{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T00:58:19Z","timestamp":1740099499537,"version":"3.37.3"},"publisher-location":"Cham","reference-count":28,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030312381"},{"type":"electronic","value":"9783030312398"}],"license":[{"start":{"date-parts":[[2019,9,25]],"date-time":"2019-09-25T00:00:00Z","timestamp":1569369600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-31239-8_20","type":"book-chapter","created":{"date-parts":[[2019,9,24]],"date-time":"2019-09-24T10:03:26Z","timestamp":1569319406000},"page":"264-277","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Cybersecurity Framework Requirements to Quantify Vulnerabilities Based on GQM"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2471-9760","authenticated-orcid":false,"given":"Mohammad","family":"Shojaeshafiei","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Letha","family":"Etzkorn","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Michael","family":"Anderson","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,9,25]]},"reference":[{"key":"20_CR1","unstructured":"Target and Neiman Marcus hacks: The latest. CNNMoney. https:\/\/money.cnn.com\/2014\/01\/13\/news\/target-neiman-marcus-hack\/index.html . Accessed 11 Feb 2019"},{"key":"20_CR2","unstructured":"Symantic Inc.: Symantec Global Internet Security Threat Report Trends for 2009. Symantec Global Internet Security Threat Report, vol. XV, p. 7 (2010)"},{"issue":"10","key":"20_CR3","doi-asserted-by":"publisher","first-page":"1462","DOI":"10.1109\/32.6191","volume":"14","author":"BW Boehm","year":"1988","unstructured":"Boehm, B.W., Papaccio, P.N.: Understanding and controlling software costs. IEEE Trans. Softw. Eng. 14(10), 1462\u20131477 (1988)","journal-title":"IEEE Trans. Softw. Eng."},{"issue":"3","key":"20_CR4","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1109\/MS.2001.922718","volume":"18","author":"S McConnell","year":"2001","unstructured":"McConnell, S.: From the editor - an ounce of prevention. IEEE Softw. 18(3), 5\u20137 (2001)","journal-title":"IEEE Softw."},{"issue":"6","key":"20_CR5","doi-asserted-by":"publisher","first-page":"484","DOI":"10.1109\/32.852739","volume":"26","author":"MG Mendonca","year":"2000","unstructured":"Mendonca, M.G., Basili, V.R.: Validation of an approach for improving existing measurement frameworks. IEEE Trans. Softw. Eng. 26(6), 484\u2013499 (2000). https:\/\/doi.org\/10.1109\/32.852739","journal-title":"IEEE Trans. Softw. Eng."},{"key":"20_CR6","doi-asserted-by":"crossref","unstructured":"Basili, V.R., Green, S.: Software process evolution at the SEL. In: Foundations of Empirical Software Engineering, pp. 142\u2013154 (1994)","DOI":"10.1007\/3-540-27662-9_11"},{"issue":"11\u201312","key":"20_CR7","doi-asserted-by":"publisher","first-page":"701","DOI":"10.1016\/0950-5849(93)90091-G","volume":"35","author":"M Shepperd","year":"1993","unstructured":"Shepperd, M.: Practical software metrics for project management and process improvement. Inf. Softw. Technol. 35(11\u201312), 701 (1993)","journal-title":"Inf. Softw. Technol."},{"key":"20_CR8","doi-asserted-by":"publisher","first-page":"223","DOI":"10.1007\/978-3-319-54380-2_10","volume-title":"Enterprise Security","author":"Fara Yahya","year":"2017","unstructured":"Yahya, F., Walters, R.J., Wills, G.B.: Using goal-question-metric (GQM) approach to assess security in cloud storage. In: Enterprise Security Lecture Notes in Computer Science, pp. 223\u2013240 (2017)"},{"key":"20_CR9","first-page":"211","volume":"1","author":"A Abdulrazeg","year":"2012","unstructured":"Abdulrazeg, A.: Security measurement based on GQM to improve application security during requirements stage. Int. J. Cyber Secur. Dig. Forensics JCSDF 1, 211\u2013220 (2012)","journal-title":"Int. J. Cyber Secur. Dig. Forensics JCSDF"},{"key":"20_CR10","unstructured":"International Organization for Standardization. Developing standards, 10 January 2019. http:\/\/www.iso.org\/ . Accessed 12 Feb 2019"},{"key":"20_CR11","unstructured":"National Institute of Standards and Technology. NIST, 12 February 2019. http:\/\/www.nist.gov\/ . Accessed 15 Feb 2019"},{"key":"20_CR12","volume-title":"Computer Security: Principles and Practice","author":"W Stallings","year":"2018","unstructured":"Stallings, W., Brown, L.: Computer Security: Principles and Practice. Pearson, London (2018). Chp 14"},{"issue":"1","key":"20_CR13","doi-asserted-by":"publisher","first-page":"55","DOI":"10.3141\/2619-06","volume":"2619","author":"JM Ernst","year":"2017","unstructured":"Ernst, J.M., Michaels, A.J.: Framework for evaluating the severity of cybervulnerability of a traffic cabinet. Transp. Res. Rec.: J. Transp. Res. Board 2619(1), 55\u201363 (2017)","journal-title":"Transp. Res. Rec.: J. Transp. Res. Board"},{"key":"20_CR14","unstructured":"Ghena, B.: Green lights forever: analyzing the security of traffic infrastructure. In: Proceeding of the 8th Workshop on Offensive Technology (WOOT 2014), August 2014"},{"key":"20_CR15","unstructured":"Fok, E.: An introduction to cybersecurity issues in modern transportation systems. ITE J. (2013). https:\/\/trid.trb.org\/view\/1257258 . Accessed 22 Oct 2018"},{"key":"20_CR16","unstructured":"Hacking US (and UK, Australia, France, etc.) Traffic Control Systems. IOActive, 15 June 2018. https:\/\/ioactive.com\/hacking-us-and-uk-australia-france-etc\/ . Accessed 22 Oct 2018"},{"key":"20_CR17","doi-asserted-by":"crossref","unstructured":"Chen, Q.A., Yin, Y., Feng, Y., Mao, Z.M., Liu, H.X.: Exposing congestion attack on emerging connected vehicle based traffic signal control. In: Proceedings 2018 Network and Distributed System Security Symposium (2018)","DOI":"10.14722\/ndss.2018.23222"},{"key":"20_CR18","unstructured":"Comprehensive Experimental Analyses of Automotive Attack \u2026. http:\/\/www.autosec.org\/pubs\/cars-usenixsec2011.pdf . Accessed 22 Oct 2018"},{"key":"20_CR19","unstructured":"An Emerging US (and World) Threat: Cities Wide Open to \u2026. https:\/\/ioactive.com\/pdfs\/IOActive_HackingCitiesPaper_CesarCerrudo.pdf . Accessed 22 Oct 2018"},{"issue":"1","key":"20_CR20","doi-asserted-by":"crossref","first-page":"60","DOI":"10.1049\/iet-cps.2016.0017","volume":"1","author":"Z Li","year":"2016","unstructured":"Li, Z., Jin, D., Hannon, C., Shahidehpour, M., Wang, J.: Assessing and mitigating cybersecurity risks of traffic light systems in smart cities. IET Cyber-Phys. Syst.: Theory Appl. 1(1), 60\u201369 (2016)","journal-title":"IET Cyber-Phys. Syst.: Theory Appl."},{"key":"20_CR21","unstructured":"Cyber Risk and Insurance for Transportation Infrastructure. https:\/\/web-oup.s3-us-gov-west-1.amazonaws.com\/showc\/assets\/File\/CIRI_Tonn_Cyber%20%Risk%20%Insurance%20%for%20%Transportation%20%Infrastructure.pdf . Accessed 22 Oct 2018"},{"key":"20_CR22","doi-asserted-by":"publisher","first-page":"366","DOI":"10.1016\/j.trb.2016.05.017","volume":"91","author":"J Reilly","year":"2016","unstructured":"Reilly, J., Martin, S., Payer, M., Bayen, A.M.: Creating complex congestion patterns via multi-objective optimal freeway traffic control with application to cyber-security. Transp. Res. Part B: Methodol. 91, 366\u2013382 (2016)","journal-title":"Transp. Res. Part B: Methodol."},{"key":"20_CR23","doi-asserted-by":"publisher","first-page":"843","DOI":"10.1109\/SURV.2012.060912.00182","volume":"15","author":"Z Xiao","year":"2012","unstructured":"Xiao, Z., Xiao, Y.: Security and privacy in cloud computing. IEEE Commun. Surv. Tutor. 15, 843\u2013859 (2012)","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"20_CR24","unstructured":"Computer Security and Intrusion Detection. Intrusion Detection and Correlation Advances in Information Security, vol. 14, pp. 9\u201328. Springer, Boston (2005). (Chapter 2)"},{"key":"20_CR25","unstructured":"Schaen, I., Mckenney, B.: Network auditing: issues and recommendations. In: Proceedings Seventh Annual Computer Security Applications Conference. Data Centers: Best Practices for Security and Performance. http:\/\/www.echomountain.com\/pdfs\/CiscoBestPractices.pdf . Accessed 15 Feb 2019"},{"issue":"10","key":"20_CR26","doi-asserted-by":"publisher","first-page":"886","DOI":"10.1109\/32.163605","volume":"18","author":"M Oivo","year":"1992","unstructured":"Oivo, M., Basili, V.: Representing software engineering models: the TAME goal oriented approach. IEEE Trans. Softw. Eng. 18(10), 886\u2013898 (1992)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"20_CR27","unstructured":"Ahl, V.: An experimental comparison of five prioritization methods. Master\u2019s thesis, School of Engineering, Blekinge Institute of Technology, Ronneby, Sweden (2005)"},{"issue":"1","key":"20_CR28","doi-asserted-by":"publisher","first-page":"7","DOI":"10.1007\/s00766-009-0092-x","volume":"15","author":"B Fabian","year":"2010","unstructured":"Fabian, B., Gurses, S., Heisel, M., Santen, T., Schmidt, H.: A comparison of security requirements engineering methods. Requirements Eng. 15(1), 7\u201340 (2010)","journal-title":"Requirements Eng."}],"container-title":["Advances in Intelligent Systems and Computing","National Cyber Summit (NCS) Research Track"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-31239-8_20","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,1,22]],"date-time":"2021-01-22T16:40:29Z","timestamp":1611333629000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-31239-8_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,9,25]]},"ISBN":["9783030312381","9783030312398"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-31239-8_20","relation":{},"ISSN":["2194-5357","2194-5365"],"issn-type":[{"type":"print","value":"2194-5357"},{"type":"electronic","value":"2194-5365"}],"subject":[],"published":{"date-parts":[[2019,9,25]]},"assertion":[{"value":"25 September 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"NCS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"National Cyber Summit","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Huntsville, AL","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 June 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"6 June 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ncs2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.nationalcybersummit.com\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}