{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,22]],"date-time":"2025-10-22T09:51:58Z","timestamp":1761126718265},"publisher-location":"Cham","reference-count":22,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319642178"},{"type":"electronic","value":"9783319642185"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-64218-5_1","type":"book-chapter","created":{"date-parts":[[2017,8,11]],"date-time":"2017-08-11T07:44:03Z","timestamp":1502437443000},"page":"3-14","source":"Crossref","is-referenced-by-count":3,"title":["Towards the Integration of Security Practices in the Software Implementation Process of ISO\/IEC 29110: A Mapping"],"prefix":"10.1007","author":[{"given":"Mary-Luz","family":"S\u00e1nchez-Gord\u00f3n","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ricardo","family":"Colomo-Palacios","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Alex","family":"S\u00e1nchez","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Antonio","family":"de Amescua Seco","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xabier","family":"Larrucea","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2017,8,12]]},"reference":[{"key":"1_CR1","doi-asserted-by":"crossref","unstructured":"O\u2019Connor, R.V., Colomo-Palacios, R.: Security awareness in the software arena. In: Engemann, K. (ed.) Routledge Companion to Risk, Crisis and Security in Business. Routledge (2017)","DOI":"10.4324\/9781315629520-16"},{"key":"1_CR2","doi-asserted-by":"crossref","first-page":"1785","DOI":"10.1016\/j.compeleceng.2012.08.008","volume":"38","author":"P Salini","year":"2012","unstructured":"Salini, P., Kanmani, S.: Survey and analysis on security requirements engineering. Comput. Electr. Eng. 38, 1785\u20131797 (2012)","journal-title":"Comput. Electr. Eng."},{"key":"1_CR3","doi-asserted-by":"crossref","first-page":"544","DOI":"10.1002\/wics.106","volume":"2","author":"D Gollmann","year":"2010","unstructured":"Gollmann, D.: Computer security. Wiley Interdiscip. Rev. Comput. Stat. 2, 544\u2013554 (2010)","journal-title":"Wiley Interdiscip. Rev. Comput. Stat."},{"key":"1_CR4","doi-asserted-by":"crossref","first-page":"29","DOI":"10.1145\/2184319.2184330","volume":"55","author":"SL Garfinkel","year":"2012","unstructured":"Garfinkel, S.L.: The cybersecurity risk. Commun. ACM 55, 29\u201332 (2012)","journal-title":"Commun. ACM"},{"key":"1_CR5","doi-asserted-by":"crossref","unstructured":"Heffley, J., Meunier, P.: Can source code auditing software identify common vulnerabilities and be used to evaluate software security? In: 37th Annual Hawaii International Conference on System Sciences, pp. 1\u201310 (2004)","DOI":"10.1109\/HICSS.2004.1265654"},{"key":"1_CR6","unstructured":"Suby, M., Dickson, F.: Global Information Security Workforce Study. Frost & Sullivan (2015)"},{"key":"1_CR7","unstructured":"Ponemon Institute LLC: 2016 Cost of Data Breach Study: Global Analysis (2016)"},{"key":"1_CR8","unstructured":"Gartner Says Worldwide Information Security Spending Will Grow 7.9 Percent to Reach $81.6 Billion in 2016. http:\/\/www.gartner.com\/newsroom\/id\/3404817"},{"key":"1_CR9","unstructured":"Allen, J.H., Barnum, S., Ellison, R.J., McGraw, G., Mead, N.R.: Software Security Engineering: A Guide for Project Managers. Addison-Wesley Professional, Boston (2008)"},{"key":"1_CR10","unstructured":"Mano, P.: Official (ISC)2 Guide to the CSSLP. CRC Press, Boca Raton (2015)"},{"key":"1_CR11","unstructured":"Daud, M.I.: Secure Software Development Model: A Guide for Secure Software Life Cycle. Presented at the Proceedings of the International MutiConference on Engineers and Computer Scientists (IMECS), Hong Kong (2010)"},{"key":"1_CR12","doi-asserted-by":"crossref","unstructured":"McGraw, G.: Software Security: Building Security. Addison-Wesley Professional, Boston (2006)","DOI":"10.1109\/ISSRE.2006.43"},{"key":"1_CR13","doi-asserted-by":"crossref","first-page":"89","DOI":"10.1109\/MSP.2011.40","volume":"9","author":"B Chess","year":"2011","unstructured":"Chess, B., Arkin, B.: Software security in practice. IEEE Secur. Priv. 9, 89\u201392 (2011)","journal-title":"IEEE Secur. Priv."},{"key":"1_CR14","doi-asserted-by":"crossref","first-page":"84","DOI":"10.1109\/MC.2016.242","volume":"49","author":"CY Laporte","year":"2016","unstructured":"Laporte, C.Y., O\u2019Connor, R.V.: Systems and software engineering standards for very small entities: accomplishments and overview. Computer 49, 84\u201387 (2016)","journal-title":"Computer"},{"key":"1_CR15","unstructured":"S\u00e1nchez-Gord\u00f3n, M.-L., O\u2019Connor, R.V.: Understanding the gap between software process practices and actual practice in very small companies. Softw. Qual. J. 24, 549\u2013570 (2015)"},{"key":"1_CR16","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"114","DOI":"10.1007\/978-3-319-19860-6_10","volume-title":"Software Process Improvement and Capability Determination","author":"M-L Sanchez-Gordon","year":"2015","unstructured":"Sanchez-Gordon, M.-L., O\u2019Connor, R.V., Colomo-Palacios, R.: Evaluating VSEs viewpoint and sentiment towards the ISO\/IEC 29110 standard: a two country grounded theory study. In: Rout, T., O\u2019Connor, Rory V., Dorling, A. (eds.) SPICE 2015. CCIS, vol. 526, pp. 114\u2013127. Springer, Cham (2015). doi: 10.1007\/978-3-319-19860-6_10"},{"issue":"1","key":"1_CR17","first-page":"38","volume":"9","author":"M Grover","year":"2016","unstructured":"Grover, M., Durham, N.C., Cummings, J., Janicki, T.: Moving beyond coding: why secure coding should be implemented. J. Inf. Syst. Appl. Res. 9(1), 38\u201346 (2016)","journal-title":"J. Inf. Syst. Appl. Res."},{"key":"1_CR18","unstructured":"O\u2019Connor, R.V., Laporte, C.Y.: The evolution of the ISO\/IEC 29110 set of standards and guides. Int. J. Inf. Technol. Syst. Approach IJITSA 10, 1\u201321 (2017)"},{"key":"1_CR19","unstructured":"ISO: Software engineering \u2013 Lifecycle profiles for Very Small Entities (VSEs) Part 5-1-2: Management and engineering guide: Generic profile group: Basic Profile, Geneva (2011)"},{"key":"1_CR20","doi-asserted-by":"crossref","first-page":"309","DOI":"10.1007\/s11219-011-9154-7","volume":"20","author":"MT Baldassarre","year":"2011","unstructured":"Baldassarre, M.T., Caivano, D., Pino, F.J., Piattini, M., Visaggio, G.: Harmonization of ISO\/IEC 9001:2000 and CMMI-DEV: from a theoretical comparison to a real case application. Softw. Qual. J. 20, 309\u2013335 (2011)","journal-title":"Softw. Qual. J."},{"key":"1_CR21","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"234","DOI":"10.1007\/978-3-319-44817-6_19","volume-title":"Systems, Software and Services Process Improvement","author":"M-L Sanchez-Gord\u00f3n","year":"2016","unstructured":"Sanchez-Gord\u00f3n, M.-L., Colomo-Palacios, R., Herranz, E.: Gamification and human factors in quality management systems: mapping from octalysis framework to ISO 10018. In: Kreiner, C., O\u2019Connor, Rory V., Poth, A., Messnarz, R. (eds.) EuroSPI 2016. CCIS, vol. 633, pp. 234\u2013241. Springer, Cham (2016). doi: 10.1007\/978-3-319-44817-6_19"},{"key":"1_CR22","unstructured":"Haralambos, M., Giorgini, P.: Integrating Security and Software Engineering: Advances and Future Visions: Advances and Future Visions. Idea Group Inc (IGI) (2006)"}],"container-title":["Communications in Computer and Information Science","Systems, Software and Services Process Improvement"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-64218-5_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,2]],"date-time":"2019-10-02T08:03:32Z","timestamp":1570003412000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-64218-5_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319642178","9783319642185"],"references-count":22,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-64218-5_1","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2017]]}}}