{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,6]],"date-time":"2026-01-06T13:27:46Z","timestamp":1767706066238},"reference-count":44,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2010,9,11]],"date-time":"2010-09-11T00:00:00Z","timestamp":1284163200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Requirements Eng"],"published-print":{"date-parts":[[2011,6]]},"DOI":"10.1007\/s00766-010-0112-x","type":"journal-article","created":{"date-parts":[[2010,9,10]],"date-time":"2010-09-10T04:02:50Z","timestamp":1284091370000},"page":"101-116","source":"Crossref","is-referenced-by-count":66,"title":["Goal-driven risk assessment in requirements engineering"],"prefix":"10.1007","volume":"16","author":[{"given":"Yudistira","family":"Asnar","sequence":"first","affiliation":[]},{"given":"Paolo","family":"Giorgini","sequence":"additional","affiliation":[]},{"given":"John","family":"Mylopoulos","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2010,9,11]]},"reference":[{"key":"112_CR1","doi-asserted-by":"crossref","unstructured":"Anton AI (1996) Goal-based requirements analysis. In: Proceedings of the 2nd IEEE international conference on requirements engineering (ICRE\u201996), IEEE Computer Society Press, Washington, DC, USA, p 136","DOI":"10.1109\/ICRE.1996.491438"},{"key":"112_CR2","doi-asserted-by":"crossref","unstructured":"Asnar Y, Giorgini P (2006) Modelling risk and identifying countermeasures in organizations. In: Proceedings of the 1st international workshop on critical information infrastructures security, Springer-Verlag, Lecture Notes in Computer Science, vol 4347, pp 55\u201366","DOI":"10.1007\/11962977_5"},{"key":"112_CR3","doi-asserted-by":"crossref","unstructured":"Asnar Y, Giorgini P (2008) Analyzing business continuity through a multi-layers modell. In: Proceedings of 6th international conference on business process management","DOI":"10.1007\/978-3-540-85758-7_17"},{"key":"112_CR4","unstructured":"Asnar Y, Bonato R, Bryl V, Campagna L, Dolinar K, Giorgini P, Holtmanns S, Klobucar T, Lanzi P, Latanicki J, Massacci F, Meduri V, Porekar J, Riccucci C, Saidane A, Seguran M, Yautsiukhin A, Zannone N (2006) Security and privacy requirements at organizational level. Project deliverable A1.D2.1, SERENITY consortium, EU-IST-IP 6th framework programme\u2014SERENITY 27587"},{"key":"112_CR5","doi-asserted-by":"crossref","unstructured":"Asnar Y, Bonato R, Giorgini P, Massacci F, Meduri V, Riccucci C, Saidane A (2007a) Secure and dependable patterns in organizations: an empirical approach. In: Proceedings of the 15th IEEE international requirements engineering conference, IEEE Computer Society Press, Oakland, CA","DOI":"10.1109\/RE.2007.19"},{"key":"112_CR6","doi-asserted-by":"crossref","unstructured":"Asnar Y, Giorgini P, Massacci F, Zannone N (2007b) From trust to dependability through risk analysis. In: Proceedings of the second international conference on availability, reliability and security, IEEE Press, New York","DOI":"10.1109\/ARES.2007.93"},{"key":"112_CR7","doi-asserted-by":"crossref","unstructured":"Asnar Y, Moretti R, Sebastianis M, Zannone N (2008) Risk as dependability metrics for the evaluation of business solutions: a model-driven approach. In: Proceedings of the third international conference on availability, reliability and security","DOI":"10.1109\/ARES.2008.17"},{"key":"112_CR8","doi-asserted-by":"crossref","DOI":"10.1017\/CBO9780511813597","volume-title":"Probabilistic risk analysis: foundations and methods","author":"T Bedford","year":"2001","unstructured":"Bedford T, Cooke R (2001) Probabilistic risk analysis: foundations and methods. Cambridge University Press, Cambridge"},{"issue":"1","key":"112_CR9","doi-asserted-by":"crossref","first-page":"32","DOI":"10.1109\/52.62930","volume":"8","author":"BW Boehm","year":"1991","unstructured":"Boehm BW (1991) Software risk management: principles and practices. IEEE Softw 8(1):32\u201341. doi: 10.1109\/52.62930","journal-title":"IEEE Softw"},{"key":"112_CR10","doi-asserted-by":"crossref","unstructured":"den Braber F, Dimitrakos T, Gran BA, Lund MS, St\u00f8len K, Aagedal J\u00d8 (2003) The CORAS methodology: model-based risk assessment using UML and UP. In: UML and the Unified Process, Idea Group Publishing, Hershey, pp 332\u2013357","DOI":"10.4018\/978-1-93177-744-5.ch017"},{"issue":"3","key":"112_CR11","doi-asserted-by":"crossref","first-page":"203","DOI":"10.1023\/B:AGNT.0000018806.20944.ef","volume":"8","author":"P Bresciani","year":"2004","unstructured":"Bresciani P, Perini A, Giorgini P, Giunchiglia F, Mylopoulos J (2004) Tropos: an agent-oriented software development methodology. J Auton Agent Multi Agent Syst 8(3):203\u2013236. doi: 10.1023\/B:AGNT.0000018806.20944.ef","journal-title":"J Auton Agent Multi Agent Syst"},{"key":"112_CR12","unstructured":"Butler S, Fischbeck P (2001) Multi-attribute risk assessment. Tech. Rep. CMU-CS-01-169, Carnegie Mellon University"},{"key":"112_CR13","doi-asserted-by":"crossref","unstructured":"Butler SA (2002) Security attribute evaluation method: a cost-benefit approach. In: Proceedings of the 24th international conference on software engineering, ACM Press, New York, NY, USA, pp 232\u2013240. doi: 10.1145\/581339.581370","DOI":"10.1145\/581339.581370"},{"key":"112_CR14","doi-asserted-by":"crossref","unstructured":"Carr MJ, Konda SL, Monarch I, Ulrich FC, Walker CF (1993) Taxonomy-based risk identification. Tech. Rep. CMU\/SEI-93-TR-6, Software Engineering Institute, Carnegie Mellon University","DOI":"10.21236\/ADA266992"},{"key":"112_CR15","doi-asserted-by":"crossref","DOI":"10.1007\/978-1-4615-5269-7","volume-title":"Non-functional requirements in software engineering","author":"LK Chung","year":"2000","unstructured":"Chung LK, Nixon BA, Yu E, Mylopoulos J (2000) Non-functional requirements in software engineering. Kluwer Academic Publishers, Dordrecht"},{"key":"112_CR16","doi-asserted-by":"crossref","unstructured":"Cornford SL, Feather MS, Heron VA, Jenkins JS (2006) Fusing quantitative requirements analysis with model-based systems engineering. In: Proceedings of the 14th IEEE international requirements engineering conference, IEEE Computer Society Press, Los Alamitos, CA, USA, pp 279\u2013284, doi: 10.1109\/RE.2006.24","DOI":"10.1109\/RE.2006.24"},{"issue":"1\u20132","key":"112_CR17","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1016\/0167-6423(93)90021-G","volume":"20","author":"A Dardenne","year":"1993","unstructured":"Dardenne A, van Lamsweerde A, Fickas S (1993) Goal-directed requirements acquisition. Sci Comput Program 20(1\u20132):3\u201350","journal-title":"Sci Comput Program"},{"key":"112_CR18","doi-asserted-by":"crossref","unstructured":"Feather MS (2004) Towards a unified approach to the representation of, and reasoning with, probabilistic risk information about software and its system interface. In: Proceedings of the 15th IEEE international symposium on software software reliability engineering, IEEE Computer Society Press, Silver Spring, MD, pp 391\u2013402","DOI":"10.1109\/ISSRE.2004.42"},{"issue":"1","key":"112_CR19","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/978-3-540-39733-5_1","volume":"1","author":"P Giorgini","year":"2003","unstructured":"Giorgini P, Mylopoulos J, Nicchiarelli E, Sebastiani R (2003) Formal reasoning techniques for goal models. J Data Semantics 1(1):1\u201320","journal-title":"J Data Semantics"},{"issue":"4","key":"112_CR20","doi-asserted-by":"crossref","first-page":"207","DOI":"10.1007\/s007660200016","volume":"7","author":"G Helmer","year":"2002","unstructured":"Helmer G, Wong J, Slagell M, Honavar V, Miller L, Lutz R (2002) A software fault tree approach to requirements analysis of an intrusion detection system. Requir Eng J 7(4):207\u2013220","journal-title":"Requir Eng J"},{"issue":"6","key":"112_CR21","doi-asserted-by":"crossref","first-page":"19","DOI":"10.2469\/faj.v60.n6.2669","volume":"60","author":"GA Holton","year":"2004","unstructured":"Holton GA (2004) Defining risk. Financ Anal J 60(6):19\u201325","journal-title":"Financ Anal J"},{"key":"112_CR22","unstructured":"ISO\/IEC (2002) Risk management-vocabulary-guidelines for use in standards. ISO\/IEC Guide 73"},{"key":"112_CR23","doi-asserted-by":"crossref","unstructured":"J\u00fcrjens J (2001) Towards secure systems development with UMLsec. In: Proceedings of the 4th international conference on fundamental approaches to software engineering, Springer, New York, pp 187\u2013200","DOI":"10.1007\/3-540-45314-8_14"},{"issue":"3","key":"112_CR24","doi-asserted-by":"crossref","first-page":"263","DOI":"10.1016\/S0951-8320(96)00100-7","volume":"55","author":"TA Kletz","year":"1997","unstructured":"Kletz TA (1997) HAZOP\u2014past and future. Reliab Eng Syst Saf 55(3):263\u2013266","journal-title":"Reliab Eng Syst Saf"},{"issue":"10","key":"112_CR25","doi-asserted-by":"crossref","first-page":"978","DOI":"10.1109\/32.879820","volume":"26","author":"A Lamsweerde van","year":"2000","unstructured":"van Lamsweerde A, Letier E (2000) Handling obstacles in goal-oriented requirements engineering. IEEE Trans Softw Eng 26(10):978\u20131005. doi: 10.1109\/32.879820","journal-title":"IEEE Trans Softw Eng"},{"key":"112_CR26","unstructured":"van Lamsweerde A, Brohez S, Landtsheer RD, Janssens D (2003) From system goals to intruder anti-goals: attack generation and resolution for security requirements engineering. In: Proceedings of the 2nd international workshop on requirements for high assurance systems"},{"key":"112_CR27","volume-title":"The delphi method: techniques and applications","author":"H Linstone","year":"1975","unstructured":"Linstone H, Turoff M (1975) The delphi method: techniques and applications. Addison-Wesley Pub. Co, Reading, MA"},{"key":"112_CR28","doi-asserted-by":"crossref","unstructured":"Liu L, Yu ESK, Mylopoulos J (2003) Security and privacy requirements analysis within a social setting. In: Proceedings of the 11th IEEE international requirements engineering conference, pp 151\u2013161","DOI":"10.1109\/ICRE.2003.1232746"},{"key":"112_CR29","doi-asserted-by":"crossref","unstructured":"Lodderstedt T, Basin D, Doser J (2002) SecureUML: A UML-based modeling language for model-driven security. In: Proceedings of the 5th international conference on the unified modeling language\u2014the language and its applications, Springer-Verlag, Lecture Notes in Computer Science, vol 2460, pp 426\u2013441","DOI":"10.1007\/3-540-45800-X_33"},{"issue":"1","key":"112_CR30","doi-asserted-by":"crossref","first-page":"459","DOI":"10.1023\/A:1018929719710","volume":"3","author":"RR Lutz","year":"1997","unstructured":"Lutz RR, Woodhouse RM (1997) Requirements analysis using forward and backward search. Ann Softw Eng 3(1):459\u2013475","journal-title":"Ann Softw Eng"},{"key":"112_CR31","unstructured":"Mayer N, Rifaut A, Dubois E (2005) Towards a risk-based security requirements engineering framework. In: Proceedings of the 11th international workshop on requirements engineering: foundation for software quality"},{"key":"112_CR32","unstructured":"Mayer N, Dobuis E, Rifaut A (2007) Requirements engineering for improving business\/IT alignment in security risk management methods. In: Proceedings of the 3rd international conference interoperability for enterprise software and applications"},{"key":"112_CR33","doi-asserted-by":"crossref","unstructured":"McDermott J, Fox C (1999) Using abuse case models for security requirements analysis. In: Proceedings of 15th annual computer security applications conference, Phoenix, AZ, USA, pp 55\u201364. doi: 10.1109\/CSAC.1999.816013","DOI":"10.1109\/CSAC.1999.816013"},{"key":"112_CR34","volume-title":"Security in computing","author":"CP Pfleeger","year":"2006","unstructured":"Pfleeger CP, Pfleeger SL (2006) Security in computing, 4th edn. Prentice-Hall, Englewood, Cliffs, NJ","edition":"4"},{"key":"112_CR35","unstructured":"Roy GG, Woodings TL (2000) A framework for risk analysis in software engineering. In: Proceedings of the seventh Asia-Pacific software engineering conference (APSEC \u201900), IEEE Computer Society Press, Washington, DC, USA, p 441"},{"issue":"24","key":"112_CR36","first-page":"21","volume":"12","author":"B Schneier","year":"1999","unstructured":"Schneier B (1999) Attack trees: modeling security threats. Dr Dobb\u00ef J 12(24):21\u201329","journal-title":"Dr Dobb\u00ef J"},{"key":"112_CR37","doi-asserted-by":"crossref","unstructured":"Sebastiani R, Giorgini P, Mylopoulos J (2004) Simple and minimum-cost satisfiability for goal models. In: Proceedings of the 16th conference on advanced information systems engineering, Springer-Verlag Heidelberg, Lecture Notes in Computer Science, vol 3084, pp 20\u201333. doi: 10.1007\/b98058","DOI":"10.1007\/b98058"},{"key":"112_CR38","doi-asserted-by":"crossref","DOI":"10.1515\/9780691214696","volume-title":"A mathematical theory of evidence","author":"G Shafer","year":"1976","unstructured":"Shafer G (1976) A mathematical theory of evidence. Princeton University Press, Princeton, NJ"},{"key":"112_CR39","volume-title":"Guide to advanced empirical software engineering","author":"F Shull","year":"2007","unstructured":"Shull F, Singer J, Sj\u00f8berg DIK (2007) Guide to advanced empirical software engineering. Springer, New York"},{"issue":"1","key":"112_CR40","doi-asserted-by":"crossref","first-page":"34","DOI":"10.1007\/s00766-004-0194-4","volume":"10","author":"G Sindre","year":"2005","unstructured":"Sindre G, Opdahl AL (2005) Eliciting security requirements with misuse cases. Requir Eng J 10(1):34\u201344. doi: 10.1007\/s00766-004-0194-4","journal-title":"Requir Eng J"},{"key":"112_CR41","volume-title":"Software engineering","author":"I Sommerville","year":"2004","unstructured":"Sommerville I (2004) Software engineering, 7th edn. Addison Wesley, Reading, MA","edition":"7"},{"key":"112_CR42","volume-title":"Fault tree handbook with aerospace applications","author":"M Stamatelatos","year":"2002","unstructured":"Stamatelatos M, Vesely W, Dugan J, Fragola J, Minarick J, Railsback J (2002) Fault tree handbook with aerospace applications. NASA"},{"key":"112_CR43","unstructured":"US-DoD (1980) Military standard, procedures for performing a failure mode, effects, and critical analysis. MIL-STD-1629A"},{"key":"112_CR44","unstructured":"Yu E (1995) Modelling strategic relationships for process engineering. PhD thesis, University of Toronto, Department of Computer Science"}],"container-title":["Requirements Engineering"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00766-010-0112-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00766-010-0112-x\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00766-010-0112-x","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,11,9]],"date-time":"2021-11-09T10:53:00Z","timestamp":1636455180000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00766-010-0112-x"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010,9,11]]},"references-count":44,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2011,6]]}},"alternative-id":["112"],"URL":"https:\/\/doi.org\/10.1007\/s00766-010-0112-x","relation":{},"ISSN":["0947-3602","1432-010X"],"issn-type":[{"value":"0947-3602","type":"print"},{"value":"1432-010X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2010,9,11]]}}}