp. 21-28.
[116]
H. Holm et al., "Expert assessment on the probability of successful remote code execution attacks," in Proceedings of 8th International Workshop on Security in Information Systems - WOSIS 2011, 2011, pp. 49-58.
[117]
W. Rocha Flores and M. Ekstedt, "Information Security Governance Analysis using Probabilistic Relational Models," in Proceedings of the 8th International Workshop on Security in Information Systems, WOSIS 2011, in Conjunction with ICEIS 2011, 2011, pp. 142-150.
[118]
M. Ekstedt et al., "Modelling of cyber attacks for assessing smart grid security," in Cigre Study Committee D2 Colloquium. Buenos Aires, Argentina. 19th - 20th October 2011, 2011.
[119]
T. Sommestad, M. Ekstedt and L. Nordström, "A case study applying the cyber security modeling language," in 43rd International Conference on Large High Voltage Electric Systems 2010, CIGRE 2010, 2010.
[120]
F. Löf et al., "An Approach to Network Security Assessment based on Probalistic Relational Models," in First Workshop on Secure Control Systems (SCS-1), 2010.
[121]
J. Saat et al., "Enterprise Architecture Meta Models for IT/Business Alignment Situations," in 14th IEEE International Enterprise Distributed Object Computing Conference, EDOC 2010, 2010, pp. 14-23.
[122]
G. Björkman et al., "Information system architectures in electrical distribution utilities," in Proceedings of the 9th Nordic Electricity Distribution and Asset Management Conference, 2010.
[123]
J. König et al., "Mapping the Substation Configuration Language of IEC 61850 to ArchiMate," in Proceedings - IEEE International Enterprise Distributed Object Computing Workshop, EDOC, 2010, pp. 60-68.
[124]
J. König, L. Nordström and M. Ekstedt, "Probabilistic Relational Models for assessment of reliability of active distribution management systems," in 2010 IEEE 11th International Conference on Probabilistic Methods Applied to Power Systems, PMAPS 2010, 2010, pp. 454-459.
[125]
U. Franke et al., "Trends in Enterprise Architecture Practice : A Survey," in Lecture Notes in Business Information Processing, 2010, pp. 16-29.
[126]
P. Närman et al., "A Framework for Assessing the Cost of IT Investments," in PROCEEDINGS OF PICMET 09 : TECHNOLOGY MANAGEMENT IN THE AGE OF FUNDAMENTAL CHANGE, 2009, pp. 3070-3082.
[127]
U. Franke et al., "A Method for Choosing Software Assessment Measures using Bayesian Networks and Diagnosis : CSMR 2009, PROCEEDINGS," in 13TH EUROPEAN CONFERENCE ON SOFTWARE MAINTENANCE AND REENGINEERING: CSMR 2009, PROCEEDINGS, 2009, pp. 241-245.
[128]
M. Ekstedt et al., "A Tool for Enterprise Architecture Analysis of Maintainability : CSMR 2009, PROCEEDINGS," in EUR CON SFTWR MTNCE REENGR, 2009, pp. 327-328.
[129]
U. Franke et al., "A formal method for cost and accuracy trade-off analysis in software assessment measures," in RCIS 2009 : PROCEEDINGS OF THE IEEE INTERNATIONAL CONFERENCE ON RESEARCH CHALLENGES IN INFORMATION SCIENCE, 2009, pp. 295-302.
[130]
J. Raderius, P. Närman and M. Ekstedt, "Assessing System Availability Using an Enterprise Architecture Analysis Approach," in SERVICE-ORIENTED COMPUTING - ICSOC 2008 WORKSHOPS, 2009, pp. 351-362.
[131]
T. Sommestad, M. Ekstedt and P. Johnson, "Cyber Security Risks Assessment with Bayesian Defense Graphs and Architectural Models," in Proceedings of the 42nd Annual Hawaii International Conference on System Sciences, HICSS, 2009.
[132]
P. Närman et al., "Data Collection Prioritization for System Quality Analysis," in Electronic Notes in Theoretical Computer Science, 2009, pp. 29-42.
[133]
U. Franke et al., "EAF(2) - A Framework for Categorizing Enterprise Architecture Frameworks," in SNPD 2009 : 10TH ACIS INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, ARTIFICIAL INTELLIGENCES, NETWORKING AND PARALLEL DISTRIBUTED COMPUTING, PROCEEDINGS, 2009, pp. 327-332.
[134]
P. Närman et al., "Enterprise Architecture Analysis for Data Accuracy Assessments," in 2009 IEEE INTERNATIONAL ENTERPRISE DISTRIBUTED OBJECT COMPUTING CONFERENCE, 2009, pp. 24-33.
[135]
M. Ekstedt and T. Sommestad, "Enterprise Architecture Models for Cyber Security Analysis," in 2009 IEEE/PES POWER SYSTEMS CONFERENCE AND EXPOSITION, 2009, pp. 832-837.
[136]
R. Lagerström et al., "Enterprise Meta Modeling Methods - Combining a Stakeholder-Oriented and a Causality-Based Approach," in ENTERPRISE, BUSINESS-PROCESS AND INFORMATION SYSTEMS MODELING, 2009, pp. 381-393.
[137]
E. Johansson, T. Sommestad and M. Ekstedt, "Issues of Cyber Security In Scada-Systems-on the Importance of Awareness," in IET Conference Publications, 2009.
[138]
J. Ullberg, R. Lagerström and M. Ekstedt, "A Framework for interoperability analysis on the semantic web using architecture models," in Proceedings of the Workshop on Enterprise Interoperability (IWEI 2008), 2008, pp. 207-215.
[139]
D. Gunaratne et al., "A Framework to Evaluate a Functional Reference Model at a Nordic Distribution Utility," in NORDAC 2008, The 8th Nordic Electricity Distribution and Asset Management Conference. Bergen, Norway. 8-9 September 2008, 2008.
[140]
N. Vargas, L. Plazaola and M. Ekstedt, "A consolidated strategic business and IT alignment representation : A framework aggregated from literature," in 41st Annual Hawaii International Conference on System Sciences 2008, HICSS, 2008.
[141]
T. Sommestad, M. Ekstedt and P. Johnson, "Combining defense graphs and enterprise architecture models for security analysis," in Proceedings - 12th IEEE International Enterprise Distributed Object Computing Conference, EDOC 2008, 2008, pp. 349-355.
[142]
U. Franke et al., "Defense graphs and Enterprise Architecture for Information Assurance analysis," in Proceedings of the 26th Army Science Conference, 2008.
[143]
M. Simonsson, P. Johnson and M. Ekstedt, "IT Governance Decision Support using the IT Organization Modeling and Assessment Tool," in 2008 Portland International Center for Management of Engineering and Technology, Technology Management for a Sustainable Economy, PICMET '08, 2008, pp. 802-810.
[144]
M. Simonsson et al., "Modeling and Evaluating the Maturity of IT Governance," in Proceedings of the International Council on Large Electrical Systems, CIGRÉ, 2008, p. 8p.
[145]
E. Johansson, T. Sommestad and M. Ekstedt, "Security Isssues For SCADA Systems within Power Distribution," in Nordic Distribution and Asset Management Conference (NORDAC 2008), 2008.
[146]
L. Plazaola Prado et al., "Strategic Business and IT alignment assessment: a case study applying an enterprise Architectural-based metamodel," in Proceedings of the Annual Hawaii International Conference on System Sciences, 2008.
[147]
M. Simonsson, P. Johnson and M. Ekstedt, "The IT Organization Modeling and Assessment Tool for IT governance decision support," in ADVANCED INFORMATION SYSTEMS ENGINEERING, PROCEEDINGS, 2008, pp. 258-261.
[148]
P. Närman et al., "Using Enterprise Architecture Models for System Quality Analysis," in EDOC 2008: 12TH IEEE INTERNATIONAL ENTERPRISE DISTRIBUTED OBJECT COMPUTING, PROCEEDINGS, 2008, pp. 14-23.
[149]
L. Plazaola Prado et al., "An Approach to Associate Strategic Business-IT alignment Assessment to Enterprise Architecture," in Proceedings of the Fifth Conference on Systems Engineering 2007 (CSER2007) , 2007, pp. 1-10.
[150]
M. Gammelgård, M. Ekstedt and P. Närman, "Architecture scenario analysis - Estimating the credibility of the results," in 17th Annual International Symposium of the International Council on Systems Engineering, INCOSE 2007 - Systems Engineering : Key to Intelligent Enterprises, 2007, pp. 750-764.
[151]
M. Gammelgård, P. Närman and M. Ekstedt, "Evaluation of business value of IT-system scenarios : a case study at a large north European power company," in PICMET '07: PORTLAND INTERNATIONAL CENTER FOR MANAGEMENT OF ENGINEERING AND TECHNOLOGY, 2007.
[152]
P. Johnson and M. Ekstedt, "In Search of a Unified Theory of Software Engineering," in 2nd International Conference on Software Engineering Advances - ICSEA 2007, 2007, p. 4299884.
[153]
L. Plazaola Prado et al., "A Metamodel for Strategic Business and IT Alignment Assessment.," in Proceedings of the Fourth Conference on Systems Engineering 2006 (CSER2006), University of Southern California, USC, California, USA. April 2006., 2006.
[154]
M. Simonsson and M. Ekstedt, "Getting the Priorities Right : Literature vs Practice on IT Governance," in Technology Managment for the Global Future, 2006 : PICMET 2006, 2006, pp. 18-26.
[155]
E. J. Silva Molina, L. Plazaola and M. Ekstedt, "Strategic Business and IT Alignment : A Prioritized Theory Diagram," in In proceedings of Portland International Conference on Management of Engieering and Technology, 2006.
[156]
P. Närman et al., "Validation and refinement of an asset management subset of the IEC 61968 Interface Reference Model," in 2006 IEEE/PES Power Systems Conference and Exposition. Vols 1-5, 2006, pp. 915-922.
[157]
M. Ekstedt et al., "An Organization-Wide Approach For Assessing Strategic Business And IT Alignment," in Proceedings from the Portland International Conference on Management of Engineering and Technology, 2005.
[158]
M. Ekstedt et al., "Consistent enterprise software system architecture for the CIO : a utility-cost based approach," in Proceedings of the 37th Annual Hawaii International Conference on System Sciences, 2004, 2004.
[159]
P. Johnson et al., "Using Enterprise Architecture for CIO Decision-Making : On the Importance of Theory," in Proceedings of the Second Annual Conference on Systems Engineering Research, 2004.
[160]
M. Ekstedt et al., "Management of Enterprise Software System Architectures : Focusing on Information Economy and Model Consistency," in Proceedings of the 3rd Conference on Software Engineering Research and Practice in Sweden, 2003.
[161]
J. Lilliesköld and M. Ekstedt, "Managing Complex IT-Projects : A Need for a Tool Addressing Technical and Organizational Complexity," in 17th Nordic Conference on Business Studies (NFF), Reykjavik, Iceland, 2003., 2003.
[162]
M. Ekstedt et al., "The architectural information view for the power electricity industry," in Proceedings of the CIGRE SC D2´s Colloquium, 2003.
Non-peer reviewed
Conference papers
[163]
M. Ekstedt, P. Johnson and R. Lagerström, "Enterprise Architecture Modeling and Analysis of Quality Attributes : The Multi-Attribute Prediction Language (MAPL)," in Proceedings of the 1st Scandinavian Workshop on the Engineering of Systems-of-Systems (SWESoS 2015), 2015, pp. 10-12.
Books
[164]
[165]
P. Johnson and M. Ekstedt, Enterprise Architecture : Models and Analyses for Information Systems Decision Making. Studentlitteratur, 2007.
[166]
P. Johnson and M. Ekstedt, The grand unified theory of software engineering. Stockholm : Industriella informations- och styrsystem, KTH Royal Institute of Technology, 2006.
Chapters in books
[167]
P. Johnson, M. Ekstedt and J. Ullberg, "Assessing Goal Fulfillment," in Enterprise Architecture : Models and Analyses for Information Systems Decision Making, : Studentlitteratur, 2007, pp. 253-269.
[168]
P. Johnson, M. Ekstedt and E. Johansson, "Collecting evidence," in Enterprise Architecture : Models and Analyses for Information Systems Decision Making, : Studentlitteratur, 2007, pp. 213-252.
[169]
P. Johnson et al., "Enterprise Architecture at ACME Energy," in Enterprice Architecture : Models and Analyses for Information Systems Decision Making, : Studentlitteratur, 2007, pp. 293-306.
[170]
P. Johnson, M. Ekstedt and R. Lagerström, "Enterprise Information System Management," in Enterprise Architecture : Models and Analyses for Information Systems Decision Making, : Studentlitteratur, 2007, pp. 54-71.
[171]
P. Johnson et al., "Introduction," in Enterprise Architecture : Models and Analyses for Information Systems Decision Making, : Studentlitteratur, 2007, pp. 11--36.
[172]
P. Johnson et al., "Organizing for Enterprise Architcture," in Enterprise Architcture : Models and Analyses for Information Systems Decision Making, : Studentlitteratur, 2007, pp. 253-268.
[173]
P. Johnson et al., "Organizing for enterprise architecture," in Enterprise Architcture : Models and Analyses for Information Systems Decision Making, : Studentlitteratur, 2007, pp. 270-291.
[174]
P. Johnson et al., "Selecting Enterprise Architecture Models," in Enterprise Architecture : Models and Analyses for Information Systems Decision Making, : Studentlitteratur, 2007, pp. 213-239.
[175]
P. Johnson et al., "Setting the Business Goals," in Enterprise Architecture : Models and Analyses for Information Systems Decision Making, : Studentlitteratur, 2007, pp. 73-91.
[176]
P. Johnson et al., "Setting the IT Organization Goals," in Enterprise Architecture : Models and Analyses for Information Systems Decision Making, : Studentlitteratur, 2007, pp. 153-212.
[177]
M. Ekstedt et al., "Setting the Information Systems Goals," in Enterprise Architecture : Models and Analyses for Information Systems Decision Making, : Studentlitteratur, 2007, pp. 92-152.
[178]
P. Johnson, M. Ekstedt and R. Lagerström, "The Enterprise and Its Information Systems," in Enterprise Architecture : Models and Analyses for Information Systems Decision Making, : Studentlitteratur, 2007, pp. 37-52.
Theses
[179]
M. Ekstedt, "Enterprise architecture for IT management : a CIO decision making perspective on the electrical power industry," Doctoral thesis Stockholm : Elektrotekniska system, TRITA-ICS, 0402, 2004.
Reports
[180]
H. Holm et al., "A Manual for the Cyber Security Modeling Language," Stockholm : KTH Royal Institute of Technology, 2013.
[181]
W. Rocha Flores, M. Ekstedt and J. Lilliesköld, "Empirical Analysis of Factors Affecting the Achievement of Information Security Governance Outcomes," KTH Royal Institute of Technology, TRITA-EE, 2012:069, 2012.
[182]
T. Sommestad, H. Holm and M. Ekstedt, "Threats and vulnerabilities, final report," Stockholm, Sweden : The VIKING project, 2011.
[183]
H. Holm, T. Sommestad and M. Ekstedt, "Vulnerability assessment of SCADA systems," , Report of The VIKING project, D3:1, 2011.
[184]
P. Johnson and M. Ekstedt, "Predicting the effort of program language comprehension : The case of HLL vs. Assembly," KTH Royal Institute of Technology, 2005.
Conference Proceedings
[185]
"Trends in Enterprise Architecture Research and Practice-Driven Research on Enterprise Transformation : 7th Workshop, TEAR 2012, and 5th Working Conference, PRET 2012, Held at The Open Group Conference 2012, Barcelona, Spain, October 23-24, 2012. Proceedings," , Springer, Lecture Notes in Business Information Processing, 131, 2012.
Other
[186]
[187]
H. Holm, M. Korman and M. Ekstedt, "A Bayesian Model for Likelihood Estimations of Acquirement of Critical Software Vulnerabilities and Exploits," (Manuscript).
Latest sync with DiVA:
2024-11-20 00:09:45