{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,7]],"date-time":"2026-03-07T08:35:01Z","timestamp":1772872501881,"version":"3.50.1"},"reference-count":48,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2013,12,3]],"date-time":"2013-12-03T00:00:00Z","timestamp":1386028800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Requirements Eng"],"published-print":{"date-parts":[[2015,6]]},"DOI":"10.1007\/s00766-013-0195-2","type":"journal-article","created":{"date-parts":[[2013,12,2]],"date-time":"2013-12-02T14:52:56Z","timestamp":1385995976000},"page":"163-180","source":"Crossref","is-referenced-by-count":115,"title":["A descriptive study of Microsoft\u2019s threat modeling technique"],"prefix":"10.1007","volume":"20","author":[{"given":"Riccardo","family":"Scandariato","sequence":"first","affiliation":[]},{"given":"Kim","family":"Wuyts","sequence":"additional","affiliation":[]},{"given":"Wouter","family":"Joosen","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2013,12,3]]},"reference":[{"key":"195_CR1","doi-asserted-by":"crossref","unstructured":"Avgeriou P, Grundy J, Hall J, Lago, P, Mistrik I (eds) (2011) Relating software requirements and architectures. Springer, Berlin","DOI":"10.1007\/978-3-642-21001-3"},{"key":"195_CR2","doi-asserted-by":"crossref","unstructured":"Berander P (2004) Using students as subjects in requirements prioritization. In: International symposium on empirical software engineering (ISESE)","DOI":"10.1109\/ISESE.2004.1334904"},{"key":"195_CR3","doi-asserted-by":"crossref","unstructured":"Carver J, Jaccheri L, Morasca S (2010) A checklist for integrating student empirical studies with research and teaching goals. Empir Softw Eng 15(1):35\u201359","DOI":"10.1007\/s10664-009-9109-9"},{"key":"195_CR4","unstructured":"Chandra P, Wohleber T, Feragamo J, Williams J (2007) CLASP v1.2: comprehensive, lightweight application security process. Tech. rep., OWASP"},{"key":"195_CR5","volume-title":"Evaluating software architectures: methods and case studies","author":"P Clements","year":"2001","unstructured":"Clements P, Kazman R, Klein M (2001) Evaluating software architectures: methods and case studies. Addison-Wesley, Reading"},{"issue":"1","key":"195_CR6","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1007\/s00766-010-0115-7","volume":"16","author":"M Deng","year":"2011","unstructured":"Deng M, Wuyts K, Scandariato R, Preneel B, Joosen W (2011) A privacy threat analysis framework. Requir Eng 16(1):3\u201332","journal-title":"Requir Eng"},{"key":"195_CR7","doi-asserted-by":"crossref","unstructured":"Dhillon D (2011) Developer-driven threat modeling: lessons learned in the trenches. IEEE Secur Priv 9(4):41\u201347","DOI":"10.1109\/MSP.2011.47"},{"key":"195_CR8","unstructured":"Diallo M, Romero-Mariona J, Sim SE, Alspaugh T, Richardson D (2006) A comparative evaluation of three approaches to specifying security requirements. In: Working conference on requirements engineering: foundation for software quality (REFSQ)"},{"issue":"1","key":"195_CR9","doi-asserted-by":"crossref","first-page":"7","DOI":"10.1007\/s00766-009-0092-x","volume":"15","author":"B Fabian","year":"2010","unstructured":"Fabian B, G\u00fcrses S, Heisel M, Santen T, Schmidt H (2010) A comparison of security requirements engineering methods. Requir Eng 15(1):7\u201340","journal-title":"Requir Eng"},{"key":"195_CR10","doi-asserted-by":"crossref","first-page":"145","DOI":"10.1016\/S0140-6736(02)07373-7","volume":"359","author":"D Grimes","year":"2002","unstructured":"Grimes D, Schulz K (2002) Descriptive studies: what they can and cannot do. Lancet 359:145\u2013149","journal-title":"Lancet"},{"issue":"1","key":"195_CR11","doi-asserted-by":"crossref","first-page":"133","DOI":"10.1109\/TSE.2007.70754","volume":"34","author":"C Haley","year":"2008","unstructured":"Haley C, Laney R, Moffett J, Nuseibeh B (2008) Security requirements engineering: a framework for representation and analysis. IEEE Trans Softw Eng 34(1):133\u2013153","journal-title":"IEEE Trans Softw Eng"},{"key":"195_CR12","doi-asserted-by":"crossref","unstructured":"Hatebur D, Heisel M, Schmidt H (2007) A pattern system for security requirements engineering. In: International conference on availability, reliability and security (ARES)","DOI":"10.1109\/ARES.2007.12"},{"key":"195_CR13","unstructured":"Hernan S, Lambert S, Ostwald T, Shostack A (2006) Uncover security design flaws using the STRIDE approach. MSDN Mag. http:\/\/msdn.microsoft.com\/en-us\/magazine\/cc163519.aspx"},{"key":"195_CR14","doi-asserted-by":"crossref","unstructured":"Heyman T, Yskout K, Scandariato R, Schmidt H, Yu Y (2011) The security twin peaks. In: International symposium on engineering secure software and systems (ESSoS)","DOI":"10.1007\/978-3-642-19125-1_13"},{"key":"195_CR15","doi-asserted-by":"crossref","unstructured":"Hogganvik I, St\u00f8len K (2005) On the comprehension of security risk scenarios. In: International workshop on program comprehension (IWPC)","DOI":"10.1109\/WPC.2005.27"},{"key":"195_CR16","doi-asserted-by":"crossref","unstructured":"Hogganvik I, St\u00f8len K (2006) A graphical approach to risk identification motivated by empirical investigations. In: International conference on model driven engineering languages and systems (MoDELS)","DOI":"10.1007\/11880240_40"},{"issue":"5","key":"195_CR17","first-page":"916","volume":"51","author":"I Hogganvik","year":"2009","unstructured":"Hogganvik I, Lund M, St\u00f8len K (2009) Reducing the effort to comprehend risk models: textlabels are often preferred over graphical means. Risk Anal 51(5):916\u2013932","journal-title":"Risk Anal"},{"key":"195_CR18","doi-asserted-by":"crossref","unstructured":"H\u00f6st M, Regnell B, Wohlin C (2000) Using students as subjects\u2014a comparative study of students and professionals in lead-time impact assessment. J Empir Softw Eng 5(3):201\u2013214","DOI":"10.1023\/A:1026586415054"},{"key":"195_CR19","volume-title":"The security development lifecycle","author":"M Howard","year":"2006","unstructured":"Howard M, Lipner S (2006) The security development lifecycle. Microsoft Press, Redmond"},{"issue":"1","key":"195_CR20","doi-asserted-by":"crossref","first-page":"28","DOI":"10.1109\/MS.2008.25","volume":"25","author":"J Ingalsbe","year":"2008","unstructured":"Ingalsbe J, Kunimatsu L, Baeten T, Mead N (2008) Threat modeling: diving into the deep end. IEEE Softw 25(1):28\u201334","journal-title":"IEEE Softw"},{"key":"195_CR21","unstructured":"Johnstone M (2010) Threat modelling with STRIDE and UML. In: Australian information security management conference"},{"key":"195_CR22","doi-asserted-by":"crossref","unstructured":"Karpati P, Opdahl A, Sindre G (2011) Experimental comparison of misuse case maps with misuse cases and system architecture diagrams for eliciting security vulnerabilities and mitigations. In: International conference on availability, reliability and security (ARES)","DOI":"10.1109\/ARES.2011.77"},{"key":"195_CR23","doi-asserted-by":"crossref","unstructured":"Karpati P, Sindre G, Matulevicius R (2012) Comparing misuse case and mal-activity diagrams for modelling social engineering attacks. Int J Secur Softw Eng 3(2):54\u201373","DOI":"10.4018\/jsse.2012040103"},{"key":"195_CR24","unstructured":"KU Leuven DigiNews project. http:\/\/goo.gl\/M6xkF"},{"key":"195_CR25","doi-asserted-by":"crossref","unstructured":"Massacci F, Mylopoulos J, Zannone N (2010) Security requirements engineering: the SI* modeling language and the secure tropos methodology. In: Ras ZW, Tsay LS (eds) Advances in intelligent information systems. Springer, New York, pp 147\u2013174","DOI":"10.1007\/978-3-642-05183-8_6"},{"key":"195_CR26","doi-asserted-by":"crossref","DOI":"10.1109\/ISSRE.2006.43","volume-title":"Software security: building security in","author":"G McGraw","year":"2006","unstructured":"McGraw G (2006) Software security: building security in. Addison-Wesley, Reading"},{"key":"195_CR27","unstructured":"McGraw G, Migues S, West J (2013) Building security in maturity model (BSIMM-V). Tech. rep., Cigital"},{"key":"195_CR28","doi-asserted-by":"crossref","unstructured":"Meland P, T\u00f8ndel I, Jensen J (2010) Idea: reusability of threat models\u2014two approaches with an experimental evaluation. In: Engineering secure software and systems (ESSoS)","DOI":"10.1007\/978-3-642-11747-3_9"},{"issue":"4","key":"195_CR29","doi-asserted-by":"crossref","first-page":"153","DOI":"10.1016\/j.csi.2010.01.006","volume":"32","author":"D Mellado","year":"2010","unstructured":"Mellado D, Blanco C, Sanchez LE, Fernandez-Medina E (2010) A systematic review of security requirements engineering. Comput Stand Interface 32(4):153\u2013165","journal-title":"Comput Stand Interface"},{"issue":"2","key":"195_CR30","doi-asserted-by":"crossref","first-page":"285","DOI":"10.1142\/S0218194007003240","volume":"17","author":"H Mouratidis","year":"2007","unstructured":"Mouratidis H, Giorgini P (2007) Secure Tropos: a security-oriented extension of the tropos methodology. Int J Softw Eng Knowl Eng 17(2):285\u2013309","journal-title":"Int J Softw Eng Knowl Eng"},{"key":"195_CR31","unstructured":"Myagmar S, Lee A, Yurcik W (2005) Threat modeling as a basis for security requirements. In: Symposium on requirements engineering for information security (SREIS)"},{"key":"195_CR32","doi-asserted-by":"crossref","unstructured":"Nuseibeh B (2001) Weaving together requirements and architectures. IEEE Comput 34(3):115\u2013119","DOI":"10.1109\/2.910904"},{"issue":"5","key":"195_CR33","doi-asserted-by":"crossref","first-page":"916","DOI":"10.1016\/j.infsof.2008.05.013","volume":"51","author":"AL Opdahl","year":"2009","unstructured":"Opdahl AL, Sindre G (2009) Experimental comparison of attack trees and misuse cases for security threat identification. Inf Softw Technol 51(5):916\u2013932","journal-title":"Inf Softw Technol"},{"key":"195_CR34","unstructured":"OWASP Mobile security project: mobile threat model. https:\/\/www.owasp.org\/index.php\/OWASP_Mobile_Security_Project"},{"key":"195_CR35","doi-asserted-by":"crossref","unstructured":"Paja E, Dalpiaz F, Poggianella M, Roberti P, Giorgini P (2012) STS-Tool: socio-technical security requirements through social commitments. In: International conference on requirements engineering (RE)","DOI":"10.1109\/RE.2012.6345830"},{"key":"195_CR36","unstructured":"Runeson P (2003) Using students as experiment subjects\u2014an analysis on graduate and freshmen student data. In: International conference on empirical assessment in software engineering (EASE)"},{"key":"195_CR37","unstructured":"Scandariato R, Wuyts K, Joosen W Experimental material. https:\/\/sites.google.com\/site\/descriptivestudy\/"},{"key":"195_CR38","doi-asserted-by":"crossref","unstructured":"Schaad A, Borozdin M (2012) TAM2: automated threat analysis. In: Annual ACM symposium on applied computing (SAC)","DOI":"10.1145\/2245276.2231950"},{"key":"195_CR39","unstructured":"Schneier B (1999) Attack trees. Dr. Dobb\u2019s J 24(12):21\u201329"},{"key":"195_CR40","unstructured":"Shostack A (2008) Experiences threat modeling at Microsoft. In: Workshop on modeling security (ModSec)"},{"key":"195_CR41","doi-asserted-by":"crossref","unstructured":"Shostack A (2009) Getting started with the SDL threat modeling tool. MSDN Mag. http:\/\/msdn.microsoft.com\/en-us\/magazine\/dd347831.aspx","DOI":"10.1016\/S1353-4858(09)70008-X"},{"issue":"1","key":"195_CR42","doi-asserted-by":"crossref","first-page":"34","DOI":"10.1007\/s00766-004-0194-4","volume":"10","author":"G Sindre","year":"2005","unstructured":"Sindre G, Opdahl AL (2005) Eliciting security requirements with misuse cases. Requir Eng 10(1):34\u201344","journal-title":"Requir Eng"},{"key":"195_CR43","unstructured":"Sindre G, Opdahl, AL (2002) Templates for misuse case description. In: Workshop on requirements engineering: foundations for software quality (REFSQ)"},{"key":"195_CR44","doi-asserted-by":"crossref","unstructured":"Svahnberg M, Aurum A, Wohlin C (2008) Using students as subjects\u2014an empirical evaluation. In: International symposium on empirical software engineering and measurement (ESEM)","DOI":"10.1145\/1414004.1414055"},{"key":"195_CR45","doi-asserted-by":"crossref","unstructured":"Tichy W (2000) Hints for reviewing empirical work in software engineering. Empir Softw Eng 5(4):309\u2013312","DOI":"10.1023\/A:1009844119158"},{"key":"195_CR46","doi-asserted-by":"crossref","unstructured":"Torr P (2005) Demystifying the threat-modeling process. IEEE Secur Priv 3(5):66\u201370","DOI":"10.1109\/MSP.2005.119"},{"key":"195_CR47","doi-asserted-by":"crossref","unstructured":"Van Lamsweerde A (2004) Elaborating security requirements by construction of intentional anti-models. In: International conference on software engineering (ICSE)","DOI":"10.1109\/ICSE.2004.1317437"},{"key":"195_CR48","unstructured":"Van Landuyt D, Gregoire J, Michiels S, Truyen E, Joosen W (2006) Architectural design of a digital publishing system. Tech. rep., KU Leuven"}],"container-title":["Requirements Engineering"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00766-013-0195-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00766-013-0195-2\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00766-013-0195-2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,4]],"date-time":"2019-08-04T09:51:55Z","timestamp":1564912315000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00766-013-0195-2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,12,3]]},"references-count":48,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2015,6]]}},"alternative-id":["195"],"URL":"https:\/\/doi.org\/10.1007\/s00766-013-0195-2","relation":{},"ISSN":["0947-3602","1432-010X"],"issn-type":[{"value":"0947-3602","type":"print"},{"value":"1432-010X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013,12,3]]}}}