{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,7,17]],"date-time":"2023-07-17T06:21:45Z","timestamp":1689574905918},"reference-count":36,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2014,8,13]],"date-time":"2014-08-13T00:00:00Z","timestamp":1407888000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Requirements Eng"],"published-print":{"date-parts":[[2016,3]]},"DOI":"10.1007\/s00766-014-0208-9","type":"journal-article","created":{"date-parts":[[2014,8,12]],"date-time":"2014-08-12T04:17:13Z","timestamp":1407817033000},"page":"1-27","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":11,"title":["Using security robustness analysis for early-stage validation of functional security requirements"],"prefix":"10.1007","volume":"21","author":[{"given":"Mohamed","family":"El-Attar","sequence":"first","affiliation":[]},{"given":"Hezam Akram","family":"Abdul-Ghani","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2014,8,13]]},"reference":[{"key":"208_CR1","volume-title":"Secure systems development with UML","author":"J J\u00fcrjens","year":"2005","unstructured":"J\u00fcrjens J, Juerjens J (2005) Secure systems development with UML. Springer, Berlin"},{"key":"208_CR2","doi-asserted-by":"crossref","unstructured":"Sauv\u00e9 JP, Abath Neto OL, Cirne W (2006) Easyaccept: a tool to easily create, run and drive development with automated acceptance tests. In: Proceedings on 2006 international workshop automation and software testing ACM, pp 111\u2013117","DOI":"10.1145\/1138929.1138951"},{"key":"208_CR3","doi-asserted-by":"crossref","first-page":"428","DOI":"10.1145\/42404.42408","volume":"31","author":"MM Mantei","year":"1988","unstructured":"Mantei MM, Teorey TJ (1988) Cost\/benefit analysis for incorporating human factors in the software lifecycle. Commun ACM 31:428\u2013439","journal-title":"Commun ACM"},{"key":"208_CR4","unstructured":"Cohn M (2004) User stories applied: for agile software development. Addison-Wesley Professional, Reading"},{"key":"208_CR5","doi-asserted-by":"crossref","first-page":"34","DOI":"10.1007\/s00766-004-0194-4","volume":"10","author":"G Sindre","year":"2005","unstructured":"Sindre G, Opdahl AL (2005) Eliciting security requirements with misuse cases. Requir Eng 10:34\u201344","journal-title":"Requir Eng"},{"key":"208_CR6","doi-asserted-by":"crossref","unstructured":"Alexander I (2002) Initial industrial experience of misuse cases in trade-off analysis. In: Requirement Engineering 2002\u2014proceedings on IEEE joint international conference, pp 61\u201368","DOI":"10.1109\/ICRE.2002.1048506"},{"key":"208_CR7","unstructured":"Den Braber F, Dimitrakos T, Gran BA et al (2002) Model-based risk management using UML and UP. Issues Trends Inf Technol Manag Contemp Organ"},{"key":"208_CR8","unstructured":"Houmb SH, Den Braber F, Lund MS, St\u00f8len K (2002) Towards a UML profile for model-based risk assessment. In: Critical system development with UML\u2014proceedings UML\u201902 workshop. Citeseer, pp 79\u201391"},{"key":"208_CR9","doi-asserted-by":"crossref","first-page":"294","DOI":"10.1016\/j.infsof.2013.10.004","volume":"56","author":"P Karpati","year":"2014","unstructured":"Karpati P, Redda Y, Opdahl AL, Sindre G (2014) Comparing attack trees and misuse cases in an industrial setting. Inf Softw Technol 56:294\u2013308. doi: 10.1016\/j.infsof.2013.10.004","journal-title":"Inf Softw Technol"},{"key":"208_CR10","doi-asserted-by":"crossref","first-page":"1124","DOI":"10.1016\/j.jss.2012.12.002","volume":"86","author":"C Raspotnig","year":"2013","unstructured":"Raspotnig C, Opdahl A (2013) Comparing risk identification techniques for safety and security requirements. J Syst Softw 86:1124\u20131151","journal-title":"J Syst Softw"},{"key":"208_CR11","unstructured":"Sindre G, Opdahl AL, Brevik GF (2002) Generalization\/specialization as a structuring mechanism for misuse cases. Proc. 2nd symposium on requirements engineering: information security SREIS\u201902, Raleigh, North Carol"},{"key":"208_CR12","unstructured":"Sindre G, Opdahl AL (2001) Templates for misuse case description. In: Proceedings of 7th international workshop on requirements engineering: foundation for software quality. REFSQ2001 Switz"},{"key":"208_CR13","unstructured":"Kroll P, Kruchten P (2003) The rational unified process made easy: a practitioner\u2019s guide to the RUP. Addison-Wesley Professional, Reading"},{"key":"208_CR14","doi-asserted-by":"crossref","unstructured":"Kulak D, Guiney E (2000) Use cases: requirements in context. Addison-Wesley, Reading","DOI":"10.1145\/505894.505926"},{"key":"208_CR15","doi-asserted-by":"crossref","unstructured":"Basanieri F, Bertolino A, Marchetti E (2002) The cow_suite approach to planning and deriving test suites in UML projects.\u00a0\u226a\u00a0UML\u00a0\u226b\u00a02002\u2014unified modeling language. Springer, Berlin, pp 383\u2013397","DOI":"10.1007\/3-540-45800-X_30"},{"key":"208_CR16","doi-asserted-by":"crossref","first-page":"10","DOI":"10.1007\/s10270-002-0004-8","volume":"1","author":"L Briand","year":"2002","unstructured":"Briand L, Labiche Y (2002) A UML-based approach to system testing. Softw Syst Model 1:10\u201342","journal-title":"Softw Syst Model"},{"key":"208_CR17","doi-asserted-by":"crossref","first-page":"140","DOI":"10.1109\/TSE.2006.22","volume":"32","author":"C Nebut","year":"2006","unstructured":"Nebut C, Fleurey F, Le Traon Y, Jezequel J-M (2006) Automatic test generation: a use case driven approach. Softw Eng IEEE Trans 32:140\u2013155","journal-title":"Softw Eng IEEE Trans"},{"key":"208_CR18","unstructured":"Ryser J, Glinz M (1999) A scenario-based approach to validating and testing software systems using statecharts. In: Proceedings 12th international conference on software, systems engineering and their application."},{"key":"208_CR19","unstructured":"International Institute of Business Analysts: Business Analysts Body of Knowledge. www.iiba.org\/babok-guide.aspx . Version 2.0. Last accessed March 2014"},{"issue":"11","key":"208_CR20","doi-asserted-by":"crossref","first-page":"2538","DOI":"10.4304\/jsw.7.11.2538-2552","volume":"7","author":"M El-Attar","year":"2012","unstructured":"El-Attar M, Elish MO, Mahmood S, Miller J (2012) Is in-depth object-oriented knowledge necessary to develop quality robustness diagrams? J. Softw 7(11):2538\u20132552","journal-title":"J. Softw"},{"key":"208_CR21","doi-asserted-by":"crossref","first-page":"285","DOI":"10.1007\/s00766-009-0088-6","volume":"15","author":"M El-Attar","year":"2010","unstructured":"El-Attar M, Miller J (2010) Developing comprehensive acceptance tests from use cases and robustness diagrams. Requir Eng 15:285\u2013306","journal-title":"Requir Eng"},{"key":"208_CR22","doi-asserted-by":"crossref","unstructured":"Sindre G (2007) Mal-activity diagrams for capturing attacks on business processes. Requirements engineering: foundation for software quality. Springer, Berlin, pp 355\u2013366","DOI":"10.1007\/978-3-540-73031-6_27"},{"key":"208_CR23","unstructured":"Kariyuki, S. et al (2011) Acceptance testing based on relationships among use cases. In: Proceedings of 5th world congress for software quality, 2011."},{"key":"208_CR24","doi-asserted-by":"crossref","unstructured":"Stephens M, Rosenberg D (2010) Design Driven Testing: Test Smarter, Not Harder. Apress","DOI":"10.1007\/978-1-4302-2944-5"},{"key":"208_CR25","doi-asserted-by":"crossref","unstructured":"Roubtsov S (2006) Use case-based acceptance testing of a large industrial system: approach and experience report. In: Proceedings of testing: academic and industrial conference\u2014practice and research techniques, 2006","DOI":"10.1109\/TAIC-PART.2006.36"},{"key":"208_CR26","doi-asserted-by":"crossref","first-page":"173","DOI":"10.1007\/s10270-012-0240-5","volume":"13","author":"M El-Attar","year":"2014","unstructured":"El-Attar M (2014) From misuse cases to mal-activity diagrams: bridging the gap between functional security analysis and design. Softw Syst Model 13:173\u2013190. doi: 10.1007\/s10270-012-0240-5","journal-title":"Softw Syst Model"},{"key":"208_CR27","doi-asserted-by":"crossref","unstructured":"Dik SC (1997) The theory of functional grammar: the structure of the clause. Walter de Gruyter","DOI":"10.1515\/9783110218367"},{"key":"208_CR28","unstructured":"El-Attar M (2010) Developing precise misuse cases with security robustness analysis. SEKE. pp 571\u2013576"},{"key":"208_CR29","volume-title":"Use case driven object modeling with UML","author":"D Rosenberg","year":"1999","unstructured":"Rosenberg D, Scott K (1999) Use case driven object modeling with UML. Springer, Berlin"},{"key":"208_CR30","unstructured":"Mugridge R, Cunningham W (2005) Fit for developing software: framework for integrated tests. Pearson Education"},{"key":"208_CR31","unstructured":"Selenium Browser Automation: Selenium IDE. http:\/\/docs.seleniumhq.org\/ . Version 2.5.0. Last Accessed Mach 2014"},{"key":"208_CR32","doi-asserted-by":"crossref","first-page":"65","DOI":"10.5381\/jot.2009.8.3.a1","volume":"8","author":"D Kundu","year":"2009","unstructured":"Kundu D, Samanta D (2009) A novel approach to generate test cases from UML activity diagrams. J Object Technol 8:65\u201383","journal-title":"J Object Technol"},{"key":"208_CR33","doi-asserted-by":"crossref","first-page":"98","DOI":"10.1109\/MS.1996.536464","volume":"13","author":"B Beizer","year":"1996","unstructured":"Beizer B, Wiley J (1996) Black box testing: techniques for functional testing of software and systems. IEEE Softw 13:98","journal-title":"IEEE Softw"},{"key":"208_CR34","first-page":"81","volume":"2000","author":"M Kutar","year":"2000","unstructured":"Kutar M, Britton C, Wilson J (2000) Cognitive dimensions an experience report. Proceedings of the twelfth annual meeting of the Psychology of Programming Interest Group, Memoria, Cozenza Italy 2000:81\u201398","journal-title":"Proceedings of the twelfth annual meeting of the Psychology of Programming Interest Group, Memoria, Cozenza Italy"},{"key":"208_CR35","doi-asserted-by":"crossref","DOI":"10.1007\/978-1-4615-4625-2","volume-title":"Experimentation in software engineering\u2014an introduction","author":"C Wohlin","year":"2000","unstructured":"Wohlin C et al (2000) Experimentation in software engineering\u2014an introduction. Kluwer, Dordrecht"},{"key":"208_CR36","doi-asserted-by":"crossref","first-page":"323","DOI":"10.1016\/j.jss.2011.08.023","volume":"85","author":"M El-Attar","year":"2012","unstructured":"El-Attar M (2012) Towards developing consistent misuse case models. J Syst Softw 85:323\u2013339","journal-title":"J Syst Softw"}],"container-title":["Requirements Engineering"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00766-014-0208-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00766-014-0208-9\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00766-014-0208-9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,13]],"date-time":"2019-08-13T20:22:42Z","timestamp":1565727762000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00766-014-0208-9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,8,13]]},"references-count":36,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2016,3]]}},"alternative-id":["208"],"URL":"https:\/\/doi.org\/10.1007\/s00766-014-0208-9","relation":{},"ISSN":["0947-3602","1432-010X"],"issn-type":[{"value":"0947-3602","type":"print"},{"value":"1432-010X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2014,8,13]]}}}