Technical reports authored/co-authored by Ketil Stølen
2016
-
Erik Gøsta Nilsson, Ketil Stølen. The FLUIDE specification languages with an accompanying method. SINTEF A27972, SINTEF ICT, December 2016.
(pdf)
-
Erik Gøsta Nilsson, Ketil Stølen. The FLUIDE framework for specifying emergency response user interfaces employed to a search and rescue case. SINTEF A27575, SINTEF ICT, December 2016.
(pdf)
-
Erik Gøsta Nilsson, Ketil Stølen. A case-based assessment of the FLUIDE framework for specifying emergency response user interfaces. SINTEF A26920, SINTEF ICT, December 2016.
(pdf)
2015
-
Gencer Erdogan, Ketil Stølen, Jan øyvind Aagedal. Evaluation of the CORAL approach for risk-driven security testing based on an industrial case study. Technical Report SINTEF A27097, SINTEF ICT, July 2015. (pdf)
2014
-
Gencer Erdogan, Atle Refsdal, Ketil Stølen. Schematic generation of English-prose semantics for a risk analysis language based on UML interactions.
SINTEF A26407, SINTEF ICT, October 2014. (pdf)
-
Gencer Erdogan, Fredrik Seehusen, Ketil Stølen, Jan øyvind Aagedal. Assessing the usefulness of testing for validating the correctness of security risk models based on an industrial case study.
SINTEF A26187, SINTEF ICT, June 2014. (pdf)
-
Andre Alexandersen Hauge, Ketil Stølen. A pattern-based method for safe control conceptualisation exemplified within railway signalling. HWR-1037, Institute for Energy Technology, June 2014.
-
Andre Alexandersen Hauge, Ketil Stølen. A pattern-based method for safe control conceptualisation exemplified within nuclear power production. HWR-1029, Institute for Energy Technology, June 2014.
-
Gencer Erdogan, Atle Refsdal, Ketil Stølen. A systematic method for risk-driven test case design using annotated sequence diagrams.
SINTEF A26036, SINTEF ICT, March 2014. (pdf)
2013
-
Kristian Beckers, Maritta Heisel, Bjørnar Solhaug, Ketil Stølen. ISMS-CORAS: A structured method for establishing an ISO 27001 compliant information security management system.
SINTEF A25626, SINTEF ICT, December 2013. (pdf)
- Andre Alexandersen Hauge, Ketil Stølen. Syntax & semantics of the SACS pattern language.
HWR-1052, Institute for Energy Technology, November 2013.
-
Le Minh Sang Tran, Bjørnar Solhaug, Ketil Stølen. An approach to select cost-effective risk countermeasures exemplified in CORAS. SINTEF A24343, SINTEF ICT, July 2013. (pdf)
2012
-
Olav Skjelkvåle Ligaarden, Atle Refsdal, Ketil Stølen. ValidKI: A method for designing indicators to monitor the fulfillment of business objectives with particular focus on quality and ICT-supported monitoring of indicators. SINTEF A23413, SINTEF ICT, October 2012.
(pdf)
-
Olav Skjelkvåle Ligaarden, Atle Refsdal, Ketil Stølen. Using indicators to monitor risk in interconnected systems: How to capture and measure the impact of service dependencies on the quality of provided services. SINTEF A22301, SINTEF ICT, October 2012.
(pdf)
-
Gencer Erdogan, Yan Li, Ragnhild Kobro Runde, Fredrik Seehusen, Ketil Stølen. Conceptual framework for the DIAMONDS
project. SINTEF A22798, SINTEF ICT, June 2012.
(pdf)
-
Tormod Vaksvik Håvaldsrud, Birger Møller-Pedersen, Bjørnar Solhaug, Ketil Stølen. DeSPoT: A method for the development and specification of policies for trust negotiation. SINTEF A20174, SINTEF ICT, January 2012.
(pdf)
-
Olav Skjelkvåle Ligaarden, Atle Refsdal, Ketil Stølen. Experiences from using indicators to validate expert judgments in security risk analysis. SINTEF A21560, SINTEF ICT, January 2012.
(pdf)
2011
-
Erik Gøsta Nilsson, Ketil Stølen. Generic functionality in user interfaces for emergency response. SINTEF A20726, SINTEF ICT, December 2011.
(pdf)
-
Andre Alexandersen Hauge, Ketil Stølen. Patterns for handling safety critical adaptive software.
HWR-1004, Institute for Energy Technology, September 2011.
-
Ragnhild Kobro Runde, Atle Refsdal, Ketil Stølen. Stepwise refinement of sequence diagrams with soft real-time requirements.
SINTEF A19749, SINTEF ICT, September 2011.
(pdf)
-
Aida Omerovic, Ketil Stølen. Traceability handling in model-based prediction of system quality.
SINTEF A19348, SINTEF ICT, July 2011.
(pdf)
-
Ragnhild Kobro Runde, Atle Refsdal, Ketil Stølen. Relating computer systems to Sequence Diagrams -
The impact of underspecification and inherent nondeterminism. Research report 410, Department of
Informatics, University of Oslo, May 2011.
(pdf)
-
Tormod Håvaldsrud, Bjørnar Solhaug, Ketil Stølen. Evalutation of a method for
the analysis and development of policies for trust negotiation. SINTEF A18834,
SINTEF ICT, March 2011.
(pdf)
-
Gyrd Brændeland, Atle Refsdal, Ketil Stølen. A denotational model for
component-based risk-analysis. Research report 363, Department of Informatics, University of Oslo, February 2011.
(pdf)
-
Aida Omerovic, Bjørnar Solhaug, Ketil Stølen. Evaluation of experiences from applying the PREDIQT
method in an industrial case study. SINTEF A17562, SINTEF ICT, January 2011.
(pdf)
2010
-
Gyrd Brændeland, Ketil Stølen. Using model-driven risk analysis in component-based development.
Research report 342, Department of Informatics, University of Oslo, December 2010.
(pdf)
-
Aida Omerovic, Anette Andresen, Håvard Grindheim, Per Myrseth, Atle Refsdal, Ketil Stølen,
Jon ølnes. A feasibility study in model-based prediction of changes on system quality. SINTEF A13339,
SINTEF ICT, January 2010.
(pdf)
2009
-
Bjørnar Solhaug, Ketil Stølen. Preservation of policy adherence under refinement.
SINTEF A11358, SINTEF ICT, May 2009.
(pdf)
-
Bjørnar Solhaug, Ketil Stølen. Compositional refinement of policies in UML Exemplified for access control.
SINTEF A11359, SINTEF ICT, March 2009.
(pdf)
-
Fredrik Seehusen, Ketil Stølen. A method for model-driven information flow security.
SINTEF A11357, SINTEF ICT, March 2009.
(pdf)
-
Fredrik Seehusen, Mass Soldal Lund, Ketil Stølen. A transformational approach to facilitate monitoring
of high level policies. SINTEF A11356, SINTEF ICT, March 2009.
(pdf)
2008
-
Gyrd Brændeland, Heidi E. I. Dahl, Ketil Stølen. A modular approach to the modelling and analysis
of risk scenarios with mutual dependencies. SINTEF A8360, SINTEF ICT, November 2008.
(pdf)
2007
-
Mass Soldal Lund, Ketil Stølen. A fully general operational semantics for UML sequence diagrams with
potential and mandatory choice. Research report 330, Department of Informatics, University of Oslo, 2007.
(pdf)
-
Atle Refsdal, Ragnhild Kobro Runde, Ketil Stølen. Relating computer systems to sequence diagrams with
underspecification, inherent nondeterminism and probabilistic choice. Part 2. Research report 347,
Department of Informatics, University of Oslo, December 2007.
(pdf)
-
Heidi E. I. Dahl and Ida Hogganvik and Ketil Stølen. Structured semantics for the CORAS security
risk modelling language. SINTEF A970, SINTEF ICT, September 2007.
(pdf)
-
Ida Hogganvik, Mass Soldal Lund, Ketil Stølen. Quality evaluation of the CORAS UML profile.
SINTEF A2199, SINTEF ICT, September 2007.
(pdf)
-
Bjørnar Solhaug, Dag Elgesem, Ketil Stølen. Specifying policies using UML sequence diagrams
An evaluation based on a case study. SINTEF A1230, SINTEF ICT, May 2007.
(pdf)
-
Atle Refsdal, Knut Eilif Husa, Ketil Stølen. Specification and refinement of soft real-time requirements
using sequence diagrams. Research report 323, Department of Informatics, University of Oslo, April 2007.
(pdf)
-
Ida Solheim, Ketil Stølen. Teknologiforskning hva er det? STF90 A06035, SINTEF ICT, March 2007.
(pdf)
-
Ida Solheim, Ketil Stølen. Technology research explained. SINTEF A313, SINTEF ICT, March 2007.
(pdf)
-
Tom Lysemose, Tobias Mahler, Bjørnar Solhaug, Jon Bing, Dag Elgesem, Ketil Stølen.
ENFORCE conceptual framework. SINTEF A1209, SINTEF ICT, March 2007.
(pdf)
-
Ida Hogganvik, Ketil Stølen. Investigating preferences in graphical risk modeling.
SINTEF A57, SINTEF ICT, January 2007.
(pdf)
-
Ragnhild Kobro Runde, øystein Haugen, and Ketil Stølen. Refining UML interactions with
underspecification and nondeterminism. Research report 325, Deparment of Informatics, University of Oslo, January 2007.
(pdf)
-
Ragnhild Kobro Runde, Atle Refsdal, Ketil Stølen. Relating computer systems to sequence diagrams
with underspecification, inherent nondeterminism and probabilistic choice. Part 1. Research report 346,
Department of Informatics, University of Oslo, January 2007.
(pdf)
2006
-
øystein Haugen, Knut Eilif Husa, Ragnhild Kobro Runde, Ketil Stølen. Why timed sequence diagrams
require three-event semantics. Research report 309, Department of Informatics, University of Oslo, December 2006.
(pdf)
-
Gyrd Brændeland, Ketil Stølen. A semantic paradigm for component-based specification integrating a notion of
security risk. Research report 341, Department of Informatics, University of Oslo, October 2006.
(pdf)
-
Ida Hogganvik, Ketil Stølen. Risk analysis terminology for IT systems: Does it match intuition?
STF90 A06034, SINTEF ICT, September 2006.
(pdf)
-
Atle Refsdal, Ragnhild Kobro Runde, Ketil Stølen. Underspecification, inherent nondeterminism and
probability in sequence diagrams. Research report 335, Department of Informatics, University of Oslo, September 2006.
(pdf)
-
Fredrik Seehusen, Ketil Stølen. Maintaining information flow security under refinement and transformation.
SINTEF A311, SINTEF ICT, September 2006.
(pdf)
-
Fredrik Seehusen, Ketil Stølen. Information flow property preserving transformation of UML interaction diagrams.
STF90 A06030, SINTEF ICT, July 2006.
(pdf)
2005
-
Ragnhild Kobro Runde, øystein Haugen, Ketil Stølen, How to transform UML neg into a useful construct.
Research report 326, Department of Informatics, University of Oslo, November 2005.
(pdf)
-
Ida Hogganvik, Ketil Stølen. Empirical investigations of the CORAS language for structured
brainstorming. STF90 A05041, SINTEF ICT, January 2005.
(pdf)
2004
-
Folker den Braber, Mass Soldal Lund, Ketil Stølen. Using the CORAS threat modelling language to document
threat scenarios for several Microsoft relevant technologies. STF90 A04057, SINTEF ICT, July 2004.
(pdf)
-
Fredrik Seehusen, Ketil Stølen. Graphical specification of dynamic network structure.
STF90 A04042, SINTEF ICT, June 2004.
(pdf)
-
Mass Soldal Lund, Folker den Braber, Ketil Stølen, Fredrik Vraalsen. A UML profile for the identification
and analysis of security risks during structured brainstorming. STF40 A03067, SINTEF ICT, May 2004.
(pdf)
-
Ida Hogganvik, Ketil Stølen. A conceptual specification for architectural descriptions in risk
analysis with basis in IEEE Std 1471. STF90 A04036, SINTEF ICT, April 2004.
(pdf)
-
Fredrik Vraalsen, Folker den Braber, Ida Hogganvik, Mass Soldal Lund, Ketil Stølen. The CORAS tool-supported
methodology for UML-based security analysis. STF90 A04015, SINTEF ICT, February 2004.
(pdf)
2003
-
Mass Soldal Lund, Ida Hogganvik, Fredrik Seehusen, Ketil Stølen. UML profile for security assesssment.
STF40 A03066, SINTEF Telecom and Informatics, December 2003.
(pdf)
-
Folker den Braber, Chingwoei Gan, Mass Soldal Lund, Fredrik Seehusen, Ketil Stølen, Fredrik Vraalsen.
An experience repository supporting security risk analysis. STF40 A03062, SINTEF Telecom and Informatics, November 2003.
(pdf)
-
øystein Haugen, Ketil Stølen. STAIRS Steps to analyze interactions with refinement semantics. Research report 306,
Department of Informatics, University of Oslo, June 2003.
(pdf)
-
Ragnhild Kobro Runde, Ketil Stølen. What is model driven architecture? Research report 304, Department of Informatics,
University of Oslo, March 2003.
(pdf)
1999
-
Ketil Stølen, Peter Mohn, Håkon Sandmark, Harald Thunem. Experiences from the development of the
FAME communication manager using the CASE-tool SDT. HWR-570, Institute for Energy Technology, May 1999.
-
Harald Thunem, Peter Mohn, Håkon Sandmark, Ketil Stølen. Experiences from the formal specification of the
Integration Platform and the synthesis of SDT with the Software Bus. HWR-569, Institute for Energy Technology, April 1999.
-
Bjørn Axel Gran, Terje Sivertsen, Ketil Stølen, Harald Thunem, Wenhui Zhang. The Halden Reactor Project
workshop on improved system development using CASE tools based on formal methods. HWR-568, Institute for Energy Technology, February 1999.
1998
-
Ketil Stølen, Tore Willy Karlsen, Peter Mohn, Håkon Sandmark. Using CASE-tools based on formal methods
in real-life system development of distributed systems. HWR-522, Institute for Energy Technology, March 1998.
-
Ketil Stølen. Formal specification of open distributed systems overview and evaluation of existing methods.
HWR-523, Institute for Energy Technology, February 1998.
1997
-
Radu Grosu, Ketil Stølen. Compositional specification of mobile systems. TUM-I9748, Munich
University of Technology, November 1997.
(pdf)
-
Radu Grosu, Ketil Stølen, Manfred Broy. A denotational model for mobile point-to-point dataflow
networks with channel sharing. TUM-I9724, Munich University of Technology, May 1997.
(pdf)
1996
-
Radu Grosu, Ketil Stølen. A denotational model for mobile many-to-many dataflow networks. TUM-I9622,
Munich University of Technology, May 1996.
(pdf)
1995
-
Ketil Stølen. Refinement principles supporting the transition from asynchronous to synchronous
communication. TUM-I9537, Munich University of Technology, November 1995.
(pdf)
-
Radu Grosu, Ketil Stølen. A denotational model for mobile point-to-point dataflow networks.
TUM-I9527, Munich University of Technology, October 1995.
(pdf)
-
Ketil Stølen, Max Fuchs. A formal method for hardware/software co-design.
TUM-I9517, Munich University of Technology, May 1995.
(pdf)
-
Ketil Stølen. Assumption/commitment rules for data-flow networks with an emphasis on
completeness. TUM-I9516, Munich University of Technology, May 1995.
(pdf)
1994
-
Ketil Stølen. A refinement relation supporting the transition from unbounded to bounded
communication buffers. TUM-I9435, Munich University of Technology, November 1994.
(pdf)
-
Manfred Broy, Max Fuchs, Thomas F. Gritzner, Bernhard Sch tz, Katharina Spies, Ketil Stølen.
Summary of case studies in Focus a design method for distributed systems. TUM-I9423, Munich University
of Technology, June 1994.
(pdf)
-
Eckhardt Holz, Ketil Stølen. An attempt to embed a restricted version of SDL as a target
language in Focus. TUM-I9418, Munich University of Technology, May 1994.
(pdf)
-
Manfred Broy, Ketil Stølen. Specification and refinement of finite dataflow networks
A relational approach. TUM-I9412, Munich University of Technology, March 1994.
(pdf)
1993
-
Max Fuchs, Ketil Stølen. Using the Focus framework for the design of a min/max component
in SDL. TUM-I9338, Munich University of Technology, December 1993.
(pdf)
-
Manfred Broy, Christian Facchi, Radu Grosu, Rudi Hettler, Heinrich Hussmann, Dieter
Nazareth, Franz Regensburger, Oscar Slotosch, Ketil Stølen. The requirement and design specification language
SPECTRUM, an informal introduction. Version 1.0, PART 1-2. TUM-I9311 and TUM-I9312,
Munich University of Technology, May 1993.
(pdf)
-
Ketil Stølen, Frank Dederichs, Rainer Weber. Assumption/commitment rules for networks of asynchronously
communicating agents. TUM-I9303, Munich University of Technology, February 1993.
(pdf)
1992
-
Manfred Broy, Christian Facchi, Radu Grosu, Rudi Hettler, Heinrich Hussmann,
Dieter Nazareth, Franz Regensburger, Ketil Stølen. The requirement and design specification language
SPECTRUM, an informal introduction, Version 0.3. TUM-I9140, Munich University of Technology, October 1992.
1991
-
Ketil Stølen. An attempt to reason about shared-state concurrency in the style of VDM.
UMCS-91-7-1, Manchester University, July 1991.
(pdf)
-
Ketil Stølen. A method for the development of totally correct shared-state parallel programs.
UMCS-91-6-1, Manchester University, June 1991.
(pdf)
-
Ketil Stølen. Development of parallel programs on shared data-structures.
UMCS-91-1-1, Manchester University, January 1991.
(pdf)
Created: January 1, 1999. Last updated: June 12, 2024.