{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,17]],"date-time":"2026-04-17T02:46:30Z","timestamp":1776393990146,"version":"3.51.2"},"reference-count":51,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2009,11,17]],"date-time":"2009-11-17T00:00:00Z","timestamp":1258416000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Requirements Eng"],"published-print":{"date-parts":[[2010,3]]},"DOI":"10.1007\/s00766-009-0090-z","type":"journal-article","created":{"date-parts":[[2009,11,16]],"date-time":"2009-11-16T17:32:17Z","timestamp":1258392737000},"page":"41-62","source":"Crossref","is-referenced-by-count":78,"title":["A vulnerability-centric requirements engineering framework: analyzing security attacks, countermeasures, and requirements based on vulnerabilities"],"prefix":"10.1007","volume":"15","author":[{"given":"Golnaz","family":"Elahi","sequence":"first","affiliation":[]},{"given":"Eric","family":"Yu","sequence":"additional","affiliation":[]},{"given":"Nicola","family":"Zannone","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2009,11,17]]},"reference":[{"key":"90_CR1","volume-title":"Security engineering: a guide to building dependable distributed systems","author":"R Anderson","year":"2001","unstructured":"Anderson R (2001) Security engineering: a guide to building dependable distributed systems. Wiley, London"},{"key":"90_CR2","unstructured":"IBM Global Technology Services (2008) IBM internet security systems X-force 2007 trend statistics"},{"key":"90_CR3","unstructured":"National Vulnerability Database. http:\/\/www.nvd.nist.gov\/"},{"key":"90_CR4","unstructured":"SANS. http:\/\/www.sans.org\/"},{"key":"90_CR5","unstructured":"Common Weakness Enumeration. http:\/\/www.cwe.mitre.org\/"},{"key":"90_CR6","unstructured":"Common Vulnerability Scoring System. http:\/\/www.first.org\/cvss\/"},{"key":"90_CR7","volume-title":"Secure systems development with UML","author":"J J\u00fcrjens","year":"2004","unstructured":"J\u00fcrjens J (2004) Secure systems development with UML. Springer, Berlin"},{"key":"90_CR8","doi-asserted-by":"crossref","unstructured":"Liu L, Yu E, Mylopoulos J (2003) Security and privacy requirements analysis within a social setting. In: Proceedings of the 11th IEEE international conference on requirements engineering. IEEE Computer Society, pp 151\u2013161","DOI":"10.1109\/ICRE.2003.1232746"},{"issue":"4","key":"90_CR9","doi-asserted-by":"crossref","first-page":"257","DOI":"10.1007\/s10207-006-0005-7","volume":"5","author":"P Giorgini","year":"2006","unstructured":"Giorgini P, Massacci F, Mylopoulos J, Zannone N (2006) Requirements engineering for trust management: model, methodology, and reasoning. Int J Inf Secur 5(4):257\u2013274","journal-title":"Int J Inf Secur"},{"issue":"12","key":"90_CR10","first-page":"21","volume":"24","author":"B Schneier","year":"1999","unstructured":"Schneier B (1999) Attack trees. Dr. Dobb\u2019s J 24(12):21\u201329","journal-title":"Dr. Dobb\u2019s J"},{"issue":"1","key":"90_CR11","doi-asserted-by":"crossref","first-page":"34","DOI":"10.1007\/s00766-004-0194-4","volume":"10","author":"G Sindre","year":"2005","unstructured":"Sindre G, Opdahl AL (2005) Eliciting security requirements with misuse cases. Requir Eng 10(1):34\u201344","journal-title":"Requir Eng"},{"key":"90_CR12","doi-asserted-by":"crossref","unstructured":"van Lamsweerde A (2004) Elaborating security requirements by construction of intentional anti-models. In: Proceedings of the 26th international conference on software engineering. IEEE Computer Society, pp 148\u2013157","DOI":"10.1109\/ICSE.2004.1317437"},{"key":"90_CR13","doi-asserted-by":"crossref","unstructured":"Asnar Y, Moretti R, Sebastianis M, Zannone N (2008) Risk as dependability metrics for the evaluation of business solutions: a model-driven approach. In: Proceedings of the 3rd international conference on availability, reliability and security. IEEE Computer Society, pp 1240\u20131248","DOI":"10.1109\/ARES.2008.17"},{"key":"90_CR14","doi-asserted-by":"crossref","unstructured":"Matulevicius R, Mayer N, Mouratidis H, Dubois E, Heymans P, Genon N (2008) Adapting secure tropos for security risk management in the early phases of information systems development. In: Proceedings of the 20th international conference on advanced information systems engineering, LNCS 5074. Springer, pp 541\u2013555","DOI":"10.1007\/978-3-540-69534-9_40"},{"issue":"1","key":"90_CR15","doi-asserted-by":"crossref","first-page":"101","DOI":"10.1007\/s10550-007-0013-9","volume":"25","author":"F Braber","year":"2007","unstructured":"Braber F, Hogganvik I, Lund MS, Stolen K, Vraalsen F (2007) Model-based security analysis in seven steps\u2014a guided tour to the CORAS method. BT Technol J 25(1):101\u2013117","journal-title":"BT Technol J"},{"key":"90_CR16","doi-asserted-by":"crossref","unstructured":"den Braber F, Dimitrakos T, Gran BA, Lund MS, Stolen K, Aagedal JO (2003) The CORAS methodology: model-based risk assessment using UML and UP. In: UML and the unified process. IGI Publishing, Hershey, PA, pp 332\u2013357","DOI":"10.4018\/978-1-93177-744-5.ch017"},{"key":"90_CR17","doi-asserted-by":"crossref","unstructured":"Elahi G, Yu E (2007) A goal oriented approach for modeling and analyzing security trade-offs. In: Proceedings of 26th international conference on conceptual modeling, LNCS 4801. Springer, pp 375\u2013390","DOI":"10.1007\/978-3-540-75563-0_26"},{"key":"90_CR18","unstructured":"ISO\/IEC (2004) Management of information and communication technology security\u2014part 1: concepts and models for information and communication technology security management. ISO\/IEC 13335"},{"key":"90_CR19","unstructured":"Kissel ER (2005) Glossary of key information security terms. NIST IR 7298"},{"key":"90_CR20","volume-title":"Trust in cyberspace","year":"1998","unstructured":"Schneider FB (ed) (1998) Trust in cyberspace. National Academy Press, Washington"},{"key":"90_CR21","volume-title":"Beyond fear","author":"B Schneier","year":"2003","unstructured":"Schneier B (2003) Beyond fear. Springer, Berlin"},{"key":"90_CR22","doi-asserted-by":"crossref","unstructured":"McDermott JP (2000) Attack net penetration testing. In: Proceedings of the 2000 workshop on new security paradigms. ACM, pp 15\u201321","DOI":"10.1145\/366173.366183"},{"key":"90_CR23","doi-asserted-by":"crossref","unstructured":"Phillips C, Swiler LP (1998) A graph-based system for network-vulnerability analysis. In: Proceedings of the 1998 workshop on new security paradigms. ACM, pp 71\u201379","DOI":"10.1145\/310889.310919"},{"issue":"1","key":"90_CR24","doi-asserted-by":"crossref","first-page":"11","DOI":"10.1109\/TDSC.2004.2","volume":"1","author":"A Avizienis","year":"2004","unstructured":"Avizienis A, Laprie J-C, Randell B, Landwehr CE (2004) Basic concepts and taxonomy of dependable and secure computing. IEEE Trans Dependable Secur Comput 1(1):11\u201333","journal-title":"IEEE Trans Dependable Secur Comput"},{"key":"90_CR25","doi-asserted-by":"crossref","unstructured":"Massacci F, Mylopoulos J, Zannone N (2008) An ontology for secure socio-technical systems. In: Handbook of ontologies for business interaction, Chap. XI. The IDEA Group","DOI":"10.4018\/978-1-59904-660-0.ch011"},{"issue":"5","key":"90_CR26","doi-asserted-by":"crossref","first-page":"128","DOI":"10.1145\/1230819.1241693","volume":"50","author":"B Schneier","year":"2007","unstructured":"Schneier B (2007) The psychology of security. Commun ACM 50(5):128","journal-title":"Commun ACM"},{"issue":"5","key":"90_CR27","doi-asserted-by":"crossref","first-page":"445","DOI":"10.1016\/j.csi.2005.01.003","volume":"27","author":"F Massacci","year":"2005","unstructured":"Massacci F, Prest M, Zannone N (2005) Using a security requirements engineering methodology in practice: the compliance with the Italian data protection legislation. Comp Stand Interf 27(5):445\u2013455","journal-title":"Comp Stand Interf"},{"key":"90_CR28","unstructured":"Yu ESK (1995) Modeling strategic relationships for process reengineering. PhD thesis, University of Toronto"},{"key":"90_CR29","doi-asserted-by":"crossref","unstructured":"Sindre G, Opdahl AL (2007) Capturing dependability threats in conceptual modelling. In: Conceptual modelling in information systems engineering. Springer, pp 247\u2013260","DOI":"10.1007\/978-3-540-72677-7_15"},{"key":"90_CR30","unstructured":"Yu ESK (1997) Towards modeling and reasoning support for early-phase requirements engineering. In: Proceedings of the 3rd IEEE international conference on requirements engineering. IEEE Computer Society, pp 226\u2013235"},{"key":"90_CR31","volume-title":"Non-functional requirements in software engineering","year":"2000","unstructured":"Chung L, Nixon BA, Yu E, Mylopoulos J (eds) (2000) Non-functional requirements in software engineering. Kluwer, Dordrecht"},{"key":"90_CR32","unstructured":"Horkoff J (2006) Using i* models for evaluation. Master\u2019s thesis, University of Toronto"},{"key":"90_CR33","unstructured":"Vesely WE, Goldberg FF, Roberts N, Haasl DF (1981) Fault tree handbook. Technical Report NUREG-0492, U.S. Nuclear Regulatory Commission"},{"key":"90_CR34","volume-title":"Exploiting software: how to break code","author":"G Hoglund","year":"2004","unstructured":"Hoglund G, McGraw G (2004) Exploiting software: how to break code. Addison-Wesley Professional, Reading"},{"key":"90_CR35","doi-asserted-by":"crossref","unstructured":"Whittaker JA, Thompson H, Thompson HH, Thompson H (2003) How to break software security: effective techniques for security testing. Pearson","DOI":"10.1109\/MSECP.2003.1219078"},{"key":"90_CR36","volume-title":"Security patterns: integrating security and systems engineering","author":"M Schumacher","year":"2006","unstructured":"Schumacher M, Fernandez-Buglioni E, Hybertson D, Buschmann F, Sommerlad P (2006) Security patterns: integrating security and systems engineering. Wiley, London"},{"key":"90_CR37","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1016\/0167-6423(93)90021-G","volume":"20","author":"A Dardenne","year":"1993","unstructured":"Dardenne A, van Lamsweerde A, Fickas S (1993) Goal-directed requirements acquisition. Sci Comput Program 20:3\u201350","journal-title":"Sci Comput Program"},{"issue":"10","key":"90_CR38","doi-asserted-by":"crossref","first-page":"978","DOI":"10.1109\/32.879820","volume":"26","author":"A Lamsweerde van","year":"2000","unstructured":"van Lamsweerde A, Letier E (2000) Handling obstacles in goal-oriented requirements engineering. IEEE Trans Softw Eng 26(10):978\u20131005","journal-title":"IEEE Trans Softw Eng"},{"issue":"3","key":"90_CR39","doi-asserted-by":"crossref","first-page":"203","DOI":"10.1023\/B:AGNT.0000018806.20944.ef","volume":"8","author":"P Bresciani","year":"2004","unstructured":"Bresciani P, Giorgini P, Giunchiglia F, Mylopoulos J, Perini A (2004) TROPOS: an agent-oriented software development methodology. J Auton Agents Multi-Agent Syst 8(3):203\u2013236","journal-title":"J Auton Agents Multi-Agent Syst"},{"issue":"1","key":"90_CR40","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s10506-008-9067-3","volume":"17","author":"L Compagna","year":"2009","unstructured":"Compagna L, Khoury PE, Krausov\u00e1 A, Massacci F, Zannone N (2009) How to integrate legal requirements into a requirements engineering methodology for the development of security and privacy patterns. Artif Intell Law 17(1):1\u201330","journal-title":"Artif Intell Law"},{"key":"90_CR41","doi-asserted-by":"crossref","unstructured":"Massacci F, Zannone N (2008) A model-driven approach for the specification and analysis of access control policies. In: Proceedings of the OTM 2008 confederated international conferences, LNCS 5332. Springer, pp 1087\u20131103","DOI":"10.1007\/978-3-540-88873-4_11"},{"issue":"2","key":"90_CR42","doi-asserted-by":"crossref","first-page":"285","DOI":"10.1142\/S0218194007003240","volume":"17","author":"H Mouratidis","year":"2007","unstructured":"Mouratidis H, Giorgini P (2007) Secure tropos: a security-oriented extension of the tropos methodology. Int J Softw Eng Knowl Eng 17(2):285\u2013309","journal-title":"Int J Softw Eng Knowl Eng"},{"key":"90_CR43","doi-asserted-by":"crossref","unstructured":"Asnar Y, Giorgini P (2006) Modelling risk and identifying countermeasure in organizations. In: Proceedings of the 1st international workshop on critical information infrastructures security, LNCS 4347. Springer, pp 55\u201366","DOI":"10.1007\/11962977_5"},{"key":"90_CR44","unstructured":"Mayer N, Rifaut A, Dubois E (2005) Towards a risk-based security requirements engineering framework. In: Proceedings of the 11th workshop on requirements engineering for software quality"},{"key":"90_CR45","unstructured":"Mayer N, Heymans P, Matulevicius R (2007) Design of a modelling language for information system security risk management. In: Proceedings of the 1st international conference on research challenges in information science, pp 121\u2013132"},{"key":"90_CR46","unstructured":"Mayer N, Dubois E, Matulevicius R, Heymans P (2008) Towards a measurement framework for security risk management. In: Proceedings of modeling security workshop, 2008"},{"issue":"1","key":"90_CR47","doi-asserted-by":"crossref","first-page":"133","DOI":"10.1109\/TSE.2007.70754","volume":"34","author":"C Haley","year":"2008","unstructured":"Haley C, Laney R, Moffett J, Nuseibeh B (2008) Security requirements engineering: a framework for representation and analysis. IEEE Trans Softw Eng 34(1):133\u2013153","journal-title":"IEEE Trans Softw Eng"},{"key":"90_CR48","doi-asserted-by":"crossref","unstructured":"McDermott J, Fox C (1999) Using abuse case models for security requirements analysis. In: Proceedings of the 15th annual computer security applications conference. IEEE Computer Society, pp 55\u201366","DOI":"10.1109\/CSAC.1999.816013"},{"key":"90_CR49","unstructured":"Rostad L (2006) An extended misuse case notation: including vulnerabilities and the insider threat. In: Proceedings of the 12th working conference on requirements engineering: foundation for software quality"},{"issue":"1","key":"90_CR50","doi-asserted-by":"crossref","first-page":"93","DOI":"10.1016\/j.entcs.2008.11.008","volume":"220","author":"J J\u00fcrjens","year":"2008","unstructured":"J\u00fcrjens J (2008) Model-based security testing using UMLsec: a case study. Electron Notes Theoretical Comput Sci 220(1):93\u2013104","journal-title":"Electron Notes Theoretical Comput Sci"},{"key":"90_CR51","doi-asserted-by":"crossref","unstructured":"J\u00fcrjens J, Schreck J, Yu Y (2008) Automated analysis of permission-based security using UMLsec. In: Proceedings of 11th international conference on fundamental approaches to software engineering, LNCS 4961. Springer, pp 292\u2013295","DOI":"10.1007\/978-3-540-78743-3_21"}],"container-title":["Requirements Engineering"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00766-009-0090-z.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00766-009-0090-z\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00766-009-0090-z","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,29]],"date-time":"2019-05-29T01:59:27Z","timestamp":1559095167000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00766-009-0090-z"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009,11,17]]},"references-count":51,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2010,3]]}},"alternative-id":["90"],"URL":"https:\/\/doi.org\/10.1007\/s00766-009-0090-z","relation":{},"ISSN":["0947-3602","1432-010X"],"issn-type":[{"value":"0947-3602","type":"print"},{"value":"1432-010X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2009,11,17]]}}}