The thesis will be published in a month or two - I will link it here then.
The data that I have is not linked to specific issues that I can link to on this board. It’s a list of approx. 300 security requirements in which DHIS2 either passes or fails. I could publish that data, but I’d need to consider how to present it.