{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,25]],"date-time":"2025-09-25T16:56:27Z","timestamp":1758819387687},"publisher-location":"Berlin, Heidelberg","reference-count":35,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642221699"},{"type":"electronic","value":"9783642221705"}],"license":[{"start":{"date-parts":[[2011,1,1]],"date-time":"2011-01-01T00:00:00Z","timestamp":1293840000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-22170-5_2","type":"book-chapter","created":{"date-parts":[[2011,6,28]],"date-time":"2011-06-28T00:25:13Z","timestamp":1309220713000},"page":"16-30","source":"Crossref","is-referenced-by-count":2,"title":["Towards Incorporation of Software Security Testing Framework in Software Development"],"prefix":"10.1007","author":[{"given":"Nor Hafeizah","family":"Hassan","sequence":"first","affiliation":[]},{"given":"Siti Rahayu","family":"Selamat","sequence":"additional","affiliation":[]},{"given":"Shahrin","family":"Sahib","sequence":"additional","affiliation":[]},{"given":"Burairah","family":"Hussin","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"issue":"4","key":"2_CR1","doi-asserted-by":"publisher","first-page":"83","DOI":"10.1109\/MSECP.2003.1219078","volume":"1","author":"H.H. Thompson","year":"2003","unstructured":"Thompson, H.H.: Why Security Testing Is Hard. J. Security & Privacy\u00a01(4), 83\u201386 (2003)","journal-title":"J. Security & Privacy"},{"issue":"3-4","key":"2_CR2","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1016\/j.cose.2008.04.002","volume":"27","author":"H.S. Venter","year":"2008","unstructured":"Venter, H.S., Eloff, J.H.P., Li, Y.L.: Standardising Vulnerability Categories. J. Computers & Security\u00a027(3-4), 71\u201383 (2008)","journal-title":"J. Computers & Security"},{"key":"2_CR3","doi-asserted-by":"crossref","unstructured":"Jiwnani, K., Zelkowitz, M.: Maintaining Software With A Security Perspective. In: International Conference on Software Maintenance, pp. 194\u2013203 (2002)","DOI":"10.1109\/ICSM.2002.1167766"},{"key":"2_CR4","volume-title":"ACM SouthEast Regional Conference","author":"H. Cho","year":"2009","unstructured":"Cho, H.: Using Metaprogramming to Implement a Testing Framework. In: ACM SouthEast Regional Conference. ACM, USA (2009)"},{"issue":"4","key":"2_CR5","first-page":"19","volume":"16","author":"S. Misra","year":"2005","unstructured":"Misra, S.: An Empirical Framework For Choosing An Effective Testing Technique For Software Test Process Management. J. Information Technology Management\u00a016(4), 19\u201326 (2005)","journal-title":"J. Information Technology Management"},{"key":"2_CR6","unstructured":"Royce, W.W.: Managing The Development of Large Software Systems. In: IEEE Western Electronic Show and Convention, pp. 1\u20139 (1970)"},{"key":"2_CR7","unstructured":"Rational Unified Process: Best Practices for Software Development Teams. Rational Software White Paper (2001)"},{"key":"2_CR8","doi-asserted-by":"crossref","unstructured":"Boehm, B., Brown, W., Turner, R.: Spiral Development Of Software-Intensive Systems Of Systems. In: 27th International Conference of Software Engineering (2005)","DOI":"10.1145\/1062455.1062628"},{"issue":"1-2","key":"2_CR9","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1016\/j.jvlc.2004.08.003","volume":"16","author":"A.J. Ko","year":"2005","unstructured":"Ko, A.J., Myers, B.A.: A Framework And Methodology For Studying The Causes Of Software Errors In Programming Systems. J. Visual Languages & Computing\u00a016(1-2), 41\u201384 (2005)","journal-title":"J. Visual Languages & Computing"},{"key":"2_CR10","unstructured":"Mustafa, K., Khan, R.A.: Software Testing: Concepts and Practices. Alpha Science (2007)"},{"issue":"5","key":"2_CR11","doi-asserted-by":"publisher","first-page":"81","DOI":"10.1109\/MSP.2004.84","volume":"2","author":"B. Potter","year":"2004","unstructured":"Potter, B., McGraw, G.: Software Security Testing. J. Security & Privacy\u00a02(5), 81\u201385 (2004)","journal-title":"J. Security & Privacy"},{"issue":"4","key":"2_CR12","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1145\/12944.12948","volume":"11","author":"B. Boehm","year":"1986","unstructured":"Boehm, B.: A Spiral Model of Software Development and Enhancement. ACM SIGSOFT Software Engineering Notes\u00a011(4), 14\u201324 (1986)","journal-title":"ACM SIGSOFT Software Engineering Notes"},{"key":"2_CR13","volume-title":"Systematic Software Testing","author":"R.D. Craig","year":"2002","unstructured":"Craig, R.D., Jaskiel, S.P.: Systematic Software Testing. Artech House Publishers, Boston (2002)"},{"key":"2_CR14","unstructured":"Microsoft Security Development Lifecycle (SDL) Version 5.0, M. Library, Microsoft, http:\/\/msdn.microsoft.com\/en-us\/library\/cc307748.aspx"},{"key":"2_CR15","volume-title":"The Art of Software Testing","author":"G.J. Myers","year":"1979","unstructured":"Myers, G.J.: The Art of Software Testing. Wiley, New York (1979)"},{"key":"2_CR16","first-page":"286","volume-title":"8th IEEE International Conference on Software Testing Verification and Validation Workshop","author":"I.A. Tondel","year":"2008","unstructured":"Tondel, I.A., Jaatun, M.G., Jensen, J.: Learning from Software Security Testing. In: 8th IEEE International Conference on Software Testing Verification and Validation Workshop, pp. 286\u2013294. IEEE Computer Society, Washington (2008)"},{"key":"2_CR17","doi-asserted-by":"crossref","first-page":"736","DOI":"10.1145\/302405.303006","volume-title":"Proceedings of the 21st International Conference on Software Engineering","author":"Y. Pu-Lin","year":"1999","unstructured":"Pu-Lin, Y., Jin-Cherng, L.: Toward Precise Measurements Using Software Normalization. In: Proceedings of the 21st International Conference on Software Engineering, pp. 736\u2013737. ACM, Los Angeles (1999)"},{"key":"2_CR18","first-page":"300","volume-title":"International Conference on Cyberworlds","author":"L. Xu","year":"2004","unstructured":"Xu, L., Xu, B.: A Framework for Web Application Testing. In: International Conference on Cyberworlds, pp. 300\u2013305. IEEE Computer Society, Washington (2004)"},{"key":"2_CR19","first-page":"1","volume-title":"International Conference on Computational Intelligence and Software Engineering","author":"G. Jing","year":"2009","unstructured":"Jing, G., Yuqing, L.: Agent-based Distributed Automated Testing Executing Framework. In: International Conference on Computational Intelligence and Software Engineering, pp. 1\u20135. IEEE Press, Wuhan (2009)"},{"key":"2_CR20","first-page":"159","volume-title":"Proceedings of the IEEE International Workshop","author":"W.T. Tsai","year":"2005","unstructured":"Tsai, W.T., Wei, X., Chen, Y., Paul, R.: A Robust Testing Framework for Verifying Web Services by Completeness and Consistency Analysis. In: Proceedings of the IEEE International Workshop, pp. 159\u2013166. IEEE Computer Society, Washington (2005)"},{"key":"2_CR21","volume-title":"2nd International Workshop on Automation of Software Test","author":"T. Xie","year":"2007","unstructured":"Xie, T., Taneja, K., Kale, S., Marinov, D.: Towards a Framework for Differential Unit Testing of Object-Oriented Programs. In: 2nd International Workshop on Automation of Software Test. IEEE Computer Society, Minneapolis (2007)"},{"key":"2_CR22","first-page":"401","volume":"136","author":"R. Chen","year":"2008","unstructured":"Chen, R., Garde, S., Beale, T., Nystrom, M., Karlsson, D., Klein, G.O., Ahlfedlt, H.: An Archetype-based Testing Framework. J. Studies in Health Technology and Informatic\u00a0136, 401\u2013406 (2008)","journal-title":"J. Studies in Health Technology and Informatic"},{"key":"2_CR23","volume-title":"Symposium on Applied Computing","author":"J. Tang","year":"2010","unstructured":"Tang, J., Lo, E.: A Lightweight Framework For Testing Database Applications. In: Symposium on Applied Computing. ACM, New Zealand (2010)"},{"key":"2_CR24","doi-asserted-by":"publisher","first-page":"219","DOI":"10.1007\/3-540-28554-7_10","volume-title":"Model-Driven Software Development - Research and Practice in Software Engineering","author":"Y. Lin","year":"2005","unstructured":"Lin, Y., Zhang, J., Gray, J.: A Testing Framework for Model Transformations. In: Model-Driven Software Development - Research and Practice in Software Engineering, pp. 219\u2013236. Springer, Heidelberg (2005)"},{"key":"2_CR25","unstructured":"Werner, E., Grabowski, J., Troschutz, S., Zeiss, B.: A TTCN-3-based Web Service Test Framework. In: Software Engineering Workshops, pp. 375\u2013382 (2008)"},{"issue":"4","key":"2_CR26","doi-asserted-by":"publisher","first-page":"308","DOI":"10.1016\/j.cose.2004.09.011","volume":"24","author":"R. Villarroel","year":"2005","unstructured":"Villarroel, R., Fern\u00e1ndez-Medina, E., Piattini, M.: Secure Information Systems Development - A Survey And Comparison. J. Computers & Security\u00a024(4), 308\u2013321 (2005)","journal-title":"J. Computers & Security"},{"issue":"1","key":"2_CR27","doi-asserted-by":"publisher","first-page":"6","DOI":"10.1109\/COMST.2008.4483667","volume":"10","author":"V.M. Igure","year":"2008","unstructured":"Igure, V.M., Williams, R.D.: Taxonomies of Attacks and Vulnerabilities in Computer Systems. J. IEEE Communication Surveys & Tutorials\u00a010(1), 6\u201319 (2008)","journal-title":"J. IEEE Communication Surveys & Tutorials"},{"key":"2_CR28","doi-asserted-by":"publisher","first-page":"73","DOI":"10.1016\/j.jengtecman.2009.03.008","volume":"26","author":"J. Maatta","year":"2009","unstructured":"Maatta, J., Harkonen, J., Jokinen, T., Mottonen, M., Belt, P., Muhos, M., Haapasalo, H.: Managing Testing Activities In Telecommunications: A Case Study. J. Eng. Technol. Manage.\u00a026, 73\u201396 (2009)","journal-title":"J. Eng. Technol. Manage."},{"key":"2_CR29","unstructured":"Lamsweerde, A.v., Brohez, S., Landtsheer, R.D., Janssens, D.: From System Goals to Intruder Anti-Goals: Attack Generation and Resolution for Security Requirements Engineering. In: Requirements for High Assurance Systems, pp. 49\u201356 (2003)"},{"issue":"1","key":"2_CR30","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1145\/1125808.1125810","volume":"15","author":"D. Basin","year":"2006","unstructured":"Basin, D., Doser, J., Lodderstedt, T.: Model Driven Security: From UML Models To Access Control Infrastructures. ACM Transactions on Software Engineering and Methodology (TOSEM)\u00a015(1), 39\u201391 (2006)","journal-title":"ACM Transactions on Software Engineering and Methodology (TOSEM)"},{"key":"2_CR31","series-title":"LNCS","first-page":"175","volume-title":"Proceedings of the 3rd Workshop on Deception, Fraud and Trust in Agent Societies","author":"E. Yu","year":"2001","unstructured":"Yu, E., Liu, L.: Modelling Trust In The i* Strategic Actors Framework. In: Proceedings of the 3rd Workshop on Deception, Fraud and Trust in Agent Societies. LNCS, pp. 175\u2013194. Springer, London (2001)"},{"key":"2_CR32","doi-asserted-by":"publisher","first-page":"167","DOI":"10.1109\/RE.2005.43","volume-title":"13th IEEE International Conference on Requirements Engineering Proceedings","author":"P. Giorgini","year":"2005","unstructured":"Giorgini, P., Massacci, F., Mylopoulus, J., Zannone, N.: Modeling Security Requirements Through Ownership, Permission And Delegation. In: 13th IEEE International Conference on Requirements Engineering Proceedings, pp. 167\u2013176. IEEE Computer Society, USA (2005)"},{"key":"2_CR33","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1083200.1083214","volume-title":"Proceedings of the 2005 Workshop On Software Engineering For Secure Systems- Building Trustworthy Applications","author":"N.R. Mead","year":"2005","unstructured":"Mead, N.R., Stehney, T.: Security Quality Requirements Engineering (SQUARE) Methodology. In: Proceedings of the 2005 Workshop On Software Engineering For Secure Systems- Building Trustworthy Applications, pp. 1\u20137. ACM, New York (2005)"},{"issue":"2","key":"2_CR34","doi-asserted-by":"publisher","first-page":"244","DOI":"10.1016\/j.csi.2006.04.002","volume":"29","author":"D. Mellado","year":"2007","unstructured":"Mellado, D., Fern\u00e1ndez-Medina, E., Piattini, M.: A Common Criteria Based Security Requirements Engineering Process For The Development Of Secure Information Systems. Computer Standards & Interfaces\u00a029(2), 244\u2013253 (2007)","journal-title":"Computer Standards & Interfaces"},{"issue":"1","key":"2_CR35","doi-asserted-by":"publisher","first-page":"133","DOI":"10.1109\/TSE.2007.70754","volume":"34","author":"C.B. Haley","year":"2008","unstructured":"Haley, C.B., Laney, R., Moffett, J.D.: Security Requirements Engineering: A Framework for Representation and Analysis. IEEE Transactions on Software Engineering\u00a034(1), 133\u2013155 (2008)","journal-title":"IEEE Transactions on Software Engineering"}],"container-title":["Communications in Computer and Information Science","Software Engineering and Computer Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-22170-5_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,11,27]],"date-time":"2021-11-27T00:08:28Z","timestamp":1637971708000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-22170-5_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642221699","9783642221705"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-22170-5_2","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2011]]}}}