{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,11,25]],"date-time":"2023-11-25T07:04:32Z","timestamp":1700895872278},"reference-count":26,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2015,3,7]],"date-time":"2015-03-07T00:00:00Z","timestamp":1425686400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int J Softw Tools Technol Transfer"],"published-print":{"date-parts":[[2015,6]]},"DOI":"10.1007\/s10009-015-0371-4","type":"journal-article","created":{"date-parts":[[2015,3,6]],"date-time":"2015-03-06T09:56:14Z","timestamp":1425635774000},"page":"245-250","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["A process for mastering security evolution in the development lifecycle"],"prefix":"10.1007","volume":"17","author":[{"given":"Michael","family":"Felderer","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Basel","family":"Katt","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2015,3,7]]},"reference":[{"key":"371_CR1","doi-asserted-by":"crossref","first-page":"213","DOI":"10.1016\/0164-1212(79)90022-0","volume":"1","author":"M Lehman","year":"1980","unstructured":"Lehman, M.: On understanding laws, evolution, and conservation in the large-program lifecycle. J. Syst. Softw. 1, 213\u2013221 (1980)","journal-title":"J. Syst. Softw."},{"issue":"1","key":"371_CR2","doi-asserted-by":"crossref","first-page":"40","DOI":"10.1109\/MS.1998.646878","volume":"15","author":"M Lehman","year":"1998","unstructured":"Lehman, M.: Software\u2019s future: managing evolution. IEEE Softw 15(1), 40\u201344 (1998)","journal-title":"IEEE Softw"},{"key":"371_CR3","doi-asserted-by":"crossref","unstructured":"Windm\u00fcller, S., Neubauer, J., Steffen, B., Howar, F., Bauer, O.: Active continuous quality control. In: Proceedings of the 16th international ACM sigsoft symposium on component-based software engineering, pp. 111\u2013120. ACM (2013)","DOI":"10.1145\/2465449.2465469"},{"issue":"1","key":"371_CR4","first-page":"8","volume":"18","author":"D Hein","year":"2009","unstructured":"Hein, D., Saiedian, H.: Secure software engineering: learning from the past to address future challenges. Inf. Secur. J.: Glob. Perspect. 18(1), 8\u201325 (2009)","journal-title":"Inf. Secur. J.: Glob. Perspect."},{"key":"371_CR5","doi-asserted-by":"crossref","first-page":"1152","DOI":"10.1016\/j.infsof.2008.01.010","volume":"51","author":"B Win De","year":"2009","unstructured":"De Win, B., Scandariato, R., Buyens, K., Gr\u00e9goire, J., Joosen, W.: On the secure software development process: clasp, sdl and touchpoints compared. Inf. Softw. Technol. 51, 1152\u20131171 (2009)","journal-title":"Inf. Softw. Technol."},{"key":"371_CR6","doi-asserted-by":"crossref","unstructured":"Gregoire, J., Buyens, K., Win, B.D., Scandariato, R., Joosen, W.: On the secure software development process: clasp and sdl compared. In: Proceedings of the 3rd international workshop on software engineering for secure systems, pp. 1. IEEE Computer Society (2007)","DOI":"10.1109\/SESS.2007.7"},{"key":"371_CR7","unstructured":"Noopur, D.: Secure software development life cycle processes. Technical report, Technical report CMU\/SEI-2005-TN-024, Software Engineering Institute (2006)"},{"issue":"2","key":"371_CR8","doi-asserted-by":"crossref","first-page":"80","DOI":"10.1109\/MSECP.2004.1281254","volume":"2","author":"G McGraw","year":"2004","unstructured":"McGraw, G.: Software security. Secur. Priv. IEEE 2(2), 80\u201383 (2004)","journal-title":"Secur. Priv. IEEE"},{"key":"371_CR9","volume-title":"The Security Development Lifecycle: SDL: A Process for Developing Demonstrably More Secure Software","author":"M Howard","year":"2006","unstructured":"Howard, M., Lipner, S.: The Security Development Lifecycle: SDL: A Process for Developing Demonstrably More Secure Software. Microsoft Press, Redmond (2006)"},{"key":"371_CR10","doi-asserted-by":"crossref","unstructured":"Kissel, R., Stine, K.M., Scholl, M.A., Rossman, H., Fahlsing, J., Gulick, J.: Sp 800\u201364 rev. 2. Security considerations in the system development life cycle. Technical report, Gaithersburg, MD, United States (2008)","DOI":"10.6028\/NIST.SP.800-64r2"},{"key":"371_CR11","unstructured":"OWASP: Comprehensive, lightweight application security process. http:\/\/www.owasp.org (2006)"},{"key":"371_CR12","first-page":"121990","volume":"610121990","author":"J Radatz","year":"1990","unstructured":"Radatz, J., Geraci, A., Katki, F.: IEEE standard glossary of software engineering terminology. IEEE Stand 610121990, 121990 (1990)","journal-title":"IEEE Stand"},{"key":"371_CR13","doi-asserted-by":"crossref","unstructured":"Kissel, R., Stine, K.M., Scholl, M.A., Rossman, H., Fahlsing, J., Gulick, J.: Sp 800\u201364 rev. 2. Security considerations in the system development life cycle (2008)","DOI":"10.6028\/NIST.SP.800-64r2"},{"issue":"4","key":"371_CR14","doi-asserted-by":"crossref","first-page":"48","DOI":"10.4018\/ijsse.2014100103","volume":"5","author":"M Felderer","year":"2014","unstructured":"Felderer, M., Katt, B., Kalb, P., J\u00fcrjens, J., Ochoa, M., Paci, F., Tun, T.T., Yskout, K., Scandariato, R., Piessens, F., Vanoverberghe, D., Fourneret, E., Gander, M., Solhaug, B., Breu, R.: Evolution of security engineering artifacts: a state of the art survey. Int. J. Secur. Softw. Eng. (IJSSE) 5(4), 48\u201398 (2014)","journal-title":"Int. J. Secur. Softw. Eng. (IJSSE)"},{"issue":"6","key":"371_CR15","doi-asserted-by":"crossref","first-page":"63","DOI":"10.1109\/MSP.2004.95","volume":"2","author":"M Howard","year":"2004","unstructured":"Howard, M.: Building more secure software with improved development processes. IEEE Secur. Priv. 2(6), 63\u201365 (2004)","journal-title":"IEEE Secur. Priv."},{"issue":"4","key":"371_CR16","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/1082983.1083207","volume":"30","author":"J Viega","year":"2005","unstructured":"Viega, J.: Building security requirements with CLASP. ACM SIGSOFT Softw Eng Notes 30(4), 1\u20137 (2005)","journal-title":"ACM SIGSOFT Softw Eng Notes"},{"key":"371_CR17","volume-title":"Software Security: Building Security In (Addison-Wesley Software Security Series)","author":"G Mcgraw","year":"2006","unstructured":"Mcgraw, G.: Software Security: Building Security In (Addison-Wesley Software Security Series). Addison-Wesley Professional, Boston (2006)"},{"issue":"3","key":"371_CR18","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1109\/MSP.2004.21","volume":"2","author":"N Davis","year":"2004","unstructured":"Davis, N., Humphrey, W., Redwine Jr, S.T., Zibulski, G., McGraw, G.: Processes for producing secure software. Secur. Priv. IEEE 2(3), 18\u201325 (2004)","journal-title":"Secur. Priv. IEEE"},{"key":"371_CR19","unstructured":"Redwine, T.S., Noopur, D.: Processes to produce secure software. National Cyber Security Summit-USA (2004)"},{"key":"371_CR20","unstructured":"Felderer, M., Agreiter, B., Zech, P., Breu, R.: A classification for model-based security testing. In: VALID 2011, the 3rd international conference on advances in system testing and validation lifecycle, pp. 109\u2013114 (2011)"},{"key":"371_CR21","doi-asserted-by":"crossref","unstructured":"Byers, D., Shahmehri, N.: Design of a process for software security. In: Availability, reliability and security, 2007. ARES 2007. In: The 2nd international conference on, pp. 301\u2013309. IEEE (2007)","DOI":"10.1109\/ARES.2007.67"},{"key":"371_CR22","doi-asserted-by":"crossref","unstructured":"Refsdal, A., Solhaug, B., St\u00f8len, K.: Security risk analysis of system changes exemplified within the oil and gas domain. Int J Softw Tools Technol Transfer (2015, in this issue). doi: 10.1007\/s10009-014-0351-0","DOI":"10.1007\/s10009-014-0351-0"},{"key":"371_CR23","doi-asserted-by":"crossref","unstructured":"Vanoverberghe, D., Piessens, F.: Policy ignorant caller-side inline reference monitoring. Int J Softw Tools Technol Transfer (2015, in this issue). doi: 10.1007\/s10009-014-0348-8","DOI":"10.1007\/s10009-014-0348-8"},{"key":"371_CR24","doi-asserted-by":"crossref","unstructured":"B\u00fcrger, J., J\u00fcrjens, J., Wenzel, S.: Restoring security of evolving software models using graph transformation. Int J Softw Tools Technol Transfer (2015, in this issue). doi: 10.1007\/s10009-014-0364-8","DOI":"10.1007\/s10009-014-0364-8"},{"key":"371_CR25","doi-asserted-by":"crossref","unstructured":"Felderer, M., Fourneret, E.: A systematic classification of security regression testing approaches. Int J Softw Tools Technol Transfer (2015, in this issue). doi: 10.1007\/s10009-015-0365-2","DOI":"10.1007\/s10009-015-0365-2"},{"key":"371_CR26","volume-title":"Model-Driven Risk Analysis: The CORAS Approach","author":"MS Lund","year":"2010","unstructured":"Lund, M.S., Solhaug, B., St\u00f8len, K.: Model-Driven Risk Analysis: The CORAS Approach. Springer Science & Business Media, Berlin (2010)"}],"container-title":["International Journal on Software Tools for Technology Transfer"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10009-015-0371-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10009-015-0371-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10009-015-0371-4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,21]],"date-time":"2019-08-21T18:30:03Z","timestamp":1566412203000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10009-015-0371-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,3,7]]},"references-count":26,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2015,6]]}},"alternative-id":["371"],"URL":"https:\/\/doi.org\/10.1007\/s10009-015-0371-4","relation":{},"ISSN":["1433-2779","1433-2787"],"issn-type":[{"value":"1433-2779","type":"print"},{"value":"1433-2787","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015,3,7]]}}}