{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,26]],"date-time":"2025-10-26T14:28:18Z","timestamp":1761488898084},"reference-count":97,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2012,4,17]],"date-time":"2012-04-17T00:00:00Z","timestamp":1334620800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Requirements Eng"],"published-print":{"date-parts":[[2013,9]]},"DOI":"10.1007\/s00766-012-0153-4","type":"journal-article","created":{"date-parts":[[2012,4,16]],"date-time":"2012-04-16T05:47:12Z","timestamp":1334555232000},"page":"251-279","source":"Crossref","is-referenced-by-count":33,"title":["Evaluating the effectiveness of the security quality requirements engineering (SQUARE) method: a case study using smart grid advanced metering infrastructure"],"prefix":"10.1007","volume":"18","author":[{"given":"Husam","family":"Suleiman","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Davor","family":"Svetinovic","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2012,4,17]]},"reference":[{"key":"153_CR1","unstructured":"Ahl V (2005) An experimental comparison of five prioritization methods. Master\u2019s Thesis, School of Engineering, Blekinge Institute of Technology, Ronneby, Sweden"},{"key":"153_CR2","unstructured":"Akao Y (2004) Quality function deployment. Productivity Press, Cambridge"},{"key":"153_CR3","doi-asserted-by":"crossref","unstructured":"AlAbdulkarim L, Lukszo Z (2009) Smart metering for the future energy systems in the Netherlands. In: 4th IEEE international conference on critical infrastructures (CRIS), Link\u00f6ping, Sweden, pp 1\u20137. doi: 10.1109\/CRIS.2009.5071484","DOI":"10.1109\/CRIS.2009.5071484"},{"key":"153_CR4","doi-asserted-by":"crossref","unstructured":"Alawairdhi M, Aleisa E (2011) A scenario-based approach for requirements elicitation for software systems complying with the utilization of ubiquitous computing technologies. In: The 35th IEEE annual computer software and applications conference workshops (COMPSACW), Munich, Germany, pp 341\u2013344. doi: 10.1109\/COMPSACW.2011.63","DOI":"10.1109\/COMPSACW.2011.63"},{"issue":"4","key":"153_CR5","doi-asserted-by":"crossref","first-page":"439","DOI":"10.1007\/s00766-010-0110-z","volume":"15","author":"R Ali","year":"2010","unstructured":"Ali R, Dalpiaz F, Giorgini P (2010) A goal-based framework for contextual requirements modeling and analysis. Require Eng 15(4):439\u2013458","journal-title":"Requirements engineering"},{"key":"153_CR6","unstructured":"Allen W, Fletcher D, Fellhoelter K (2004) Securing critical information and communication infrastructures through electric power grid independence. In: The 25th IEEE international telecommunications energy conference (INTELEC\u201903), Yokohama, Japan, pp 170\u2013177"},{"key":"153_CR7","doi-asserted-by":"crossref","unstructured":"Amin M, Wollenberg B (2005) Toward a smart grid: power delivery for the 21st century. IEEE Power Energy Mag 3(5): 34\u201341. doi: 10.1109\/MPAE.2005.1507024","DOI":"10.1109\/MPAE.2005.1507024"},{"key":"153_CR8","unstructured":"Anderson G (1998) Fundamentals of educational research, vol 1. Routledge"},{"key":"153_CR9","unstructured":"Ant\u00f3n Al, Earp JB (2001) Strategies for developing policies and requirements for secure e-commerce systems. In: Ghosh AK (ed) Recent advances in e-commerce security and privacy. Kluwer Academic Publishers, pp 29\u201346"},{"key":"153_CR10","unstructured":"Beck K (2000) Extreme programming explained: embrace change. Addison-Wesley Professional"},{"key":"153_CR11","doi-asserted-by":"crossref","unstructured":"Bennett C, Highfill D (2008) Networking AMI smart meters. In: IEEE Energy 2030 conference, Atlanta, Georgia, pp 1\u20138. doi: 10.1109\/ENERGY.2008.4781067","DOI":"10.1109\/ENERGY.2008.4781067"},{"issue":"7","key":"153_CR12","doi-asserted-by":"crossref","first-page":"902","DOI":"10.1109\/32.29489","volume":"15","author":"B Boehm","year":"1989","unstructured":"Boehm B, Ross R (1989) Theory-w software project management principles and examples. IEEE Trans Softw Eng 15(7):902\u2013916","journal-title":"IEEE Trans Software Eng"},{"key":"153_CR13","unstructured":"Brackett J (1990) Software requirements. SEI Curriculum module SEI\u2013CM\u201319\u20131.2. Technical report, Software Engineering Institute, Carnegie Mellon University, Pittsburgh"},{"key":"153_CR14","doi-asserted-by":"crossref","unstructured":"Butler S (2002) Security attribute evaluation method: a cost-benefit approach. In: Proceedings of the 24th ACM international conference on software engineering. Orlando, Florida, pp 232\u2013240. doi: 10.1145\/581339.581370","DOI":"10.1145\/581339.581370"},{"issue":"4","key":"153_CR15","doi-asserted-by":"crossref","first-page":"273","DOI":"10.3233\/HSM-1989-8405","volume":"8","author":"P Checkland","year":"1989","unstructured":"Checkland P (1989) Soft system methodology. Human Syst Manage 8(4):273\u2013289","journal-title":"Human Systems Management"},{"key":"153_CR16","unstructured":"Chung L, Hung F, Hough E, Ojoko-Adams D, Mead N (2006) Security quality requirements engineering (SQUARE): case study phase III. Tech. rep., CMU\/SEI-2006-SR-003. Software Engineering Institute, Carnegie Mellon University, Pittsburgh"},{"key":"153_CR17","doi-asserted-by":"crossref","unstructured":"Cleveland F (2008) Cyber security issues for advanced metering infrastructure (AMI). In: IEEE Power and energy society general meeting-conversion and delivery of electrical energy in the 21st century. Pittsburgh, USA, pp 1\u20135. doi: 10.1109\/PES.2008.4596535","DOI":"10.1109\/PES.2008.4596535"},{"key":"153_CR18","doi-asserted-by":"crossref","unstructured":"Cornford S, Feather M, Hicks K (2001) DDP-A tool for life-cycle risk management. In: IEEE Proceedings of aerospace conference, vol 1. Big Sky, MT, pp 1\/441\u20131\/451. doi: 10.1109\/AERO.2001.931736","DOI":"10.1109\/AERO.2001.931736"},{"key":"153_CR19","unstructured":"Corporation M (2011) Glossary, MSDN, web service security: scenarios, patterns, and implementation guidance for web services enhancements (WSE) 3.0, December 2005. http:\/\/msdn.microsoft.com\/en-us\/library\/aa480547.aspx"},{"key":"153_CR20","unstructured":"Cox W, Considine T, Principal T (2009) Architecturally significant interfaces for the smart grid"},{"key":"153_CR21","unstructured":"Creswell J (2009) Research design: qualitative, quantitative, and mixed methods approaches. Sage Publications, London"},{"key":"153_CR22","doi-asserted-by":"crossref","unstructured":"Darimont R, Delor E, Massonet P, van Lamsweerde A (1997) Grail\/kaos: an environment for goal-driven requirements engineering. In: Proceedings of the 19th ACM international conference on software engineering (ICSE \u201997). Boston, Massachusetts, pp 612\u2013613. doi: 10.1145\/253228.253499","DOI":"10.1145\/253228.253499"},{"issue":"3","key":"153_CR23","doi-asserted-by":"crossref","first-page":"42","DOI":"10.1109\/MC.2003.1185216","volume":"36","author":"A Davis","year":"2003","unstructured":"Davis A (2003) The art of requirements triage. IEEE Computer 36(3):42\u201349. doi: 10.1109\/MC.2003.1185216","journal-title":"IEEE Computer"},{"key":"153_CR24","doi-asserted-by":"crossref","unstructured":"Davis A (2005) Just enough requirements management: where software development meets marketing","DOI":"10.1007\/11531371_1"},{"issue":"1","key":"153_CR25","doi-asserted-by":"crossref","first-page":"101","DOI":"10.1007\/s10550-007-0013-9","volume":"25","author":"F Den Braber","year":"2007","unstructured":"Den Braber F, Hogganvik I, Lund M, Stolen K, Vraalsen F (2007) Model-based security analysis in seven steps a guided tour to the CORAS method. BT Technol J 25(1):101\u2013117. doi: 10.1007\/s10550-007-0013-9","journal-title":"BT Technology Journal"},{"key":"153_CR26","unstructured":"Diallo M, Romero-Mariona J, Sim S, Richardson D (2006) A comparative evaluation of three approaches to specifying security requirements. In: 12th Working conference on requirements engineering: foundation for software quality (REFSQ \u201906). Luxembourg"},{"key":"153_CR27","doi-asserted-by":"crossref","unstructured":"Elahi G, Yu E (2007) A goal oriented approach for modeling and analyzing security trade-offs. In: Proceedings of the 26th international conference on Conceptual modeling, ER\u201907. Springer, Berlin, pp 375\u2013390. http:\/\/dl.acm.org\/citation.cfm?id=1784489.1784524","DOI":"10.1007\/978-3-540-75563-0_26"},{"issue":"3","key":"153_CR28","doi-asserted-by":"crossref","first-page":"1501","DOI":"10.1109\/TPWRD.2010.2046654","volume":"25","author":"G Ericsson","year":"2010","unstructured":"Ericsson G (2010) Cyber security and power system communication essential parts of a smart grid infrastructure. IEEE Trans Power Deliv 25(3):1501\u20131507","journal-title":"IEEE Trans Power Delivery"},{"issue":"1","key":"153_CR29","doi-asserted-by":"crossref","first-page":"7","DOI":"10.1007\/s00766-009-0092-x","volume":"15","author":"B Fabian","year":"2010","unstructured":"Fabian B, Gurses S, Heisel M, Santen T, Schmidt H (2010) A comparison of security requirements engineering methods. Require Eng 15(1):7\u201340","journal-title":"Requirements engineering"},{"issue":"1","key":"153_CR30","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1109\/MPE.2009.934876","volume":"8","author":"H Farhangi","year":"2009","unstructured":"Farhangi H (2009) The path of the smart grid. IEEE Power Energy Mag 8(1):18\u201328","journal-title":"IEEE Power Energ Mag"},{"key":"153_CR31","doi-asserted-by":"crossref","unstructured":"Fernandez E, Larrondo-Petrie M (2010) Designing secure SCADA systems using security patterns. In: 43rd IEEE Hawaii international conference on system sciences (HICSS). Poipu, Kauai, pp 1\u20138. doi: 10.1109\/HICSS.2010.139","DOI":"10.1109\/HICSS.2010.139"},{"key":"153_CR32","doi-asserted-by":"crossref","unstructured":"FitzPatrick G, Wollman D (2010) NIST interoperability framework and action plans. In: IEEE power and energy society general meeting, Minneapolis, pp 1\u20134. doi: 10.1109\/PES.2010.5589699","DOI":"10.1109\/PES.2010.5589699"},{"issue":"6","key":"153_CR33","doi-asserted-by":"crossref","first-page":"717","DOI":"10.1046\/j.1440-1614.2002.01100.x","volume":"36","author":"E Fossey","year":"2002","unstructured":"Fossey E, Harvey C, McDermott F, Davidson L (2002) Understanding and evaluating qualitative research. Aust NZ J Psych 36(6):717\u2013732","journal-title":"Aust N Z J Psychiatry"},{"issue":"5","key":"153_CR34","doi-asserted-by":"crossref","first-page":"40","DOI":"10.1109\/MPAE.2004.1338121","volume":"2","author":"C Gellings","year":"2004","unstructured":"Gellings C, Samotyj M, Howe B (2004) The future\u2019s smart delivery system [electric power supply]. IEEE Power Energy Mag 2(5):40\u201348","journal-title":"IEEE Power Energ Mag"},{"key":"153_CR35","unstructured":"Gordon D, Stehney T, Wattas N, Yu E (2005) System quality requirements engineering (SQUARE): case study on asset management system, phase II. Special rep., CMU\/SEI-2005-SR-005. Software Engineering Institute, Carnegie Mellon University, Pittsburgh"},{"key":"153_CR36","volume-title":"Risk modeling, assessment, and management","author":"Y Haimes","year":"2009","unstructured":"Haimes Y (2009) Risk modeling, assessment, and management. Wiley, London"},{"key":"153_CR37","doi-asserted-by":"crossref","unstructured":"Haley C, Laney R, Nuseibeh B (2004) Deriving security requirements from crosscutting threat descriptions. In: Proceedings of the 3rd ACM international conference on aspect-oriented software development (AOSD \u201904). Lancaster, UK, pp 112\u2013121. doi: 10.1145\/976270.976285","DOI":"10.1145\/976270.976285"},{"issue":"1","key":"153_CR38","doi-asserted-by":"crossref","first-page":"133","DOI":"10.1109\/TSE.2007.70754","volume":"34","author":"C Haley","year":"2008","unstructured":"Haley C, Laney R, Moffett J, Nuseibeh B (2008) Security requirements engineering: a framework for representation and analysis. IEEE Trans on Softw Eng 34(1):133\u2013153","journal-title":"IEEE Trans Software Eng"},{"key":"153_CR39","unstructured":"Hassan R, Radman G (2010) Survey on smart grid. In: Proceedings of the IEEE SoutheastCon (SoutheastCon), Charlotte-Concord, NC, pp 210\u2013213. doi: 10.1109\/SECON.2012.5453886"},{"issue":"2","key":"153_CR40","doi-asserted-by":"crossref","first-page":"307","DOI":"10.1046\/j.1365-2702.2003.00683.x","volume":"12","author":"D Horsburgh","year":"2003","unstructured":"Horsburgh D (2003) Evaluation of qualitative research. J Clin Nurs 12(2):307\u2013312","journal-title":"J Clin Nurs"},{"key":"153_CR41","unstructured":"Hubbard RP (1999) Design, implementation and evaluation of a process to structure the collection of software project requirements. Ph.D. thesis AAI9921957"},{"key":"153_CR42","doi-asserted-by":"crossref","unstructured":"Hubbard R, Schroeder C, Mead N (2000) An assessment of the relative efficiency of a facilitator-driven requirements collection process with respect to the conventional interview method. In: Proceedings of 4th IEEE international conference on requirements engineering. Schaumburg, IL, pp 178\u2013186. doi: 10.1109\/ICRE.2000.855608","DOI":"10.1109\/ICRE.2000.855608"},{"key":"153_CR43","unstructured":"Jacobson I, Christerson M, Jonsson P, Overgaard G (1992) Object-oriented software engineering: a use case driven approach. Addison-Wesley, Boston"},{"key":"153_CR44","doi-asserted-by":"crossref","unstructured":"Jakimi A, Sabraoui A, Badidi E, Idri A, El Koutbi M (2007) Use cases and scenarios engineering. In: 4th IEEE international conference on innovations in information technology (IIT \u201907), Dubai, United Arab Emirates, pp 521\u2013525. doi: 10.1109\/IIT.2007.4430418","DOI":"10.1109\/IIT.2007.4430418"},{"key":"153_CR45","volume-title":"Secure Systems Development with UML","author":"J Jrjens","year":"2010","unstructured":"Jrjens J (2010) Secure systems development with UML. Springer, Berlin"},{"key":"153_CR46","doi-asserted-by":"crossref","unstructured":"Kang K, Cohen S, Hess J, Novak W, Peterson A (1990) Feature-oriented domain analysis (FODA) feasibility study. Tech. rep., CMU\/SEI-90-TR-021. Software Engineering Institute, Carnegie Mellon University, Pittsburgh","DOI":"10.21236\/ADA235785"},{"key":"153_CR47","unstructured":"Karlsson J (1995) Towards a strategy for software requirements selection. Department of Computer and Information science, Linkoping University, Linkoping, Sweden, Licentiate thesis 513"},{"key":"153_CR48","doi-asserted-by":"crossref","unstructured":"Karlsson J (1996) Software requirements prioritizing. In: Proceedings of the 2nd IEEE international conference on requirements engineering (ICRE \u201996). Colorado Springs, Colorado, USA, pp 110\u2013116. doi: 10.1109\/ICRE.1996.491435","DOI":"10.1109\/ICRE.1996.491435"},{"issue":"5","key":"153_CR49","doi-asserted-by":"crossref","first-page":"67","DOI":"10.1109\/52.605933","volume":"14","author":"J Karlsson","year":"1997","unstructured":"Karlsson J, Ryan K (1997) A cost-value approach for prioritizing requirements. IEEE Software 14(5):67\u201374. doi: 10.1109\/52.605933","journal-title":"IEEE Software"},{"issue":"1","key":"153_CR50","doi-asserted-by":"crossref","first-page":"81","DOI":"10.1109\/MSP.2010.49","volume":"8","author":"H Khurana","year":"2010","unstructured":"Khurana H, Hadley M, Lu N, Frincke D (2010) Smart-Grid Security Issues. IEEE Secur Priv 8(1):81\u201385","journal-title":"IEEE Security & Privacy"},{"key":"153_CR51","unstructured":"Kunz W, Rittel H (1970) Issues as elements of information systems. Working Paper No 131, Institute of Urban and Regional Development, University of California, Berkeley, CA"},{"key":"153_CR52","unstructured":"Leffingwell D, Widrig D (2003) Managing software requirements: a use case approach. Addison-Wesley"},{"key":"153_CR53","unstructured":"Lipson H, Mead N, Moore A (2001) A risk-management approach to the design of survivable COTS-based systems"},{"key":"153_CR54","doi-asserted-by":"crossref","unstructured":"Liu L, Yu E, Mylopoulos J (2003) Security and privacy requirements analysis within a social setting. In: Proceedings of the 11th IEEE international requirements engineering conference. Monterey, California, pp 151\u2013161. doi: 10.1109\/ICRE.2003.1232746","DOI":"10.1109\/ICRE.2003.1232746"},{"key":"153_CR55","doi-asserted-by":"crossref","unstructured":"Lodderstedt T, Basin D, Doser J (2002) SecureUML: a UML-based modeling language for model-driven security. UML The Unified Modeling Language, Lecture Notes in Computer Science, Springer, vol 2460\/2002, pp 426\u2013441. doi: 10.1007\/3-540-45800-X_33","DOI":"10.1007\/3-540-45800-X_33"},{"key":"153_CR56","doi-asserted-by":"crossref","unstructured":"McLaughlin S, Podkuiko D, McDaniel P (2010) Energy theft in the advanced metering infrastructure. Critic Inform Infrastruct Secur, Lecture Notes in Computer Science, vol 6027\/2010, pp 176\u2013187. doi: 10.1007\/978-3-642-14379-3_15","DOI":"10.1007\/978-3-642-14379-3_15"},{"key":"153_CR57","doi-asserted-by":"crossref","unstructured":"Mead N, Stehney T (2005) Security quality requirements engineering (SQUARE) methodology. In: Proceedings of the ACM workshop on software engineering for secure systems building trustworthy applications, pp 1\u20137. doi: 10.1145\/1083200.1083214","DOI":"10.1145\/1083200.1083214"},{"key":"153_CR58","unstructured":"Mead N, Ellison R, Linger R, Longstaff T, McHugh J (2000) Survivable network analysis method. Tech. rep., CMU\/SEI-2000-TR-013. Software Engineering Institute, Carnegie Mellon University, Pittsburgh"},{"key":"153_CR59","doi-asserted-by":"crossref","unstructured":"Mead N, Viswanathan V, Padmanabhan D (2008) Incorporating security quality requirements engineering (SQUARE) into standard life-cycle models. Technical Note, CMU\/SEI-2008-TN-006. Software Engineering Institute, Carnegie Mellon University, Pittsburgh","DOI":"10.21236\/ADA482345"},{"key":"153_CR60","doi-asserted-by":"crossref","unstructured":"Moisiadis F (2000) Prioritising scenario evolution. In: Proceedings of the 4th IEEE international conference on requirements engineering. Schaumburg, IL, pp 85\u201394. doi: 10.1109\/ICRE.2000.855595","DOI":"10.1109\/ICRE.2000.855595"},{"key":"153_CR61","unstructured":"Moisiadis F, McRae A (2001) A requirements prioritisation tool. In: 6th Australian workshop on requirements engineering (AWRE 2001), Sydney, Australia"},{"key":"153_CR62","doi-asserted-by":"crossref","unstructured":"Moore A, Ellison R, Linger R (2001) Attack modeling for information security and survivability. Technical note, SEI-2001-TN-001. Software Engineering Institute, Carnegie Mellon University, Pittsburgh","DOI":"10.21236\/ADA387544"},{"issue":"2","key":"153_CR63","doi-asserted-by":"crossref","first-page":"285","DOI":"10.1142\/S0218194007003240","volume":"17","author":"H Mouratidis","year":"2007","unstructured":"Mouratidis H, Giorgini P (2007) Secure tropos: a security-oriented extension of the tropos methodology. Int J Softw Eng Knowl Eng 17(2):285\u2013309","journal-title":"Int J Software Eng Knowl Eng"},{"key":"153_CR64","doi-asserted-by":"crossref","unstructured":"Mouratidis H, Giorgini P (2009) Enhancing secure Tropos to effectively deal with security requirements in the development of multiagent systems. Safe Secur Multiagent Syst, Lecture Notes in Computer Science, vol 4324\/2009, pp 8\u201326. doi: 10.1007\/978-3-642-04879-1_2","DOI":"10.1007\/978-3-642-04879-1_2"},{"issue":"8","key":"153_CR65","doi-asserted-by":"crossref","first-page":"813","DOI":"10.1002\/int.20432","volume":"25","author":"H Mouratidis","year":"2010","unstructured":"Mouratidis H, Jurjens J (2010) From goal-driven security requirements engineering to secure design. Int J Intell Syst 25(8):813\u2013840","journal-title":"Int J Intell Syst"},{"key":"153_CR66","unstructured":"Mullery G (1979) CORE\u2014a method for controlled requirement specification. In: Proceedings of the 4th IEEE international conference on software engineering (ICSE \u201979). Munich, West Germany, pp 126\u2013135"},{"key":"153_CR67","unstructured":"National Security Agency IAM (2004) Information security assurance training and rating program (ISATRP). http:\/\/www.isatrp.org\/index.php"},{"key":"153_CR68","unstructured":"Network, telecom dictionary, encyclopedia\u2014NetworkDictionary: Information, computer and network security terms glossary and dictionary-d\u2014networkdictionary (2004\u20132011). http:\/\/www.networkdictionary.com\/security\/d.php"},{"key":"153_CR69","unstructured":"Office UGA (1999) Information security risk assessment: practices of leading organizations. No.: GAO\/AIMD-00-33, p 50"},{"key":"153_CR70","unstructured":"Ojoko-Adams D, Chen P, Dean M, Osman H, Lopez L, Xie N, Mead N (2004) System quality requirements engineering (SQUARE) methodology: case study on asset management system. Special Report, CMU\/SEI-2004-SR-015. Software Engineering Institute, Carnegie Mellon University, Pittsburgh"},{"issue":"1","key":"153_CR71","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1108\/01409170210782990","volume":"25","author":"J Rowley","year":"2002","unstructured":"Rowley J (2002) Using case studies in research. Manage Res News 25(1):16\u201327","journal-title":"Management Research News"},{"key":"153_CR72","unstructured":"Saaty T (1980) Analytic hierarchy process. McGraw-Hill, New York"},{"key":"153_CR73","unstructured":"Schiffrin D (1994) Approaches to discourse, vol 8. Wiley-Blackwell"},{"key":"153_CR74","doi-asserted-by":"crossref","unstructured":"Shein R (2010) Security Measures for Advanced Metering Infrastructure Components. In: IEEE Asia-Pacific power and energy engineering conference (APPEEC), Chengdu, China, pp 1\u20133. doi: 10.1109\/APPEEC.2010.5448261","DOI":"10.1109\/APPEEC.2010.5448261"},{"issue":"2","key":"153_CR75","doi-asserted-by":"crossref","first-page":"63","DOI":"10.3233\/EFI-2004-22201","volume":"22","author":"A Shenton","year":"2004","unstructured":"Shenton A (2004) Strategies for ensuring trustworthiness in qualitative research projects. Educ inform 22(2):63\u201376","journal-title":"Education for information"},{"key":"153_CR76","unstructured":"Sindre G, Opdahl A (2001) Capturing security requirements through misuse cases. Norsk Informatik konferanse (NIK \u201901). http:\/\/www.nik.no"},{"key":"153_CR77","doi-asserted-by":"crossref","unstructured":"Smart D (2002) Increase flexibility and security in prepayment, through the use of a separate consumer interface. In: 9th IET international conference on (Conf. Publ. No. 462) metering and tariffs for energy supply. Birmingham, UK, pp 242\u2013247. doi: 10.1049\/cp:19990145","DOI":"10.1049\/cp:19990145"},{"key":"153_CR78","unstructured":"Software Engineering Institute CMU (2010) SQUARE. https:\/\/buildsecurityin.us-cert.gov\/bsi\/articles\/best-practices\/requirements\/232-bsi.html"},{"key":"153_CR79","unstructured":"Software Engineering Institute CMU (2010) SQUARE. http:\/\/www.cert.org\/sse\/square\/square-faq.html"},{"key":"153_CR80","unstructured":"Software Engineering Institute CMU (2011) http:\/\/www.sei.cmu.edu\/"},{"key":"153_CR81","doi-asserted-by":"crossref","unstructured":"Stoneburner G, Goguen A, Feringa A (2002) Risk management guide for information technology systems. NIST special publication 800, 30","DOI":"10.6028\/NIST.SP.800-30"},{"key":"153_CR82","unstructured":"Stouffer K, Falco J, Scarfone K (2007) Guide to industrial control systems (ICS) security. NIST Special Publication 800, 82"},{"issue":"6","key":"153_CR83","doi-asserted-by":"crossref","first-page":"2104","DOI":"10.1109\/TIA.2009.2031848","volume":"45","author":"H Sui","year":"2009","unstructured":"Sui H, Wang H, Lu M, Lee W (2009) An AMI system for the deregulated electricity markets. IEEE Trans Indus Appl 45(6):2104\u20132108","journal-title":"IEEE Trans Ind Appl"},{"issue":"12","key":"153_CR84","doi-asserted-by":"crossref","first-page":"1072","DOI":"10.1109\/32.738340","volume":"24","author":"A Sutcliffe","year":"1998","unstructured":"Sutcliffe A, Maiden N, Minocha S, Manuel D (1998) Supporting scenario-based requirements engineering. IEEE Trans Softw Eng 24(12):1072\u20131088","journal-title":"IEEE Trans Software Eng"},{"key":"153_CR85","doi-asserted-by":"crossref","unstructured":"Ten C, Govindarasu M, Liu C (2007) Cybersecurity for electric power control and automation systems. In: IEEE international conference on systems, man and cybernetics ISIC. Montreal, Quebec, pp 29\u201334. doi: 10.1109\/ICSMC.2007.4414239","DOI":"10.1109\/ICSMC.2007.4414239"},{"key":"153_CR86","doi-asserted-by":"crossref","unstructured":"Ten CW, Liu CC, Govindarasu M (2007) Vulnerability assessment of cybersecurity for SCADA systems using attack trees. In: IEEE power engineering society general meeting. Tampa, Florida, pp 1\u20138. doi: 10.1109\/PES.2007.385876","DOI":"10.1109\/PES.2007.385876"},{"issue":"4","key":"153_CR87","doi-asserted-by":"crossref","first-page":"853","DOI":"10.1109\/TSMCA.2010.2048028","volume":"40","author":"C Ten","year":"2010","unstructured":"Ten C, Manimaran G, Liu C (2010) Cybersecurity for critical infrastructures: attack and defense modeling. IEEE Trans Syst Man Cybernet Part A Syst Humans 40(4):853\u2013865","journal-title":"IEEE Transactions on Systems, Man and Cybernetics, Part A: Systems and Humans"},{"key":"153_CR88","unstructured":"Van Lamsweerde A (2007) Engineering requirements for system reliability and security. NATO Secur Through Sci Series D-Inform Commun Secur 9:196"},{"key":"153_CR89","doi-asserted-by":"crossref","unstructured":"Wang H, Jia Z, Shen Z (2009) Research on security requirements engineering process. In: 16th International conference on industrial engineering and engineering management, IEEM \u201809. Beijing, China, pp 1285\u20131288. doi: 10.1109\/ICIEEM.2009.5344450","DOI":"10.1109\/ICIEEM.2009.5344450"},{"key":"153_CR90","unstructured":"Watts D (2003) Security and vulnerability in electric power systems. In: 35th North American power symposium (NAPS \u201903). University of Missouri Rolla in Rolla, Missouri, USA, pp 559\u2013566"},{"key":"153_CR91","doi-asserted-by":"crossref","unstructured":"Wei D, Lu Y, Jafari M, Skare P, Rohde K (2010) An integrated security system of protecting Smart Grid against cyber attacks. In: IEEE innovative smart grid technologies (ISGT). Gaithersburg, MD, pp 1\u20137. doi: 10.1109\/ISGT.2010.5434767","DOI":"10.1109\/ISGT.2010.5434767"},{"key":"153_CR92","unstructured":"Wiegers K (2003) Software requirements: practical techniques for gathering and managing requirements throughout the product development cycle. Microsoft Press"},{"key":"153_CR93","unstructured":"won Park J, Port D, Boehm B (1999) Supporting distributed collaborative prioritization for winwin requirements capture and negotiations. In: 3rd International world multiconference on systemics, cybernetics and informatics (SCI \u201999), IIIS, vol 2. Orlando, FL, pp 578\u2013584"},{"key":"153_CR94","volume-title":"Joint application design: how to design quality systems in 40 % less time","author":"J Wood","year":"1989","unstructured":"Wood J, Silver D (1989) Joint application design: how to design quality systems in 40 % less time. Wiley, New York"},{"key":"153_CR95","unstructured":"Wright D (2008) Threats and vulnerabilities. Safeguards in a World of Ambient Intelligence. Springer, pp 143\u2013178"},{"key":"153_CR96","unstructured":"Yin R (2003) Case study research: design and methods, volume 5 of applied social research methods series. Sage Publications, Thousand Oaks, USA"},{"key":"153_CR97","unstructured":"Yu E, Mylopoulos J (1998) Why goal-oriented requirements engineering. In: Proceedings of the 4th international workshop on requirements engineering: foundations of software quality. Pisa, Italy, pp 15\u201322"}],"container-title":["Requirements Engineering"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00766-012-0153-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00766-012-0153-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00766-012-0153-4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,7,5]],"date-time":"2020-07-05T23:41:42Z","timestamp":1593992502000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00766-012-0153-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012,4,17]]},"references-count":97,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2013,9]]}},"alternative-id":["153"],"URL":"https:\/\/doi.org\/10.1007\/s00766-012-0153-4","relation":{},"ISSN":["0947-3602","1432-010X"],"issn-type":[{"value":"0947-3602","type":"print"},{"value":"1432-010X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2012,4,17]]}}}