D. Dolev and A. C. Yao, On the security of public key protocols, 22nd Annual Symposium on Foundations of Computer Science, SFCS '81, pp.350-357, 1981.

B. Drouot and J. Champeau, Model federation based on role modeling, 7th International Conference on Model-Driven Engineering and Software Development, MODELSWARD 2019, pp.72-83, 2019.
URL : https://hal.archives-ouvertes.fr/hal-02123046

M. Farrell, M. Bradbury, M. Fisher, L. Dennis, C. Dixon et al., Using Threat Analysis Techniques to Guide Formal Verification: A Case Study of Cooperative Awareness Messages, pp.471-490, 2019.

F. R. Golra, A. Beugnard, F. Dagnat, S. Guerin, and C. Guychard, Addressing modularity for heterogeneous multi-model systems using model federation, Companion Proceedings of the 15th International Conference on Modularity, MODULARITY Companion, pp.206-211, 2016.
URL : https://hal.archives-ouvertes.fr/hal-01298547

S. Jajodia, A. K. Ghosh, V. Swarup, C. Wang, and X. S. Wang, Moving target defense: creating asymmetric uncertainty for cyber threats, vol.54, 2011.

R. Khan, K. Mclaughlin, D. Laverty, and S. Sezer, STRIDE-based threat modeling for cyberphysical systems, 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe), pp.1-6, 2017.

L. Kohnfelder and P. Garg, The threats to our products. Microsoft Interface, Microsoft Corporation, p.33, 1999.

J. Lee, B. Bagheri, and H. Kao, A cyberphysical systems architecture for industry 4.0-based manufacturing systems, Manufacturing letters, vol.3, pp.18-23, 2015.

P. K. Manadhata and J. M. Wing, An attack surface metric, IEEE Transactions on Software Engineering, vol.37, issue.3, pp.371-386, 2011.

E. Peterson, Dagger: Modeling and visualization for mission impact situation awareness, MILCOM 2016-2016 IEEE Military Communications Conference, pp.25-30, 2016.

M. Rocchetto and N. O. Tippenhauer, CPDY: Extending the Dolev-Yao attacker with physical-layer interactions, Lecture Notes in Computer Science, pp.175-192, 2016.

P. Schaller, B. Schmidt, D. Basin, and S. Capkun, Modeling and verifying physical properties of security protocols for wireless networks, 22nd IEEE Computer Security Foundations Symposium, pp.109-123, 2009.

M. Siponen and R. Willison, Information security management standards: Problems and solutions, formation & Management, vol.46, pp.267-270, 2009.

D. Steinmetzer, M. Schulz, and M. Hollick, Lockpicking physical layer key exchange: Weak adversary models invite the thief, 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, WiSec '15, vol.1, pp.1-1, 2015.

C. Theisen, N. Munaiah, M. Al-zyoud, J. C. Carver, A. Meneely et al., Attack surface definitions: A systematic literature review, Information and Software Technology, vol.104, pp.94-103, 2018.

J. Xu, P. Guo, M. Zhao, R. F. Erbacher, M. Zhu et al., Comparing different moving target defense techniques, First ACM Workshop on Moving Target Defense, pp.97-107, 2014.

R. Zhuang, S. A. Deloach, and X. Ou, Towards a theory of moving target defense, First ACM Workshop on Moving Target Defense, pp.31-40, 2014.