This book provides a coherent overview of the most important modelling-related security techniques available today, and demonstrates how to combine them. Further, it describes an integrated set of systematic practices that can be used to achieve increased security for software from the outset, and combines practical ways of working with practical ways of distilling, managing, and making security knowledge operational.
The book addresses three main topics: (1) security requirements engineering, including security risk management, major activities, asset identification, security risk...

This book constitutes the proceedings of the 22nd Nordic Conference on Secure IT Systems, held in Tartu, Estonia, in November 2017.The 18 full papers presented were carefully reviewed and selected from 42 submissions. The papers address a broad range of topics in IT security and privacy.