Skip to content

Scientific publications

2024

  • Gencer Erdogan, Tesfaye Amare Zerihun, Iver Bakken Sperstad, Oddbjørn Gjerde. A Light-Weight Tool-Supported Method for Cyber-Risk Assessment in the Planning of Cyber-Physical Smart Grids. In Proc. 15th IEEE International Conference on Smart Grid Communications, Control, and Computing Technologies (SmartGridComm 2024), pages 314-320, IEEE, 2024.
  • Phu Nguyen, Arda Goknil, Gencer Erdogan, Shukun Tokas, Nicolas Ferry, Thanh Thao Thi Tran. Advances in Secure IoT Data Sharing. Foundations and Trends® in Privacy and Security, volume 7, number 1, pages 1-73, 2024.
  • Gencer Erdogan, Laura Carmichael, Steve Taylor, Simeon Tverdal, Andrea Neverdal Skytterholm. Dynamic Cyber Risk Assessment for Connected Medical Devices: the NEMECYS Approach. In Proc. 18th International Conference on Research Challenges in Information Science (RCIS 2024), pages 1-8, CEUR-WS, 2024. (pdf)

2023

  • Gencer Erdogan, Iver Bakken Sperstad, Michele Garau, Oddbjørn Gjerde, Inger Anne Tøndel, Shukun Tokas, Martin Gilje Jaatun. Adapting Cyber-Risk Assessment for the Planning of Cyber-Physical Smart Grids Based on Industrial Needs. In book titled Software Technologies. Communications in Computer and Information Science, vol 1859, pages 98-121. Springer, Cham, 2023. (pdf – ©2023 Springer)
  • Shukun Tokas, Gencer Erdogan. A Need for Privacy-Assistive Technology in Notice and Consent Paradigm in IoT. In book titled Digital Sovereignty in Cyber Security: New Challenges in Future Vision. Communications in Computer and Information Science, vol 1807, pages 35-49. Springer, Cham, 2023. (pdf – ©2023 Springer)
  • Brian Pickering, Stephen C. Phillips, Gencer Erdogan. I Just Want to Help: SMEs Engaging with Cybersecurity Technology. In Proc. HCI for Cybersecurity, Privacy and Trust (HCII’23). Lecture Notes in Computer Science, vol 14045, pages 338-352. Springer, Cham, 2023. (pdf – ©2023 Springer)
  • Gencer Erdogan, Ragnhild Halvorsrud, Costas Boletsis, Simeon Tverdal, John Brian Pickering. Cybersecurity Awareness and Capacities of SMEs. In Proc. 9th International Conference on Information Systems Security and Privacy (ICISSP’23), pages 296-304, SCITEPRESS, 2023. (pdf – ©2023 SCITEPRESS)
  • Shukun Tokas, Gencer Erdogan, Ketil Stølen. Privacy-Aware IoT: State-of-the- Art and Challenges. In Proc. 9th International Conference on Information Systems Security and Privacy (ICISSP’23), pages 450-461, SCITEPRESS, 2023. (pdf – ©2023 SCITEPRESS)
  • Thanh Thao Thi Tran, Phu Nguyen, Gencer Erdogan. A Systematic Review of Secure IoT Data Sharing. In Proc. 9th International Conference on Information Systems Security and Privacy (ICISSP’23), pages 95-105, SCITEPRESS, 2023. (pdf – ©2023 SCITEPRESS)

2022

  • Gencer Erdogan, Inger Anne Tøndel, Shukun Tokas, Michele Garau, Martin Gilje Jaatun. Needs and Challenges Concerning Cyber-Risk Assessment in the Cyber-Physical Smart Grid. In Proc. 17th International Conference on Software Technologies (ICSOFT’22), pages 21-32, SCITEPRESS, 2022. (pdf – ©2022 SCITEPRESS)
  • Stephen C. Phillips, Nicholas Fair, Gencer Erdogan, Simeon Tverdal. Information Security and Risk Management: Trustworthiness and Human Interaction. In Proc. 16th International Conference on Research Challenges in Information Science (RCIS’22), LNBIP 446, pages 821-822, Springer, 2022. (pdf – ©2022 Springer, pdf – tutorial presentation)

2021

  • Per Håkon Meland, Shukun Tokas, Gencer Erdogan, Karin Bernsmed, Aida Omerovic. A Systematic Mapping Study on Cyber Security Indicator Data. Electronics, volume 10, number 9, article-number 1092, pages 1-26, 2021. (pdf)
  • Gencer Erdogan, Enrique Garcia-Ceja, Åsmund Hugo, Phu H. Nguyen, Sagar Sen. A Systematic Mapping Study on Approaches for Al-Supported Security Risk Assessment. In Proc. 45th Annual Computers, Software, and Applications Conference (COMPSAC’21), pages 755-760, IEEE, 2021. (pdf – ©2021 IEEE)
  • Gencer Erdogan, Antonio Álvarez Romero, Niccolò Zazzeri, Anže Žitnik, Mariano Basile, Giorgio Aprile, Mafalda Osório, Claudia Pani, Ioannis Kechaoglou. Developing Cyber-risk Centric Courses and Training Material for Cyber Ranges: A Systematic Approach. In Proc. 7th International Conference on Information Systems Security and Privacy (ICISSP’21), pages 702-713, SCITEPRESS, 2021. (pdf – ©2021 SCITEPRESS)

2020

  • Gencer Erdogan, Åsmund Hugo, Antonio Álvarez Romero, Dario Varano, Niccolò Zazzeri, Anže Žitnik. An Approach to Train and Evaluate the Cybersecurity Skills of Participants in Cyber Ranges based on Cyber-Risk Models. In Proc. 15th International Conference on Software Technologies (ICSOFT’20), pages 509-520, SCITEPRESS, 2020. (pdf – ©2020 SCITEPRESS)
  • Andreas Thompson, Gencer Erdogan. Tool Support for Risk-driven Planning of Trustworthy Smart IoT Systems within DevOps. In Proc. 6th International Conference on Information Systems Security and Privacy (ICISSP’20), pages 742-753, SCITEPRESS, 2020. (pdf – ©2020 SCITEPRESS)

2019

  • Gencer Erdogan, Phu H. Nguyen, Fredrik Seehusen, Ketil Stølen, Jon Hofstad, Jan Øyvind Aagedal. An evaluation of a test-driven security risk analysis approach based on two industrial case studies. In book titled Exploring Security in Software Architecture and Design, pages 69-103, IGI Global, 2019. (pdf – preprint)
  • Phu H. Nguyen, Nicolas Ferry, Gencer Erdogan, Hui Song, Stéphane Lavirotte, Jean-Yves Tigli, Arnor Solberg. Advances in Deployment and Orchestration Approaches for IoT – A Systematic Review. In Proc. International Congress on Internet of Things (ICIOT’19), pages 53-60, IEEE, 2019. (pdf – preprint)
  • Phu H. Nguyen, Nicolas Ferry, Gencer Erdogan, Hui Song, Stéphane Lavirotte, Jean-Yves Tigli, Arnor Solberg. A Systematic Mapping Study of Deployment and Orchestration Approaches for IoT. In Proc. 4th International Conference on Internet of Things, Big Data and Security (IoTBDS’19), pages 69-82, SCITEPRESS, 2019. (pdf – ©2019 SCITEPRESS)
  • Phu H. Nguyen, Nicolas Ferry, Gencer Erdogan, Hui Song, Stéphane Lavirotte, Jean-Yves Tigli, Arnor Solberg. The preliminary results of a mapping study of deployment and orchestration for IoT. In Proc. 34th ACM/SIGAPP Symposium on Applied Computing (SAC’19), pages 2040–2043, ACM, 2019. (pdf)
  • Aida Omerovic, Hanne Vefsnmo, Gencer Erdogan, Oddbjørn Gjerde, Eivind Gramme, Stig Simonsen. A Feasibility Study of a Method for Identification and Modelling of Cybersecurity Risks in the Context of Smart Power Grids. In Proc. 4th International Conference on Complexity, Future Information Systems and Risk (COMPLEXIS’19), pages 39-51, SCITEPRESS, 2019. (pdf – ©2019 SCITEPRESS)
  • Vetle Volden-Freberg, Gencer Erdogan. An Empirical Study on the Comprehensibility of Graphical Security Risk Models Based on Sequence Diagrams. In Proc. 13th International Conference on Risks and Security of Internet and Systems (CRiSIS’18), LNCS 11391, pages 1-17, Springer, 2019. (pdf – preprint)

2018

  • Gencer Erdogan, Alte Refsdal, Bjørn Nygård, Ole Petter Rosland, Bernt Kvam Randeberg. Risk-Based Decision Support Model for Offshore Installations. In Business Systems Research: International journal of the Society for Advancing Innovation and Research in Economy, volume 9, issue 2, pages 55-68, 2018. (pdf)
  • Gencer Erdogan, Atle Refsdal. A Method for Developing Qualitative Security Risk Assessment Algorithms. In Proc. 12th International Conference on Risks and Security of Internet and Systems (CRiSIS’17), LNCS 10694, pages 244-259, Springer, 2018. (pdf – preprint)

2017

  • Aleš Černivec, Gencer Erdogan, Alejandra Gonzalez, Atle Refsdal, Antonio Álvarez Romero. Employing Graphical Risk Models to Facilitate Cyber-Risk Monitoring – the WISER Approach. In Proc. 4th International Workshop on Graphical Models for Security (GraMSec’17), LNCS 10744, pages 127-146, Springer, 2017. (pdf – preprint)
  • Gencer Erdogan, Alejandra Gonzalez, Atle Refsdal, Fredrik Seehusen. A Method for Developing Algorithms for Assessing Cyber-Risk Cost. In Proc. International Conference on Software Quality, Reliability and Security (QRS’17), pages 192-199, IEEE, 2017. (pdf – preprint)
  • Gencer Erdogan, Atle Refsdal, Bjørn Nygård, Bernt Kvam Randeberg, Ole Petter Rosland. Experiences from Developing an Algorithm to Support Risk-Based Decisions for Offshore Installations. In Proc. 14th International Symposium on Operational Research (SOR’17), pages 167-173, 2017. (pdf)
  • Gencer Erdogan, Aida Omerovic, Marit K. Natvig, Isabelle C. R. Tardy. Towards Transparent Real-Time Privacy Risk Assessment of Intelligent Transport Systems. In Proc. 4th Workshop on Risk Assessment and Risk-Driven Quality Assurance (RISK’16), LNCS 10224, pages 11-18, Springer, 2017. (pdf – preprint)
  • Gencer Erdogan, Ketil Stølen. Design decisions in the development of a graphical language for risk-driven security testing. In Proc. 4th Workshop on Risk Assessment and Risk-Driven Quality Assurance (RISK’16), LNCS 10224, pages 99-114, Springer, 2017. (pdf – ©2017 Springer)

2016

  • Gencer Erdogan, Ketil Stølen, Jan Øyvind Aagedal. Evaluation of the CORAL approach for risk-driven security testing based on an industrial case study. In Proc. 2nd International Conference on Information Systems Security and Privacy (ICISSP’16), pages 219-226, SCITEPRESS, 2016. (pdf – ©2016 SCITEPRESS)

2015

  • Gencer Erdogan, Fredrik Seehusen, Ketil Stølen, Jon Hofstad, Jan Øyvind Aagedal. Assessing the usefulness of testing for validating and correcting security risk models based on two industrial case studies. In International Journal of Secure Software Engineering, volume 6, pages 90-112, 2015. (pdf – preprint)

2014

  • Gencer Erdogan, Yan Li, Ragnhild Kobro Runde, Fredrik Seehusen, Ketil Stølen. Approaches for the combined use of risk analysis and testing: A systematic literature review. In International Journal on Software Tools for Technology Transfer, volume 16, pages 627-642, 2014. (pdf – ©2014 Springer)
  • Gencer Erdogan, Atle Refsdal, Ketil Stølen. Schematic generation of English-prose semantics for a risk analysis language based on UML interactions. In Proc. 2nd International Workshop on Risk Assessment and Risk-driven Testing (RISK’14), pages 205-310, IEEE, 2014. (pdf – ©2014 IEEE)
  • Gencer Erdogan, Atle Refsdal, Ketil Stølen. A systematic method for risk-driven test case design using annotated sequence diagrams. In Proc. 1st International Workshop on Risk Assessment and Risk-driven Testing (RISK’13), LNCS 8418, pages 93-108, Springer, 2014. (pdf – ©2014 Springer)

2012

  • Gencer Erdogan, Ketil Stølen. Risk-driven Security Testing versus Test-driven Security Risk Analysis. In Proc. 1st Doctoral Symposium on Engineering Secure Software and Systems, in conjunction with the International Symposium on Engineering Secure Software and Systems (ESSoS’12), pages 5-10, 2012. (pdf)
  • Gencer Erdogan, Fredrik Seehusen, Ketil Stølen, Jan Øyvind Aagedal. Assessing the Usefulness of Testing for Validating the Correctness of Security Risk Models Based on an Industrial Case Study. In Proc. International Workshop on Quantitative Aspects in Security Assurance (QASA’12), pages 1-12, 2012. (pdf)

2010

  • Gencer Erdogan, Per Håkon Meland, Derek Mathieson. Security Testing in Agile Web Application Development – A Case Study Using the EAST Methodology. In Proc. 11th International Conference on Agile Software Development (XP’10), LNBIP 48, pages 14-27, Springer, 2010. (pdf – ©2010 Springer)
  • Egil Trygve Baadshaug, Gencer Erdogan, Per Håkon Meland. Security Modeling and Tool Support Advantages. In Proc. 5th International Conference on Availability, Reliability and Security (ARES’10), pages 537-542, 2010. (pdf – ©2010 IEEE)