1. Abercrombie RK, Sheldon FT, Mili A (2008) Synopsis of evaluating security controls based on key performance indicators and stakeholder mission value. In: 11th IEEE high assurance systems engineering symposium (HASE ‘08), Nanjing, China, pp 479–482

2. Sheldon FT, Abercrombie RK, Mili A (2009) Methodology for evaluating security controls based on key performance indicators and stakeholder mission. In: Proceedings of 42nd annual Hawaii international conference on system sciences (HICSS-42), Waikoloa, HI, p 10

3. Abercrombie RK, Sheldon FT, Mili A (2009) Managing complex IT security process with valued based measures. In: 2009 IEEE symposium on computational intelligence in cyber security (CICS 2009), Nashville, TN, p 7

4. Firesmith D (2004) Specifying reusable security requirements. J Object Technol 3(1): 61–75

5. Rocha SVd, Abdelouahab Z, Freire E (2005) Requirement elicitation based on goals with security and privacy policies in electronic commerce. In: Anais do WER05—workshop em Engenharia de Requisitos, Porto, Portugal, pp 63–74