{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,16]],"date-time":"2025-12-16T12:23:47Z","timestamp":1765887827168,"version":"3.41.0"},"reference-count":72,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2016,9,19]],"date-time":"2016-09-19T00:00:00Z","timestamp":1474243200000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Softw Syst Model"],"published-print":{"date-parts":[[2018,10]]},"DOI":"10.1007\/s10270-016-0560-y","type":"journal-article","created":{"date-parts":[[2016,9,19]],"date-time":"2016-09-19T08:18:41Z","timestamp":1474273121000},"page":"1253-1285","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":21,"title":["Holistic security requirements analysis for socio-technical systems"],"prefix":"10.1007","volume":"17","author":[{"given":"Tong","family":"Li","sequence":"first","affiliation":[]},{"given":"Jennifer","family":"Horkoff","sequence":"additional","affiliation":[]},{"given":"John","family":"Mylopoulos","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,9,19]]},"reference":[{"key":"560_CR1","doi-asserted-by":"crossref","unstructured":"Altuhhova, O., Matulevi\u010dius, R., Ahmed, N.: Towards definition of secure business processes. In: Bajec, M., Eder, J. (eds.) Advanced Information Systems Engineering Workshops, pp. 1\u201315. Springer, Berlin (2012)","DOI":"10.1007\/978-3-642-31069-0_1"},{"key":"560_CR2","unstructured":"Araujo, I., Weiss, M.: Linking patterns and non-functional requirements. In: Proceedings of the Ninth Conference on Pattern Language of Programs (PLOP 2002) (2002)"},{"issue":"3","key":"560_CR3","doi-asserted-by":"crossref","first-page":"1","DOI":"10.4018\/jsse.2011070101","volume":"2","author":"Y Asnar","year":"2011","unstructured":"Asnar, Y., Massacci, F., Saidane, A., Riccucci, C., Felici, M., Tedeschi, A., El-Khoury, P., Li, K., S\u00e9guran, M., Zannone, N.: Organizational patterns for security and dependability: from design to application. Int. J. Secur. Softw. Eng. 2(3), 1\u201322 (2011)","journal-title":"Int. J. Secur. Softw. Eng."},{"key":"560_CR4","doi-asserted-by":"crossref","unstructured":"Asnar, Y., Li, T., Massacci, F., Paci, F.: Computer aided threat identification. In: 2011 IEEE 13th Conference on Commerce and Enterprise Computing (CEC), pp. 145\u2013152. IEEE (2011)","DOI":"10.1109\/CEC.2011.13"},{"issue":"3","key":"560_CR5","doi-asserted-by":"crossref","first-page":"203","DOI":"10.1023\/B:AGNT.0000018806.20944.ef","volume":"8","author":"P Bresciani","year":"2004","unstructured":"Bresciani, P., Perini, A., Giorgini, P., Giunchiglia, F., Mylopoulos, J.: Tropos: an agent-oriented software development methodology. Auton. Agents Multi-Agent Syst. 8(3), 203\u2013236 (2004)","journal-title":"Auton. Agents Multi-Agent Syst."},{"key":"560_CR6","unstructured":"Brown, B., Singletary, B., Willke, B., Bennett, C., Highfill, D., Houseman, D., Cleveland, F., Lipson, H., Ivers, J., Gooding, J., et\u00a0al.: Ami System Security Requirements. UCA Int. Users Group, US Dept. Energy, Washington, DC, USA, Tech. Rep. UCAIUG: AMI-SEC-ASAP (2008)"},{"key":"560_CR7","unstructured":"Carpenter, M., Goodspeed, T., Singletary, B., Skoudis, E., Wright, J.: Advanced Metering Infrastructure Attack Methodology. InGuardians white paper (2009)"},{"key":"560_CR8","doi-asserted-by":"crossref","unstructured":"Chung, L.: Dealing with security requirements during the development of information systems. In: Rolland, C., Bodart, F., Cauvet C. (eds.) Advanced Information Systems Engineering. LNCS, vol. 685, pp. 234\u2013251. Springer, Berlin (1993)","DOI":"10.1007\/3-540-56777-1_13"},{"key":"560_CR9","doi-asserted-by":"crossref","first-page":"29","DOI":"10.1007\/11668855_3","volume-title":"Software Engineering Research and Applications, LNCS","author":"L Chung","year":"2006","unstructured":"Chung, L., Supakkul, S.: Representing nfrs and frs: a goal-oriented and use case driven approach. In: Dosch, W., Lee, R., Wu, C. (eds.) Software Engineering Research and Applications, LNCS, vol. 3647, pp. 29\u201341. Springer, Berlin (2006)"},{"key":"560_CR10","unstructured":"Cuellar, J., Suppan, S.: A smart metering scenario. In: Network of Excellence on Engineering Secure Future Internet Software Services and Systems, eRISE, vol. 2013, (2013)"},{"key":"560_CR11","doi-asserted-by":"crossref","unstructured":"Cui, X., Paige, R.: An integrated framework for system\/software requirements development aligning with business motivations. In: 2012 IEEE\/ACIS 11th International Conference on Computer and Information Science (ICIS), pp. 547\u2013552 (2012)","DOI":"10.1109\/ICIS.2012.32"},{"issue":"10","key":"560_CR12","doi-asserted-by":"crossref","first-page":"1142","DOI":"10.1016\/j.infsof.2012.04.005","volume":"54","author":"JMC Gea De","year":"2012","unstructured":"De Gea, J.M.C., Nicol\u00e1s, J., Alem\u00e1n, J.L.F., Toval, A., Ebert, C., Vizca\u00edno, A.: Requirements engineering tools: capabilities, survey and assessment. Inf. Softw. Technol. 54(10), 1142\u20131157 (2012)","journal-title":"Inf. Softw. Technol."},{"issue":"3","key":"560_CR13","doi-asserted-by":"crossref","first-page":"364","DOI":"10.1145\/261124.261126","volume":"22","author":"T Eiter","year":"1997","unstructured":"Eiter, T., Gottlob, G., Mannila, H.: Disjunctive datalog. ACM Trans. Database Syst. (TODS) 22(3), 364\u2013418 (1997)","journal-title":"ACM Trans. Database Syst. (TODS)"},{"key":"560_CR14","doi-asserted-by":"crossref","unstructured":"Estrada, H., Rebollar, A.M., Pastor, O., Mylopoulos, J.: An empirical evaluation of the i* framework in a model-based software generation environment. In: Dubois, E., Pohl, K. (eds.) Advanced Information Systems Engineering, pp. 513\u2013527. Springer, Berlin (2006)","DOI":"10.1007\/11767138_34"},{"key":"560_CR15","unstructured":"Fernandez, E.B.: Two patterns for web services security. In: International Conference on Internet Computing, pp. 801\u2013807 (2004)"},{"key":"560_CR16","doi-asserted-by":"crossref","unstructured":"Fernandez, E.B., Ballesteros, J., Desouza-Doucet, A.C., Larrondo-Petrie, M.M.: Security patterns for physical access control systems. In: Barker, S., Ahn G.J. (eds.) Data and Applications Security XXI, pp. 259\u2013274. Springer, Berlin (2007)","DOI":"10.1007\/978-3-540-73538-0_19"},{"key":"560_CR17","doi-asserted-by":"crossref","unstructured":"Fernandez, E.B., Fonoage, M., VanHilst, M., Marta, M.: The secure three-tier architecture pattern. In: CISIS, pp. 555\u2013560 (2008)","DOI":"10.1109\/CISIS.2008.51"},{"key":"560_CR18","volume-title":"Security Patterns in Practice: Designing Secure Architectures Using Software Patterns","author":"E Fernandez-Buglioni","year":"2013","unstructured":"Fernandez-Buglioni, E.: Security Patterns in Practice: Designing Secure Architectures Using Software Patterns. Wiley, New York (2013)"},{"issue":"1","key":"560_CR19","doi-asserted-by":"crossref","first-page":"61","DOI":"10.5381\/jot.2004.3.1.c6","volume":"3","author":"D Firesmith","year":"2004","unstructured":"Firesmith, D.: Specifying Reusable Security Requirements. J. Object Technol. 3(1), 61\u201375 (2004)","journal-title":"J. Object Technol."},{"key":"560_CR20","volume-title":"Securing the Smart Grid: Next Generation Power Grid Security","author":"T Flick","year":"2010","unstructured":"Flick, T., Morehouse, J.: Securing the Smart Grid: Next Generation Power Grid Security. Elsevier, Amsterdam (2010)"},{"key":"560_CR21","doi-asserted-by":"crossref","unstructured":"Giorgini, P., Massacci, F., Zannone, N.: Security and trust requirements engineering. In: Aldini, A., Gorrieri, R., Martinelli, F. (eds.) Foundations of Security Analysis and Design III. LNCS, vol. 3655, pp. 237\u2013272. Springer, Berlin (2005)","DOI":"10.1007\/11554578_8"},{"issue":"1","key":"560_CR22","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1007\/s007660170013","volume":"6","author":"D Gross","year":"2001","unstructured":"Gross, D., Yu, E.: From non-functional requirements to design through patterns. Requir. Eng. 6(1), 18\u201336 (2001)","journal-title":"Requir. Eng."},{"issue":"4","key":"560_CR23","doi-asserted-by":"crossref","first-page":"52","DOI":"10.1109\/MS.2007.114","volume":"24","author":"M Hafiz","year":"2007","unstructured":"Hafiz, M., Adamczyk, P., Johnson, R.E.: Organizing security patterns. IEEE Softw. 24(4), 52\u201360 (2007)","journal-title":"IEEE Softw."},{"key":"560_CR24","doi-asserted-by":"crossref","unstructured":"Haley, C.B., Laney, R.C., Nuseibeh, B.: Deriving security requirements from crosscutting threat descriptions. In: Proceedings of the 3rd International Conference on Aspect-Oriented Software Development, pp. 112\u2013121. ACM, New York (2004)","DOI":"10.1145\/976270.976285"},{"key":"560_CR25","first-page":"121","volume":"8","author":"P Halleux","year":"2008","unstructured":"Halleux, P., Mathieu, L., Andersson, B.: A method to support the alignment of business models and goal models. Proc. BUSITAL 8, 121 (2008)","journal-title":"Proc. BUSITAL"},{"key":"560_CR26","unstructured":"Haren, V.: TOGAF Version 9.1. Van Haren Publishing, Berlin (2011)"},{"key":"560_CR27","unstructured":"Hernan, S., Lambert, S., Ostwald, T., Shostack, A.: Threat modeling-uncover security design flaws using the stride approach. In: MSDN Magazine-Louisville, pp. 68\u201375 (2006)"},{"issue":"3\u20134","key":"560_CR28","doi-asserted-by":"crossref","first-page":"305","DOI":"10.1007\/s10660-006-8677-7","volume":"6","author":"P Herrmann","year":"2006","unstructured":"Herrmann, P., Herrmann, G.: Security requirement analysis of business processes. Electron. Commer. Res. 6(3\u20134), 305\u2013335 (2006)","journal-title":"Electron. Commer. Res."},{"key":"560_CR29","doi-asserted-by":"crossref","unstructured":"Heyman, T., Yskout, K., Scandariato, R., Joosen, W.: An analysis of the security patterns landscape. In: Proceedings of the Third International Workshop on Software Engineering for Secure Systems (SESS), pp. 3\u201310. IEEE Computer Society (2007)","DOI":"10.1109\/SESS.2007.4"},{"key":"560_CR30","doi-asserted-by":"crossref","unstructured":"Horkoff, J., Aydemir, F.B., Li, F.L., Li, T., Mylopoulos, J.: Evaluating modeling languages: an example from the requirements domain. In: Conceptual Modeling (ER 2014), pp. 260\u2013274. Springer, Berlin (2014)","DOI":"10.1007\/978-3-319-12206-9_21"},{"issue":"2","key":"560_CR31","doi-asserted-by":"crossref","first-page":"1","DOI":"10.4018\/IJISMD.2015040101","volume":"6","author":"J Horkoff","year":"2015","unstructured":"Horkoff, J., Li, T., Li, F.L., Salnitri, M., Cardoso, E., Giorgini, P., Mylopoulos, J.: Using goal models downstream: a systematic roadmap and literature review. Int. J. Inf. Syst. Model. Des. 6(2), 1\u201342 (2015)","journal-title":"Int. J. Inf. Syst. Model. Des."},{"key":"560_CR32","doi-asserted-by":"crossref","unstructured":"Horkoff, J., Li, T., Li, F.L., Salnitri, M., Cardoso, E., Giorgini, P., Mylopoulos, J., Pimentel, J.: Taking goal models downstream: a systematic roadmap. In: 2014 IEEE Eighth International Conference on Research Challenges in Information Science (RCIS), pp. 1\u201312. IEEE (2014)","DOI":"10.1109\/RCIS.2014.6861036"},{"key":"560_CR33","doi-asserted-by":"crossref","unstructured":"Horkoff, J., Yu, E.: Finding solutions in goal models: an interactive backward reasoning approach. In: Parsons, J., Saeki, M., Shoval, P., Woo, C., Wand, Y. (eds.) Conceptual Modeling-ER 2010, pp. 59\u201375. Springer, Berlin (2010)","DOI":"10.1007\/978-3-642-16373-9_5"},{"key":"560_CR34","doi-asserted-by":"crossref","unstructured":"Horkoff, J., Yu, E.: Analyzing goal models: different approaches and how to choose among them. In: Proceedings of the 2011 ACM Symposium on Applied Computing, pp. 675\u2013682. ACM, New York (2011)","DOI":"10.1145\/1982185.1982334"},{"issue":"3","key":"560_CR35","doi-asserted-by":"crossref","first-page":"199","DOI":"10.1007\/s00766-011-0143-y","volume":"18","author":"J Horkoff","year":"2013","unstructured":"Horkoff, J., Yu, E.: Comparison and evaluation of goal-oriented satisfaction analysis techniques. Requir. Eng. 18(3), 199\u2013222 (2013)","journal-title":"Requir. Eng."},{"key":"560_CR36","unstructured":"ISO\/IEC 27002: Information Technology\u2014Security Techniques\u2014Code of Practice for Information Security Management (2005)"},{"key":"560_CR37","unstructured":"ISO\/IEC 27000: 2012 Information Technology\u2014Security Techniques\u2014Information Security Management Systems\u2014Overview and Vocabulary. http:\/\/www.27000.org\/ (2012)"},{"key":"560_CR38","doi-asserted-by":"crossref","unstructured":"Jureta, I., Borgida, A., Ernst, N., Mylopoulos, J.: Techne: Towards a new generation of requirements modeling languages with goals, preferences, and inconsistency handling. In: Proceedings of the RE\u201910, pp. 115\u2013124 (2010)","DOI":"10.1109\/RE.2010.24"},{"key":"560_CR39","volume-title":"The Art of Computer Programming: Sorting and Searching","author":"DE Knuth","year":"1998","unstructured":"Knuth, D.E.: The Art of Computer Programming: Sorting and Searching, vol. 3. Pearson Education, New York (1998)"},{"key":"560_CR40","doi-asserted-by":"crossref","unstructured":"Lankhorst, M.M., Proper, H.A., Jonkers, H.: The architecture of the archimate language. In: Halpin, T., Krogstie, J., Nurcan, S., Proper, E., Schmidt, R., Soffer, P., Ukor, R. (eds.) Enterprise, Business-Process and Information Systems Modeling, pp. 367\u2013380. Springer, Berlin (2009)","DOI":"10.1007\/978-3-642-01862-6_30"},{"issue":"3","key":"560_CR41","doi-asserted-by":"crossref","first-page":"311","DOI":"10.1007\/s10664-005-1290-x","volume":"10","author":"TC Lethbridge","year":"2005","unstructured":"Lethbridge, T.C., Sim, S.E., Singer, J.: Studying software engineers: data collection techniques for software field studies. Empir. Softw. Eng. 10(3), 311\u2013341 (2005)","journal-title":"Empir. Softw. Eng."},{"key":"560_CR42","doi-asserted-by":"crossref","unstructured":"Li, T., Horkoff, J.: Dealing with security requirements for socio-technical systems: a holistic approach. In: Advanced Information Systems Engineering (CAiSE 2014), pp. 185\u2013200. Springer, Berlin (2014)","DOI":"10.1007\/978-3-319-07881-6_20"},{"key":"560_CR43","doi-asserted-by":"crossref","unstructured":"Li, T., Horkoff, J., Mylopoulos, J.: Integrating security patterns with security requirements analysis using contextual goal models. In: The Practice of Enterprise Modeling (PoEM 2014), pp. 208\u2013223. Springer, Berlin (2014)","DOI":"10.1007\/978-3-662-45501-2_15"},{"key":"560_CR44","unstructured":"Li, T., Horkoff, J., Mylopoulos, J.: A prototype tool for modeling and analyzing security requirements from a holistic viewpoint. In: The CAiSE\u201914 Forum at the 26th International Conference on Advanced Information Systems Engineering, pp. 185\u2013192 (2014)"},{"key":"560_CR45","doi-asserted-by":"crossref","unstructured":"Li, T., Horkoff, J., Mylopoulos, J.: Analyzing and enforcing security mechanisms on requirements specification. In: Requirements Engineering: Foundation for Software Quality (REFSQ 2015). Springer, Berlin (2015)","DOI":"10.1007\/978-3-319-16101-3_8"},{"key":"560_CR46","doi-asserted-by":"crossref","unstructured":"Liu, L., Yu, E., Mylopoulos, J.: Security and privacy requirements analysis within a social setting. In: Proceedings of the RE\u201903, vol.\u00a03, pp. 151\u2013161. Monterey, CA (2003)","DOI":"10.1109\/ICRE.2003.1232746"},{"key":"560_CR47","doi-asserted-by":"crossref","unstructured":"Massacci, F., Paci, F.: How to select a security requirements method? A comparative study with students and practitioners. In: J\u00f8sang, A., Carlsson, B. (eds.) Secure IT Systems, pp. 89\u2013104. Springer, Berlin (2012)","DOI":"10.1007\/978-3-642-34210-3_7"},{"key":"560_CR48","doi-asserted-by":"crossref","unstructured":"Menzel, M., Thomas, I., Meinel, C.: Security requirements specification in service-oriented business process management. In: Proceedings of International Conference on Availability, Reliability and Security, 2009 (ARES\u201909), pp. 41\u201348. IEEE (2009)","DOI":"10.1109\/ARES.2009.90"},{"issue":"3","key":"560_CR49","doi-asserted-by":"crossref","first-page":"331","DOI":"10.4304\/jsw.6.3.331-339","volume":"6","author":"H Mouratidis","year":"2011","unstructured":"Mouratidis, H.: Secure software systems engineering: the secure tropos approach. J. Softw. 6(3), 331\u2013339 (2011)","journal-title":"J. Softw."},{"key":"560_CR50","unstructured":"Mouratidis, H., Giorgini, P.: A natural extension of tropos methodology for modelling security. In: Proceedings of the Agent Oriented Methodologies Workshop (OOPSLA 2002), Citeseer (2002)"},{"issue":"8","key":"560_CR51","doi-asserted-by":"crossref","first-page":"813","DOI":"10.1002\/int.20432","volume":"25","author":"H Mouratidis","year":"2010","unstructured":"Mouratidis, H., Jurjens, J.: From goal-driven security requirements engineering to secure design. Int. J. Intell. Syst. 25(8), 813\u2013840 (2010)","journal-title":"Int. J. Intell. Syst."},{"key":"560_CR52","unstructured":"NIST: Roadmap for Smart Grid Interoperability Standards, Release 2.0. NIST Special Publication 1108R2 (2012)"},{"key":"560_CR53","doi-asserted-by":"crossref","unstructured":"Paja, E., Dalpiaz, F., Giorgini, P.: Managing security requirements conflicts in socio-technical systems. In: Ng, W., Storey, V.C., Trujillo, J.C. (eds.) Conceptual Modeling, pp. 270\u2013283. Springer, Berlin (2013)","DOI":"10.1007\/978-3-642-41924-9_23"},{"issue":"4","key":"560_CR54","doi-asserted-by":"crossref","first-page":"259","DOI":"10.1007\/s00766-011-0126-z","volume":"17","author":"J Pimentel","year":"2012","unstructured":"Pimentel, J., Lucena, M., Castro, J., Silva, C., Santos, E., Alencar, F.: Deriving software architectural models from requirements models for adaptive systems: the stream-a approach. Requir. Eng. 17(4), 259\u2013281 (2012)","journal-title":"Requir. Eng."},{"issue":"6","key":"560_CR55","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/1218776.1218783","volume":"31","author":"P Ranjan","year":"2006","unstructured":"Ranjan, P., Misra, A.K.: Agent based system development: a domain-specific goal approach. ACM SIGSOFT Softw. Eng. Notes 31(6), 1\u20136 (2006)","journal-title":"ACM SIGSOFT Softw. Eng. Notes"},{"key":"560_CR56","doi-asserted-by":"crossref","unstructured":"Rodr\u00edguez, A., Fern\u00e1ndez-Medina, E., Trujillo, J., Piattini, M.: Secure business process model specification through a UML 2.0 activity diagram profile. Decis. Support Syst. 51(3):446\u2013465 (2011)","DOI":"10.1016\/j.dss.2011.01.018"},{"key":"560_CR57","doi-asserted-by":"crossref","unstructured":"Rodr\u00edguez, A., de Guzm\u00e1n, I.G.R., Fern\u00e1ndez-Medina, E., Piattini, M.: Semi-formal transformation of secure business processes into analysis class and use case models: an mda approach. Inf. Softw. Technol. 52(9), 945\u2013971 (2010)","DOI":"10.1016\/j.infsof.2010.03.015"},{"issue":"2","key":"560_CR58","doi-asserted-by":"crossref","first-page":"131","DOI":"10.1007\/s10664-008-9102-8","volume":"14","author":"P Runeson","year":"2009","unstructured":"Runeson, P., H\u00f6st, M.: Guidelines for conducting and reporting case study research in software engineering. Empir. Softw. Eng. 14(2), 131\u2013164 (2009)","journal-title":"Empir. Softw. Eng."},{"key":"560_CR59","unstructured":"Scandariato, R., Yskout, K., Heyman, T., Joosen, W.: Architecting Software with Security Patterns. Tech. rep, KU Leuven (2008)"},{"issue":"12","key":"560_CR60","first-page":"21","volume":"24","author":"B Schneier","year":"1999","unstructured":"Schneier, B.: Attack trees. Dr. Dobb\u2019s J. 24(12), 21\u201329 (1999)","journal-title":"Dr. Dobb\u2019s J."},{"key":"560_CR61","volume-title":"Security Patterns: Integrating Security and Systems Engineering","author":"M Schumacher","year":"2013","unstructured":"Schumacher, M., Fernandez-Buglioni, E., Hybertson, D., Buschmann, F., Sommerlad, P.: Security Patterns: Integrating Security and Systems Engineering. Wiley, New York (2013)"},{"issue":"1","key":"560_CR62","doi-asserted-by":"crossref","first-page":"34","DOI":"10.1007\/s00766-004-0194-4","volume":"10","author":"G Sindre","year":"2005","unstructured":"Sindre, G., Opdahl, A.L.: Eliciting security requirements with misuse cases. Requir. Eng. 10(1), 34\u201344 (2005)","journal-title":"Requir. Eng."},{"key":"560_CR63","doi-asserted-by":"crossref","unstructured":"Souag, A., Mazo, R., Salinesi, C., Comyn-Wattiau, I.: Reusable knowledge in security requirements engineering: a systematic mapping study. Requir. Eng. 21(2), 251\u2013283 (2016)","DOI":"10.1007\/s00766-015-0220-8"},{"issue":"3","key":"560_CR64","doi-asserted-by":"crossref","first-page":"251","DOI":"10.1007\/s00766-012-0153-4","volume":"18","author":"H Suleiman","year":"2013","unstructured":"Suleiman, H., Svetinovic, D.: Evaluating the effectiveness of the security quality requirements engineering (square) method: a case study using smart grid advanced metering infrastructure. Requir. Eng. 18(3), 251\u2013279 (2013)","journal-title":"Requir. Eng."},{"key":"560_CR65","unstructured":"TOG: Mapping the togaf adm to the zachman framework (2002). http:\/\/www.opengroup.org\/architecture\/0210can\/togaf8\/doc-review\/togaf8cr\/c\/p4\/zf\/zf_mapping.htm"},{"issue":"20","key":"560_CR66","first-page":"2920","volume":"18","author":"AV Uzunov","year":"2012","unstructured":"Uzunov, A.V., Fernandez, E.B., Falkner, K.: Engineering security into distributed systems: a survey of methodologies. J. UCS 18(20), 2920\u20133006 (2012)","journal-title":"J. UCS"},{"key":"560_CR67","doi-asserted-by":"crossref","first-page":"112","DOI":"10.1016\/j.csi.2015.02.011","volume":"41","author":"AV Uzunov","year":"2015","unstructured":"Uzunov, A.V., Fernandez, E.B., Falkner, K.: Ase: a comprehensive pattern-driven security methodology for distributed systems. Comput. Stand. Interfaces 41, 112\u2013137 (2015)","journal-title":"Comput. Stand. Interfaces"},{"issue":"10","key":"560_CR68","doi-asserted-by":"crossref","first-page":"978","DOI":"10.1109\/32.879820","volume":"26","author":"A Lamsweerde Van","year":"2000","unstructured":"Van Lamsweerde, A., Letier, E.: Handling obstacles in goal-oriented requirements engineering. IEEE Trans. Softw. Eng. 26(10), 978\u20131005 (2000)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"560_CR69","unstructured":"Yoder, J., Barcalow, J.: Architectural patterns for enabling application security. In: Fourth Conference on Patterns Languages of Programs (PLoP\u201997) (1997)"},{"key":"560_CR70","doi-asserted-by":"crossref","unstructured":"Yu, E.: Towards modelling and reasoning support for early-phase requirements engineering. In: Proceedings of the Third IEEE International Symposium on Requirement Engineering, pp. 226\u2013235. IEEE Computer Society Press (1997)","DOI":"10.1109\/ISRE.1997.566873"},{"issue":"3","key":"560_CR71","doi-asserted-by":"crossref","first-page":"276","DOI":"10.1147\/sj.263.0276","volume":"26","author":"JA Zachman","year":"1987","unstructured":"Zachman, J.A.: A framework for information systems architecture. IBM Syst. J. 26(3), 276\u2013292 (1987)","journal-title":"IBM Syst. J."},{"issue":"1","key":"560_CR72","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/237432.237434","volume":"6","author":"P Zave","year":"1997","unstructured":"Zave, P., Jackson, M.: Four dark corners of requirements engineering. ACM Trans. Softw. Eng. Methodol. 6(1), 1\u201330 (1997)","journal-title":"ACM Trans. Softw. Eng. Methodol."}],"container-title":["Software & Systems Modeling"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10270-016-0560-y\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10270-016-0560-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10270-016-0560-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,10]],"date-time":"2025-06-10T19:55:17Z","timestamp":1749585317000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10270-016-0560-y"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,9,19]]},"references-count":72,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2018,10]]}},"alternative-id":["560"],"URL":"https:\/\/doi.org\/10.1007\/s10270-016-0560-y","relation":{},"ISSN":["1619-1366","1619-1374"],"issn-type":[{"type":"print","value":"1619-1366"},{"type":"electronic","value":"1619-1374"}],"subject":[],"published":{"date-parts":[[2016,9,19]]}}}