{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,1]],"date-time":"2025-12-01T11:19:22Z","timestamp":1764587962961,"version":"3.37.3"},"publisher-location":"Cham","reference-count":29,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319983844"},{"type":"electronic","value":"9783319983851"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-98385-1_14","type":"book-chapter","created":{"date-parts":[[2018,7,25]],"date-time":"2018-07-25T23:47:49Z","timestamp":1532562469000},"page":"198-212","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Towards the Definition of a Security Incident Response Modelling Language"],"prefix":"10.1007","author":[{"given":"Myrsini","family":"Athinaiou","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Haralambos","family":"Mouratidis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Theo","family":"Fotis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Michalis","family":"Pavlidis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Emmanouil","family":"Panaousis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,7,27]]},"reference":[{"issue":"10","key":"14_CR1","doi-asserted-by":"publisher","first-page":"970","DOI":"10.1109\/TSE.2002.1041053","volume":"28","author":"G Antoniol","year":"2002","unstructured":"Antoniol, G., Canfora, G., Casazza, G., De Lucia, A., Merlo, E.: Recovering traceability links between code and documentation. IEEE Trans. Softw. Eng. 28(10), 970\u2013983 (2002)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"14_CR2","doi-asserted-by":"crossref","unstructured":"Bareiss, P., Schutz, D., Priego, R., Marcos, M., Vogel-Heuser, B.: A model-based failure recovery approach for automated production systems combining SysML and industrial standards, pp. 1\u20137. IEEE, September 2016","DOI":"10.1109\/ETFA.2016.7733720"},{"issue":"3","key":"14_CR3","doi-asserted-by":"publisher","first-page":"200","DOI":"10.1061\/(ASCE)1076-0342(2009)15:3(200)","volume":"15","author":"P Chen","year":"2009","unstructured":"Chen, P., Scown, C., Matthews, H.S., Garrett, J.H., Hendrickson, C.: Managing critical infrastructure interdependence through economic input-output methods. J. Infrastruct. Syst. 15(3), 200\u2013210 (2009)","journal-title":"J. Infrastruct. Syst."},{"issue":"1","key":"14_CR4","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s10506-008-9067-3","volume":"17","author":"L Compagna","year":"2009","unstructured":"Compagna, L., El Khoury, P., Krausov, A., Massacci, F., Zannone, N.: How to integrate legal requirements into a requirements engineering methodology for the development of security and privacy patterns. Artif. Intell. Law 17(1), 1\u201330 (2009)","journal-title":"Artif. Intell. Law"},{"key":"14_CR5","doi-asserted-by":"crossref","unstructured":"Crane, S., Larsen, P., Brunthaler, S., Franz, M.: Booby trapping software, pp. 95\u2013106. ACM Press (2013)","DOI":"10.1145\/2535813.2535824"},{"key":"14_CR6","unstructured":"Filipov, D., Roth, A., Nakashima, E.: Companies struggle to recover after massive cyberattack with ransom demands. The Washington Post, June 2017"},{"key":"14_CR7","doi-asserted-by":"crossref","unstructured":"Firesmith, D.G.: Engineering safety and security related requirements for software intensive systems, p. 169. IEEE, May 2007","DOI":"10.1109\/ICSECOMPANION.2007.35"},{"key":"14_CR8","unstructured":"Fox-Brewster, T.: Medical Devices Hit by Ransomware for the First Time in US Hospitals. Forbes, May 2017"},{"issue":"5","key":"14_CR9","doi-asserted-by":"publisher","first-page":"514","DOI":"10.1145\/42411.42414","volume":"31","author":"D Harel","year":"1988","unstructured":"Harel, D.: On visual formalisms. Commun. ACM 31(5), 514\u2013530 (1988)","journal-title":"Commun. ACM"},{"key":"14_CR10","unstructured":"Henley, J., Solon, O.: \u2018Petya\u2019 ransomware attack strikes companies across Europe and US. The Guardian, June 2017"},{"issue":"6","key":"14_CR11","first-page":"816","volume":"18","author":"R Matulevicius","year":"2012","unstructured":"Matulevicius, R., Mouratidis, H., Mayer, N., Dubois, E., Heymans, P.: Syntactic and semantic extensions to secure tropos to support security risk management. J. Univers. Comput. Sci. 18(6), 816\u2013844 (2012)","journal-title":"J. Univers. Comput. Sci."},{"key":"14_CR12","doi-asserted-by":"crossref","unstructured":"Mead, N.R.: Requirements engineering for survivable systems. Technical report CMU\/SEI-2003-TN-013, Carnegie Mellon University, September 2003","DOI":"10.21236\/ADA418410"},{"issue":"4","key":"14_CR13","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1082983.1083214","volume":"30","author":"NR Mead","year":"2005","unstructured":"Mead, N.R., Stehney, T.: Security quality requirements engineering (SQUARE) methodology. ACM SIGSOFT Softw. Eng. Notes 30(4), 1 (2005)","journal-title":"ACM SIGSOFT Softw. Eng. Notes"},{"issue":"2","key":"14_CR14","doi-asserted-by":"publisher","first-page":"244","DOI":"10.1016\/j.csi.2006.04.002","volume":"29","author":"D Mellado","year":"2007","unstructured":"Mellado, D., Fernndez-Medina, E., Piattini, M.: A common criteria based security requirements engineering process for the development of secure information systems. Comput. Stand. Interfaces 29(2), 244\u2013253 (2007)","journal-title":"Comput. Stand. Interfaces"},{"key":"14_CR15","unstructured":"MITRE. Adversarial Tactics, Techniques & Common Knowledge. https:\/\/attack.mitre.org\/wiki\/Main_page . Accessed 30 May 2018"},{"issue":"5","key":"14_CR16","first-page":"1938","volume":"8","author":"S Mohurle","year":"2017","unstructured":"Mohurle, S., Patil, M.: A brief study of WannaCry threat: ransomware attack 2017. Int. J. Adv. Res. Comput. Sci. 8(5), 1938\u20131940 (2017)","journal-title":"Int. J. Adv. Res. Comput. Sci."},{"issue":"6","key":"14_CR17","doi-asserted-by":"publisher","first-page":"756","DOI":"10.1109\/TSE.2009.67","volume":"35","author":"D Moody","year":"2009","unstructured":"Moody, D.: The physics of notations: toward a scientific basis for constructing visual notations in software engineering. IEEE Trans. Softw. Eng. 35(6), 756\u2013779 (2009)","journal-title":"IEEE Trans. Softw. Eng."},{"issue":"02","key":"14_CR18","doi-asserted-by":"publisher","first-page":"285","DOI":"10.1142\/S0218194007003240","volume":"17","author":"H Mouratidis","year":"2007","unstructured":"Mouratidis, H., Giorgini, P.: Secure tropos: a security-oriented extension of the tropos methodology. Int. J. Softw. Eng. Knowl. Eng. 17(02), 285\u2013309 (2007)","journal-title":"Int. J. Softw. Eng. Knowl. Eng."},{"key":"14_CR19","unstructured":"OASIS. Structured Threat Information Expression. https:\/\/oasis-open.github.io\/cti-documentation\/stix\/intro . Accessed 30 May 2018"},{"key":"14_CR20","unstructured":"National Audit Office. Investigation: WannaCry cyber attack and the NHS. Department of Health Report HC414, National Audit Office, October 2017"},{"key":"14_CR21","series-title":"Lecture Notes in Computer Science (Lecture Notes in Artificial Intelligence)","doi-asserted-by":"publisher","first-page":"111","DOI":"10.1007\/978-3-642-15037-1_11","volume-title":"Knowledge Management and Acquisition for Smart Systems and Services","author":"SH Othman","year":"2010","unstructured":"Othman, S.H., Beydoun, G.: A disaster management metamodel (DMM) validated. In: Kang, B.-H., Richards, D. (eds.) PKAW 2010. LNCS (LNAI), vol. 6232, pp. 111\u2013125. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-15037-1_11"},{"issue":"4","key":"14_CR22","first-page":"333","volume":"10","author":"J Recker","year":"2009","unstructured":"Recker, J., Indulska, M., Rosemann, M., Green, P.: Business process modeling - a comparative analysis. J. Assoc. Inf. Syst. 10(4), 333\u2013363 (2009)","journal-title":"J. Assoc. Inf. Syst."},{"key":"14_CR23","unstructured":"Homeland Security. Recommended Practice: Improving Industrial Control System Cybersecurity with Defense-in-Depth Strategies. Technical report, Department of Homeland Security (DHS) National Cybersecurity, Communications Integration Center (NCCIC) and Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), September 2016"},{"key":"14_CR24","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1007\/s00766-004-0194-4","volume":"10","author":"G Sindre","year":"2004","unstructured":"Sindre, G., Firesmith, D.G., Opdahl, A.L.: A reuse-based approach to determining security requirements. Requir. Eng. 10, 34\u201344 (2004)","journal-title":"Requir. Eng."},{"issue":"1","key":"14_CR25","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1007\/s00766-004-0194-4","volume":"10","author":"G Sindre","year":"2005","unstructured":"Sindre, G., Opdahl, A.L.: Eliciting security requirements with misuse cases. Requir. Eng. 10(1), 34\u201344 (2005)","journal-title":"Requir. Eng."},{"key":"14_CR26","unstructured":"Hwang, S., Kesselman, C.: Grid workflow: a flexible failure handling framework for the grid, pp. 126\u2013137. IEEE Computer Society (2003)"},{"issue":"4","key":"14_CR27","doi-asserted-by":"publisher","first-page":"529","DOI":"10.1007\/s10270-009-0145-0","volume":"9","author":"S Winkler","year":"2010","unstructured":"Winkler, S., von Pilgrim, J.: A survey of traceability in requirements engineering and model-driven development. Softw. Syst. Model. 9(4), 529\u2013565 (2010)","journal-title":"Softw. Syst. Model."},{"key":"14_CR28","doi-asserted-by":"crossref","unstructured":"Yu, E., Liu, L., Mylopoulos, J.: A social ontology for integrating security and software engineering. In: Integrating Security and Software Engineering: Advances and Future Visions, pp. 70\u2013106 (2007)","DOI":"10.4018\/978-1-59904-147-6.ch004"},{"issue":"3","key":"14_CR29","doi-asserted-by":"publisher","first-page":"493","DOI":"10.1111\/j.0011-7315.2004.02597.x","volume":"35","author":"Z Zhu","year":"2004","unstructured":"Zhu, Z., Sivakumar, K., Parasuraman, A.: A mathematical model of service failure and recovery strategies. Decis. Sci. 35(3), 493\u2013525 (2004)","journal-title":"Decis. Sci."}],"container-title":["Lecture Notes in Computer Science","Trust, Privacy and Security in Digital Business"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-98385-1_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,21]],"date-time":"2019-10-21T04:32:42Z","timestamp":1571632362000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-98385-1_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319983844","9783319983851"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-98385-1_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2018]]}}}