****************************************************************** GraMSec 2017 The Fourth International Workshop on Graphical Models for Security Co-located with CSF 2017

Santa Barbara, CA, USA - August 21, 2017 http://gramsec.uni.lu/ ****************************************************************** GraMSec REGISTRATION IS NOW OPEN

To register please follow the instructions given at http://www.gramsec.uni.lu/registration.php

If you need a visa support letter, please check http://csf2017.tecnico.ulisboa.pt/visa.html

ABOUT GraMSec

Graphical security models provide an intuitive but systematic methodology to analyze security weaknesses of systems and to evaluate potential protection measures. Such models have been subject of academic research and they have also been widely accepted by the industrial sector, as a means to support and facilitate threat analysis and risk assessment processes. The objective of GraMSec is to contribute to the development of well-founded graphical security models, efficient algorithms for their analysis, as well as methodologies and tools for their practical usage.

INVITED TALK

Anoop Singhal, NIST Security Metrics and Risk Analysis for Enterprise Systems

ACCEPTED REGULAR PAPERS

* Karin Bernsmed, Christian Frøystad, Per Håkon Meland, Dag Atle Nesheim, and Ørnulf Jan Rødseth Visualizing Cyber Security Risks with Bow-Tie Diagrams * Angèle Bossuat and Barbara Kordy Evil Twins: Handling Repetitions in Attack–Defense Trees - A Survival Guide

* Aitor Couce-Vieira, Siv Hilde Houmb, and David Ríos-Insua CSIRA: A Method for Analysing the Risk of Cybersecurity Incidents

* Peter Gjøl Jensen, Axel Legay, Kim Guldstrand Larsen, and Danny Bøgsted Poulsen Quantitative Evaluation of Attack Defense Trees using Stochastic Timed Automata

* Dan Ionita, Margaret Ford, Alexandr Vasenev, and Roel Wieringa Graphical Modeling of Security Arguments: Current State and Future Directions

ACCEPTED SHORT PAPERS

* Olga Gadyatskaya and Rolando Trujillo-Rasua New Directions in Attack Tree Research: Catching up with Industrial Needs

* Ryan Habibi, Jens Weber, and Morgan Price Circle of Health Based Access Control for Personal Health Information Systems

* Letitia Li, Florian Lugou, and Ludovic Apvrille Security Modeling for Embedded System Design

* Brian Ruttenberg, Dave Blumstein, Jeff Druce, Michael Howard, Fred Reed, Leslie Wilfong, Crystal Lister, Steve Gaskin, Meaghan Foley, and Dan Scofield Probabilistic Modeling of Insider Threat Detection Systems

GENERAL CHAIR Sjouke Mauw, University of Luxembourg, Luxembourg

PROGRAM COMMITTEE CO-CHAIRS Ketil Stølen, SINTEF Digital and University of Oslo, Norway Peng Liu, Pennsylvania State University, USA

CONTACT For inquiries please send an e-mail to gramsec17@easychair.org