Journal Articles

  1. Quentin Rouland, Brahim Hamid, and Jason Jaskolka. A model-driven formal methods approach to software architectural security vulnerabilities specification and verification. Journal of Systems & Software, 219:112219, January 2025.
  2. Jason Jaskolka, Brahim Hamid, and Sahar Kokaly. Software design trends supporting multi-concern assurance. IEEE Software, 39(4):22–26, July/August 2022.
  3. Quentin Rouland, Brahim Hamid, and Jason Jaskolka. Specification, detection, and treatment of STRIDE threats for software components: Modeling, formal methods, and tool support. Journal of Systems Architecture, 117:102073, August 2021.
  4. Quentin Rouland, Brahim Hamid, and Jason Jaskolka. Formal specification and verification of reusable communication models for distributed systems architecture. Future Generation Computer Systems, 108:178-197, July 2020.
  5. Maxime Buyse and Jason Jaskolka. Communicating concurrent Kleene algebra for distributed systems specification. Archive of Formal Proofs, p. 22, August 2019.
  6. Jason Jaskolka and John Villasenor. An approach for identifying and analyzing implicit interactions in distributed systems. IEEE Transactions on Reliability, 66(2):529-546, June 2017.
  7. Jason Jaskolka and Ridha Khedri. Mitigating covert channels based on analysis of the potential for communicationTheoretical Computer Science, 643:1–37, August 2016.

Conference Papers

  1. Alvi Jawad, Hala Assal, and Jason Jaskolka. “I’m getting information that I can act on now”: Exploring the level of actionable information in tool-generated threat reports. In Proceedings of the 2024 European Symposium on Usable SecurityEuroUSEC 2024, pages 172-186, Karlstad, Sweden, 2024.
  2. Dylan Léveillé and Jason Jaskolka. A game-theoretic approach for security control selection. In Antonios Achilleos and Andrian Francalanza, editors, Proceedings of the 15th International Symposium on Games, Automata, Logics and Formal Verification, volume 409 of Electronic Proceedings in Theoretical Computer Science, pages 103–119. Open Publishing Association, Reykjavi, Iceland, 2024.
  3. Robin Theveniaut, Brahim Hamid, and Jason Jaskolka. Interplay of human factors and secure architecture design using model-driven engineering. In Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering WorkshopsASEW 2024, pages 108-117, Sacramento, CA, USA, 2024.
  4. Alvi Jawad, Zoe Arnott, and Jason Jaskolka. Requirements for applying SCIA: a structured cyberattack impact analysis approach for ICS. In Proceedings of the 2024 IEEE 24th International Conference on Software Quality, Reliability and SecurityQRS 2024, pages 388-399, Cambridge, UK, 2024. (Winner of the Best Paper Award)
  5. Nilofar Mansourzadeh, Anil Somayaji, and Jason Jaskolka. A fragility metric for software diversity. In Proceedings of the 19th Annual Symposium on Information Assurance, ASIA 2024 , pages 121–129, Albany, NY, USA, 2024.
  6. John Breton, Jason Jaskolka, and George O.M. Yee. Hardening systems against data corruption attacks at design time. In Mohamed Mosbah, Florence Sèdes, Nadia Tawbi, Toufik Ahmed, Nora Boulahia-Cuppens and Joaquin Garcia-Alfaro, editors, Proceedings of the 16th International Symposium on Foundations & Practice of SecurityFPS 2023, volume 14551 of Lecture Notes in Computer Science, pages 391-407, Bordeaux, France, 2024.
  7. Quentin Rouland, Stojanche Gjorcheski, and Jason Jaskolka. A security compliance-by-design framework utilizing reusable formal models. In Proceedings of the 2023 IEEE 23rd International Conference on Software Quality, Reliability, and Security CompanionQRS-C, pages 186–195, Chiang Mai, Thailand, 2023.
  8. Marwa Zeroual, Brahim Hamid, Morayo Adedjouma, and Jason Jaskolka. Formal model-based argument patterns for security cases. In Proceedings of the 28th European Conference on Pattern Languages of Programs, EuroPLoP 2023, pages 1-12, 2023.
  9. James Baak, Quentin Rouland, and Jason Jaskolka. A formal metamodel with composite components. In Mohamed Mosbah, Tahar Kechadi, Ladjel Bellatreche, and Faiez Gargouri, editors, Proceedings of the 12th International Conference on Model and Data EngineeringMEDI 2023, volume 14396 of Lecture Notes in Computer Science, pages 15-29, Sousse, Tunisia, 2023.
  10. Loïc Thierry, Jason Jaskolka, Brahim Hamid, and Jean-Paul Bodeveix. Specification and verification of communication paradigms for CBSE in Event B. In Proceedings of the 27th International Conference on Engineering of Complex Computer SystemsICECSS 2023, pages 157–166, Toulouse, France, 2023.
  11. Alvi Jawad and Jason Jaskolka. Single and combined cyberattack impact on industrial wastewater systems. In Proceedings of the 10th International Conference on Dependable Systems and Their ApplicationsDSA 2023, pages 272–281, Tokyo, Japan, 2023.
  12. Quentin Rouland, Stojanche Gjorcheski, and Jason Jaskolka. Eliciting a security architecture requirements baseline from standards and regulations. In Proceedings of the 2023 IEEE 31st International Requirements Engineering Conference WorkshopsREW, pages 224–229, Hannover, Germany, 2023.
  13. Mohannad Abu Issa, Abdelrahman Eldosouky, Mohamed Ibnkahla, Jason Jaskolka, and Ashraf Matrawy. Integrating medical and wearable devices with e-health systems using horizontal IoT platforms. In Proceedings of the 2023 IEEE Sensors Applications SymposiumSAS, pages 1–6, Ottawa, ON, Canada, 2023.
  14. Marwa Zeroual, Brahim Hamid, Morayo Adedjouma, and Jason Jaskolka. Constructing security cases based on formal verification of security requirements in Alloy. In Jérémie Guiochet, Stefano Tonetta, Erwin Schoitsch, Matthieu Roy, and Friedemann Bitsch, editors, Computer Safety, Reliability, and Security. SAFECOMP 2023 Workshops, volume 14182 of Lecture Notes in Computer Science, pages 15–25, Toulouse, France, 2023.
  15. Quentin Rouland, Brahim Hamid, Jean-Paul Bodeveix, and Jason Jaskolka. Formalizing the relationship between security policies and objectives in software architectures. In Proceedings of the 2023 IEEE 20th International Conference on Software Architecture CompanionICSA-C 2023, pages 151–158, L’Aquila, Italy, 2023.
  16. Sanaa Alwidian and Jason Jaskolka. Understanding the role of human-related factors in security requirements elicitation. In Alessio Ferrari and Birgit Penzenstadler, editors, Proceedings of the 29th International Working Conference on Requirements Engineering: Foundation for Software QualityREFSQ 2023, volume 13975 of Lecture Notes in Computer Science, pages 65-74, Barcelona, Spain, 2023.
  17. Alvi Jawad and Jason Jaskolka. Defense models for data recovery in industrial control systems. In Guy-Vincent Jourdan, Laurent Mounier, Carlisle Adams, Florence Sèdes, and Joaquin Garcia-Alfaro, editors, Proceedings of the 15th International Symposium on Foundations & Practice of SecurityFPS 2022, volume 13877 of Lecture Notes in Computer Science, pages 198-216, Ottawa, ON, Canada, 2023.
  18. Xinrui Zhang and Jason Jaskolka. Conceptualizing the secure machine learning operations (SecMLOps) paradigm. In Proceedings of the 22nd IEEE International Conference on Software Quality, Reliability, and Security, QRS 2022, pages 127-138, 2022.
  19. Marwa Zeroual, Brahim Hamid, Morayo Adedjouma, and Jason Jaskolka. Towards logical specification of adversarial examples in machine learning. In Proceedings of the 2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2022, pages 1575-1580, 2022.
  20. Jason Jaskolka and Brahim Hamid. Towards the integration of human factors in collaborative decision making for secure architecture design. In Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering, ASE 2022, pages 1-8, Rochester, MI, USA, 2022.
  21. Xinrui Zhang and Jason Jaskolka. Security patterns for machine learning: The data-oriented stages. In Proceedings of the 27th European Conference on Pattern Languages of Programs, EuroPLoP 2022, pages 1-12, 2022.
  22. Sajib Kumar Kuri, Tarim Islam, Jason Jaskolka, and Mohamed Ibnkahla. A threat model and security recommendations for IoT sensors in connected vehicle networks. In Proceedings of the 2022 IEEE 95th Vehicular Technology Conference, VTC-Spring 2022, pages 1-5, Helsinki, Finland, 2022.
  23. Alvi Jawad, Luke Newton, Ashraf Matrawy, and Jason Jaskolka. A formal analysis of the efficacy of rebooting as a countermeasure against IoT botnets. In Proceedings of the 2022 IEEE International Conference on Communications, IEEE ICC 2022, pages 2206-2211, Seoul, South Korea, 2022.
  24. Bohdana Sereda and Jason Jaskolka. An evaluation of IoT security guidance documents: A shared responsibility perspective. In Elhadi Shakshuki and Muhammad Younas, editors, Proceedings of the 13th International Conference on Ambient Systems, Networks and Technologies, volume 201C of Procedia Computer Science, ANT 2022, pages 281-288, Porto, Portugal, 2022.
  25. Alvi Jawad and Jason Jaskolka. Analyzing the impact of cyberattacks on industrial control systems using timed automata. In Proceedings of the 21st IEEE International Conference on Software Quality, Reliability, and Security, QRS 2021, pages 966-977, Hainan Island, China, 2021.
  26. Joe Samuel, Jason Jaskolka, and George O.M. Yee. Analyzing structural security posture to evaluate system design decisions. In Proceedings of the 21st IEEE International Conference on Software Quality, Reliability, and Security, QRS 2021, page 8-17, Hainan Island, China, 2021.
  27. Jason Jaskolka, Brahim Hamid, Alvi Jawad, and Joe Samuel. A secure development decomposition argument pattern for structured assurance case models. In Proceedings of the 28th Conference on Pattern Languages of Programs, PLoP 2021, pages 1-11, 2021.
  28. Jason Jaskolka, Brahim Hamid, Alvi Jawad, and Joe Samuel. A security property decomposition argument pattern for structured assurance case models. In Proceedings of the 26th European Conference on Pattern Languages of Programs, EuroPLoP 2021, pages 1-10, Graz, Austria, 2021.
  29. Luke Newton and Jason Jaskolka. Analyzing implicit interactions to identify weak points in cyber-physical system designs. In Proceedings of the 2021 Resilience Week Symposium, pages 1-8, Salt Lake City, UT, USA, 2021.
  30. Alvi Jawad and Jason Jaskolka. Modeling and simulation approaches for cybersecurity impact analysis: State-of-the-art. In Proceedings of the 2021 Annual Modeling and Simulation Conference, ANNSIM 2021, pages 1–12, Fairfax, VA, USA, 2021.
  31. Joe Samuel, Jason Jaskolka, and George O.M. Yee. Leveraging external data sources to enhance secure system design. In Proceedings of the 2021 Reconciling Data Analytics, Automation, Privacy, and Security: A Big Data Challenge, RDAAPS 2021, pages 1–8, Hamilton, ON, Canada, 2021.
  32. Joe Samuel, Khalil Aalab, and Jason Jaskolka. Evaluating the soundness of security metrics from vulnerability scoring frameworks. In Proceedings of the 19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, IEEE TrustCom 2020, pages 442–449, Guangzhou, China, 2020.
  33. Jason Jaskolka. Identifying and analyzing implicit interactions in a wastewater dechlorination system. In Sokratis Katsikas et al., editors, Computer Security. CyberICPS 2020, SECPRE 2020, ADIoT 2020, volume 12501 of Lecture Notes in Computer Science, pages 34–51, Guildford, UK, 2020. Springer, Cham.
  34. Quentin Rouland, Brahim Hamid, and Jason Jaskolka. Reusable formal models for threat specification, detection, and treatment. In Sihem Ben Sassi, Stéphane Ducasse, and Hafedh Mili, editors, Reuse in Emerging Software Engineering Practices, Proceedings of the 19th International Conference on Software and Systems Reuse, ICSR 2020, volume 12541 of Lecture Notes in Computer Science, pages 52–68, Hammamet, Tunisia, December 2020. Springer International Publishing. (Winner of the Best Paper Award)
  35. Thomas Sattolo and Jason Jaskolka. Evaluation of statistical tests for detecting storage-based covert channels. In Marko Hölbl, Kai Rannenberg, and Tatjana Welzer, editors, Proceedings of the 35th International Conference on ICT Systems Security and Privacy Protection, IFIP SEC 2020, volume 580 of IFIP Advances in Information and Communication Technology, pages 17–31, Maribor, Slovenia, September 2020. Springer, Cham.
  36. Jason Jaskolka. Recommendations for effective security assurance of software-dependent systems. In Kohei Arai, Supriya Kapoor, and Rahul Bhatia, editors, Intelligent Computing, SAI 2020, volume 1230 of Advances in Intelligent Systems and Computing, pages 511–531. London, UK, 2020. Springer, Cham.
  37. Brahim Hamid, Quentin Rouland, and Jason Jaskolka. Distributed maintenance of a spanning tree of k-connected graphs. In Proceedings of the 24th IEEE Pacific Rim International Symposium on Dependable Computing, pages 217-226, Kyoto, Japan, December 2019.
  38. Quentin Rouland, Brahim Hamid, and Jason Jaskolka. Formalizing reusable communication models for distributed systems architecture. In El Hassan Abdelwahed, Ladjel Bellatreche, Mattéo Golfarelli, Dominique Méry, and Carlos Ordonez, editors, Proceedings of the 8th International Conference on Model and Data EngineeringMEDI 2018, volume 11163 of Lecture Notes in Computer Science, pages 198-216, Marrakesh, Morocco, October 2018.
  39. Jason Jaskolka. Challenges in assuring security and resilience of advanced metering infrastructure. In Proceedings of the 18th annual IEEE Canada Electrical Power and Energy Conference, EPEC 2018, Toronto, ON, Canada, 2018.
  40. Jason Jaskolka and Ridha Khedri. Towards the certification of covert channel freeness in cloud-based systems. In Elhadi Shakshuki, editor, Proceedings of the 6th International Conference on Ambient Systems, Networks and Technologies, volume 52 of Procedia Computer Science, ANT 2015 and SEIT 2015, pages 318–225, London, UK, June 2015.