{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,3]],"date-time":"2026-03-03T16:11:00Z","timestamp":1772554260354,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":35,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642272127","type":"print"},{"value":"9783642272134","type":"electronic"}],"license":[{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-27213-4_11","type":"book-chapter","created":{"date-parts":[[2012,1,11]],"date-time":"2012-01-11T19:55:51Z","timestamp":1326311751000},"page":"159-180","source":"Crossref","is-referenced-by-count":31,"title":["Integrating Manual and Automatic Risk Assessment for Risk-Based Testing"],"prefix":"10.1007","author":[{"given":"Michael","family":"Felderer","sequence":"first","affiliation":[]},{"given":"Christian","family":"Haisjackl","sequence":"additional","affiliation":[]},{"given":"Ruth","family":"Breu","sequence":"additional","affiliation":[]},{"given":"Johannes","family":"Motz","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"11_CR1","unstructured":"Merriam-Webster: Merriam-Webster Online Dictionary (2009), \n                    \n                      http:\/\/www.merriam-webster.com\/dictionary\/clear\n                    \n                    \n                   (accessed: July 12, 2011)"},{"issue":"3","key":"11_CR2","first-page":"28","volume":"5","author":"J. Bach","year":"2003","unstructured":"Bach, J.: Troubleshooting risk-based testing. Software Testing and Quality Engineering\u00a05(3), 28\u201333 (2003)","journal-title":"Software Testing and Quality Engineering"},{"issue":"2","key":"11_CR3","doi-asserted-by":"publisher","first-page":"98","DOI":"10.1109\/32.841112","volume":"26","author":"J. Ropponen","year":"2000","unstructured":"Ropponen, J., Lyytinen, K.: Components of software development risk: How to address them? a project manager survey. IEEE Transactions on Software Engineering\u00a026(2), 98\u2013112 (2000)","journal-title":"IEEE Transactions on Software Engineering"},{"issue":"3","key":"11_CR4","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1016\/S0164-1212(00)00017-0","volume":"53","author":"S. Pfleeger","year":"2000","unstructured":"Pfleeger, S.: Risky business: what we have yet to learn about risk management. Journal of Systems and Software\u00a053(3), 265\u2013273 (2000)","journal-title":"Journal of Systems and Software"},{"issue":"5","key":"11_CR5","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1109\/2.59","volume":"21","author":"B. Boehm","year":"1988","unstructured":"Boehm, B.: A spiral model of software development and enhancement. Computer\u00a021(5), 61\u201372 (1988)","journal-title":"Computer"},{"key":"11_CR6","doi-asserted-by":"crossref","unstructured":"Kontio, J.: Risk management in software development: a technology overview and the riskit method. In: Proceedings of the 21st International Conference on Software Engineering, pp. 679\u2013680. ACM (1999)","DOI":"10.1145\/302405.302954"},{"key":"11_CR7","volume-title":"Software Engineering Risk Management: A Just-in-Time Approach","author":"D. Karolak","year":"1995","unstructured":"Karolak, D., Karolak, N.: Software Engineering Risk Management: A Just-in-Time Approach. IEEE Computer Society Press, Los Alamitos (1995)"},{"issue":"3","key":"11_CR8","doi-asserted-by":"publisher","first-page":"287","DOI":"10.1016\/S0164-1212(00)00019-4","volume":"53","author":"S. Amland","year":"2000","unstructured":"Amland, S.: Risk-based testing: Risk analysis fundamentals and metrics for software testing including a financial application case study. Journal of Systems and Software\u00a053(3), 287\u2013295 (2000)","journal-title":"Journal of Systems and Software"},{"key":"11_CR9","first-page":"99","volume":"11","author":"J. Bach","year":"1999","unstructured":"Bach, J.: Heuristic risk-based testing. Software Testing and Quality Engineering Magazine\u00a011, 99 (1999)","journal-title":"Software Testing and Quality Engineering Magazine"},{"key":"11_CR10","doi-asserted-by":"crossref","unstructured":"Carr, M., Konda, S., Monarch, I., Ulrich, F., Walker, C.: Taxonomy-based risk identification. Carnegie-Mellon University of Pittsburgh (1993)","DOI":"10.21236\/ADA266992"},{"key":"11_CR11","doi-asserted-by":"crossref","unstructured":"Stallbaum, H., Metzger, A., Pohl, K.: An automated technique for risk-based test case generation and prioritization. In: Proceedings of the 3rd International Workshop on Automation of software Test. ACM (2008)","DOI":"10.1145\/1370042.1370057"},{"key":"11_CR12","unstructured":"Stallbaum, H., Metzger, A.: Employing Requirements Metrics for Automating Early Risk Assessment. In: Proc. of MeReP 2007, Palma de Mallorca, Spain, pp. 1\u201312 (2007)"},{"key":"11_CR13","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-12323-8","volume-title":"Model-driven Risk Analysis","author":"M.S. Lund","year":"2011","unstructured":"Lund, M.S., Solhaug, B., Stolen, K.: Model-driven Risk Analysis. Springer, Heidelberg (2011)"},{"key":"11_CR14","doi-asserted-by":"crossref","unstructured":"Lee, W., Grosh, D., Tillman, F.: Fault tree analysis, methods, and applications - a review. IEEE Transactions on Reliability (1985)","DOI":"10.1109\/TR.1985.5222114"},{"key":"11_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1007\/11734727_17","volume-title":"Information Security and Cryptology - ICISC 2005","author":"S. Mauw","year":"2006","unstructured":"Mauw, S., Oostdijk, M.: Foundations of Attack Trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol.\u00a03935, pp. 186\u2013198. Springer, Heidelberg (2006)"},{"issue":"1","key":"11_CR16","doi-asserted-by":"publisher","first-page":"58","DOI":"10.1109\/MS.2003.1159030","volume":"20","author":"I. Alexander","year":"2003","unstructured":"Alexander, I.: Misuse cases: Use cases with hostile intent. IEEE Software\u00a020(1), 58\u201366 (2003)","journal-title":"IEEE Software"},{"key":"11_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1007\/11962977_5","volume-title":"Critical Information Infrastructures Security","author":"Y. Asnar","year":"2006","unstructured":"Asnar, Y., Giorgini, P.: Modelling Risk and Identifying Countermeasure in Organizations. In: L\u00f3pez, J. (ed.) CRITIS 2006. LNCS, vol.\u00a04347, pp. 55\u201366. Springer, Heidelberg (2006)"},{"key":"11_CR18","unstructured":"McCall, J., Richards, P.K., Walters, G.F.: Factors in software quality. Technical report, NTIS, Vol 1, 2 and 3 (1997)"},{"key":"11_CR19","doi-asserted-by":"crossref","unstructured":"Haimes, Y.Y.: Risk Modeling, Assessment, and Management. Wiley (2004)","DOI":"10.1002\/0471723908"},{"key":"11_CR20","doi-asserted-by":"crossref","unstructured":"Nagappan, N., Ball, T., Zeller, A.: Mining metrics to predict component failures. In: Proceedings of the 28th International Conference on Software Engineering. ACM (2006)","DOI":"10.1145\/1134285.1134349"},{"key":"11_CR21","doi-asserted-by":"crossref","unstructured":"Illes-Seifert, T., Paech, B.: Exploring the relationship of a file\u2019s history and its fault-proneness: An empirical method and its application to open source programs. Information and Software Technology\u00a052(5) (2010)","DOI":"10.1016\/j.infsof.2009.11.010"},{"key":"11_CR22","doi-asserted-by":"crossref","unstructured":"McCabe, T.: A complexity measure. IEEE Transactions on software Engineering, 308\u2013320 (1976)","DOI":"10.1109\/TSE.1976.233837"},{"key":"11_CR23","doi-asserted-by":"crossref","unstructured":"Jiang, Y., Cuki, B., Menzies, T., Bartlow, N.: Comparing design and code metrics for software quality prediction. In: Proceedings of the 4th International Workshop on Predictor Models in Software Engineering, pp. 11\u201318. ACM (2008)","DOI":"10.1145\/1370788.1370793"},{"key":"11_CR24","unstructured":"NIST: National Vulnerability Database, \n                    \n                      http:\/\/nvd.nist.gov\/\n                    \n                    \n                   (accessed: July 12, 2011)"},{"key":"11_CR25","unstructured":"The Open Source Vulnerability Database, \n                    \n                      http:\/\/osvdb.org\/\n                    \n                    \n                   (accessed: July 12, 2011)"},{"key":"11_CR26","doi-asserted-by":"crossref","unstructured":"Frei, S., May, M., Fiedler, U., Plattner, B.: Large-scale vulnerability analysis. In: Proceedings of the 2006 SIGCOMM Workshop on Large-Scale Attack Defense, pp. 131\u2013138. ACM (2006)","DOI":"10.1145\/1162666.1162671"},{"issue":"6","key":"11_CR27","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1109\/MSP.2006.145","volume":"4","author":"P. Mell","year":"2006","unstructured":"Mell, P., Scarfone, K., Romanosky, S.: Common vulnerability scoring system. IEEE Security & Privacy\u00a04(6), 85\u201389 (2006)","journal-title":"IEEE Security & Privacy"},{"key":"11_CR28","unstructured":"Spillner, A., Linz, T., Rossner, T., Winter, M.: Software Testing Practice: Test Management. Dpunkt (2007)"},{"key":"11_CR29","unstructured":"van Veenendaal, E.: Practical risk\u2013based testing, product risk management: the prisma method. Technical report, Improve Quality Services BV (2009)"},{"key":"11_CR30","unstructured":"CAST, \n                    \n                      http:\/\/www.castsoftware.com\/\n                    \n                    \n                   (accessed: July 12, 2011)"},{"key":"11_CR31","unstructured":"Understand, \n                    \n                      http:\/\/www.scitools.com\/\n                    \n                    \n                   (accessed: July 12, 2011)"},{"key":"11_CR32","unstructured":"Sonar, \n                    \n                      http:\/\/www.sonarsource.org\/\n                    \n                    \n                   (accessed: July 12, 2011)"},{"key":"11_CR33","unstructured":"iPlasma, \n                    \n                      http:\/\/loose.upt.ro\/iplasma\/index.html\n                    \n                    \n                   (accessed: July 12, 2011)"},{"issue":"14","key":"11_CR34","doi-asserted-by":"publisher","first-page":"801","DOI":"10.1016\/S0950-5849(98)00098-6","volume":"40","author":"M. Zhao","year":"1998","unstructured":"Zhao, M., Ohlsson, N., Wohlin, C., Xie, M.: A comparison between software design and code metrics for the prediction of software fault content. Information and Software Technology\u00a040(14), 801\u2013810 (1998)","journal-title":"Information and Software Technology"},{"key":"11_CR35","doi-asserted-by":"crossref","unstructured":"Nagappan, N., Ball, T.: Static analysis tools as early indicators of pre-release defect density. In: Proceedings of the 27th International Conference on Software Engineering, pp. 580\u2013586. ACM (2005)","DOI":"10.1145\/1062455.1062558"}],"container-title":["Lecture Notes in Business Information Processing","Software Quality. Process Automation in Software Development"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-27213-4_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,20]],"date-time":"2019-05-20T19:01:51Z","timestamp":1558378911000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-27213-4_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642272127","9783642272134"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-27213-4_11","relation":{},"ISSN":["1865-1348","1865-1356"],"issn-type":[{"value":"1865-1348","type":"print"},{"value":"1865-1356","type":"electronic"}],"subject":[],"published":{"date-parts":[[2012]]}}}