This book constitutes the refereed proceedings from the Third International Workshop on Graphical Models for Security, GraMSec 2016, held in Lisbon, Portugal, in June 2016.
The 9 papers presented in this volume were carefully reviewed and selected from 23 submissions. The volume also contains the invited talk by Xinming Ou. GraMSec contributes to the development of well-founded graphical security models, efficient algorithms for their analysis, as well as methodologies for their practical usage.

A Bottom-up Approach to Applying Graphical Models in Security Analysis.- On the Soundness of Attack Trees.- The Right Tool for the Job: a Case for Common Input Scenarios for Security Assessment.- Differential Privacy Analysis of Data Processing Workflows.- Bridging Two Worlds: Reconciling Practical Risk Assessment Methodologies with Theory of Attack Trees.- Enterprise Architecture-Based Risk and Security Modelling and Analysis.- From A to Z: Developing a Visual Vocabulary for Information Security Threat Visualisation.- Quantitative Attack Tree Analysis: Stochastic Bounds and Numerical Analysis.- Survivability Analysis of a Computer System under an Advanced Persistent Threat Attack.- Confining Adversary Actions via Measurement.