{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,9]],"date-time":"2026-06-09T15:40:59Z","timestamp":1781019659433,"version":"3.54.1"},"reference-count":110,"publisher":"Springer Science and Business Media LLC","issue":"14","license":[{"start":{"date-parts":[[2023,10,13]],"date-time":"2023-10-13T00:00:00Z","timestamp":1697155200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,10,13]],"date-time":"2023-10-13T00:00:00Z","timestamp":1697155200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Multimed Tools Appl"],"DOI":"10.1007\/s11042-023-17218-4","type":"journal-article","created":{"date-parts":[[2023,10,13]],"date-time":"2023-10-13T01:02:12Z","timestamp":1697158932000},"page":"41847-41866","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["Security requirements specification by formal methods: a research metadata analysis"],"prefix":"10.1007","volume":"83","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-7060-2600","authenticated-orcid":false,"given":"Aditya Dev","family":"Mishra","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Khurram","family":"Mustafa","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2023,10,13]]},"reference":[{"key":"17218_CR1","doi-asserted-by":"publisher","DOI":"10.1145\/3605948","author":"H Mousavi","year":"2023","unstructured":"Mousavi H, Ebnenasir A, Mahmoudzadeh E (2023) Formal specification, verification, and repair of Contiki\u2019s scheduler. ACM Trans Cyber-Phys Syst. https:\/\/doi.org\/10.1145\/3605948","journal-title":"ACM Trans Cyber-Phys Syst"},{"key":"17218_CR2","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1016\/j.cirpj.2022.04.013","volume":"38","author":"M Dahl","year":"2022","unstructured":"Dahl M, Larsen C, Eros E, Bengtsson K, Fabian M, Falkman P (2022) Interactive formal specification for efficient preparation of intelligent automation systems. CIRP J Manuf Sci Technol 38:129\u2013138. https:\/\/doi.org\/10.1016\/j.cirpj.2022.04.013","journal-title":"CIRP J Manuf Sci Technol"},{"issue":"2","key":"17218_CR3","doi-asserted-by":"publisher","first-page":"108","DOI":"10.37398\/JSR.2022.660214","volume":"66","author":"AD Mishra","year":"2022","unstructured":"Mishra AD, Mustafa K (2022) Formalization of security requirements-a case study on a web-based application. J Sci Res 66(2):108\u2013114. https:\/\/doi.org\/10.37398\/JSR.2022.660214","journal-title":"J Sci Res"},{"key":"17218_CR4","doi-asserted-by":"publisher","unstructured":"Mishra AD, Mustafa K (2022) A review on security requirements specification by formal methods. Concurrency Comput: Pract Exp 34(5). https:\/\/doi.org\/10.1002\/cpe.6702","DOI":"10.1002\/cpe.6702"},{"key":"17218_CR5","unstructured":"Mustafa N, Kamrudin, Sidek S, Junia A, Mani L, Faisal YA, Hadi W (2021) Security requirements template-based approach to improve the writing of complete security requirements. J TheorAppl Inf Technol 99(1):1\u201312"},{"key":"17218_CR6","doi-asserted-by":"publisher","first-page":"110948","DOI":"10.1016\/j.jss.2021.110948","volume":"178","author":"S Liu","year":"2021","unstructured":"Liu S, Miao W (2021) A formal specification animation method for operation validation. J Syst Softw 178:110948. https:\/\/doi.org\/10.1016\/j.jss.2021.110948","journal-title":"J Syst Softw"},{"key":"17218_CR7","doi-asserted-by":"publisher","unstructured":"Mishra AD, Mustafa K (2021) \"A Survey on Formal Specification of Security Requirements,\" 2021 3rd International Conference on Advances in Computing, Communication Control and Networking (ICAC3N), Greater Noida, India, pp. 1453\u20131456. https:\/\/doi.org\/10.1109\/ICAC3N53548.2021.9725779","DOI":"10.1109\/ICAC3N53548.2021.9725779"},{"issue":"7","key":"17218_CR8","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3464421","volume":"54","author":"P Tolmach","year":"2021","unstructured":"Tolmach P, Li Y, Lin SW, Liu Y, Li Z (2021) A survey of smart contract formal specification and verification. ACM Comput Surv (CSUR) 54(7):1\u201338. https:\/\/doi.org\/10.1145\/3464421","journal-title":"ACM Comput Surv (CSUR)"},{"key":"17218_CR9","doi-asserted-by":"crossref","unstructured":"Michael JB, Dinolt GW, Drusinsky D (2020) Open questions in formal methods. IEEE Ann History Comput 53(05):81\u201384. https:\/\/doi.ieeecomputersociety.org\/10.1109\/MC.2020.2978567","DOI":"10.1109\/MC.2020.2978567"},{"key":"17218_CR10","doi-asserted-by":"publisher","first-page":"100030","DOI":"10.1016\/j.array.2020.100030","volume":"7","author":"K Mokos","year":"2020","unstructured":"Mokos K, Katsaros P (2020) A survey on the formalisation of system requirements and their validation. Array 7:100030. https:\/\/doi.org\/10.1016\/j.array.2020.100030","journal-title":"Array"},{"key":"17218_CR11","doi-asserted-by":"publisher","first-page":"36164","DOI":"10.1109\/ACCESS.2019.2903133","volume":"7","author":"M Asif","year":"2019","unstructured":"Asif M, Ali I, Malik MSA, Chaudary MH, Tayyaba S, Mahmood MT (2019) Annotation of software requirements specification (SRS), extractions of nonfunctional requirements, and measurement of their tradeoff. IEEE Access 7:36164\u201336176. https:\/\/doi.org\/10.1109\/ACCESS.2019.2903133","journal-title":"IEEE Access"},{"key":"17218_CR12","doi-asserted-by":"publisher","unstructured":"Rouland Q, Hamid B, Bodeveix JP, Filali M, (2019) A formal methods approach to security requirements specification and verification. In 2019 24th International Conference on Engineering of Complex Computer Systems (ICECCS) (pp. 236\u2013241). IEEE. https:\/\/doi.org\/10.1109\/ICECCS.2019.00033","DOI":"10.1109\/ICECCS.2019.00033"},{"key":"17218_CR13","doi-asserted-by":"publisher","unstructured":"Nawaz MS, Malik M, Li Y, Sun M, Lali M (2019) A survey on theorem provers in Formal methods. arXiv preprint arXiv:1912.03028. https:\/\/doi.org\/10.48550\/arXiv.1912.03028","DOI":"10.48550\/arXiv.1912.03028"},{"issue":"1","key":"17218_CR14","doi-asserted-by":"publisher","first-page":"38","DOI":"10.25046\/aj030106","volume":"3","author":"Z Zhioua","year":"2018","unstructured":"Zhioua Z, Ameur-Boulifa R, Roudier Y (2018) Framework for the formal specification and verification of security guidelines. Adv Sci, Technol Eng Syst J 3(1):38\u201348","journal-title":"Adv Sci, Technol Eng Syst J"},{"key":"17218_CR15","doi-asserted-by":"crossref","unstructured":"Subburaj VH, Urban JE (2018) Applying formal methods to specify security requirements in multi-agent systems. In: 2018 Federated Conference on Computer Science and Information Systems (FedCSIS). IEEE,\u00a0pp 707\u2013714","DOI":"10.15439\/2018F262"},{"key":"17218_CR16","doi-asserted-by":"publisher","unstructured":"Emeka BO, Liu S (2018) Assessing and extracting software security vulnerabilities in SOFL formal specifications. In 2018 International Conference on Electronics, Information, and Communication (ICEIC) (pp. 1\u20134). IEEE. https:\/\/doi.org\/10.23919\/ELINFOCOM.2018.8330613","DOI":"10.23919\/ELINFOCOM.2018.8330613"},{"key":"17218_CR17","doi-asserted-by":"crossref","unstructured":"Demirel ST, Das R (2018) Software requirement analysis: Research challenges and technical approaches. In: 2018 6th International Symposium on Digital Forensic and Security (ISDFS). IEEE,\u00a0pp 1\u20136","DOI":"10.1109\/ISDFS.2018.8355322"},{"key":"17218_CR18","doi-asserted-by":"publisher","unstructured":"Nawaz MS, Sun M (2018) Reo2PVS: Formal specification and verification of component connectors. In SEKE (pp. 391\u2013390).https:\/\/doi.org\/10.18293\/SEKE2018-024","DOI":"10.18293\/SEKE2018-024"},{"key":"17218_CR19","doi-asserted-by":"publisher","unstructured":"Zhioua Z, Roudier Y, Ameur RB (2017) Formal specification and verification of security guidelines. In 2017 IEEE 22nd Pacific Rim International Symposium on Dependable Computing (PRDC) (pp. 267\u2013273) IEEE. https:\/\/doi.org\/10.1109\/PRDC.2017.51","DOI":"10.1109\/PRDC.2017.51"},{"key":"17218_CR20","doi-asserted-by":"publisher","unstructured":"Emeka BO, Liu S (2017) Security requirement engineering using structured object-oriented formal language for M-banking applications. In 2017 IEEE International Conference on Software Quality, Reliability and Security (QRS) (pp. 176\u2013183). IEEE (2017). https:\/\/doi.org\/10.1109\/QRS.2017.28","DOI":"10.1109\/QRS.2017.28"},{"key":"17218_CR21","doi-asserted-by":"publisher","unstructured":"Howard G, Butler M, Colley J, Sassone V (2017) Formal analysis of safety and security requirements of critical systems supported by an extended STPA methodology. In 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (pp. 174\u2013180). IEEE.https:\/\/doi.org\/10.1109\/EuroSPW.2017.68","DOI":"10.1109\/EuroSPW.2017.68"},{"issue":"1","key":"17218_CR22","doi-asserted-by":"publisher","first-page":"79","DOI":"10.22667\/JOWUA.2017.03.31.079","volume":"8","author":"F Valenza","year":"2017","unstructured":"Valenza F, Su T, Spinoso S, Lioy A, Sisto R, Vallini M (2017) A formal approach for network security policy validation. J Wirel Mob Netw, Ubiquit Comput, Dependable Appl (JoWUA) 8(1):79\u2013100. https:\/\/doi.org\/10.22667\/JOWUA.2017.03.31.079","journal-title":"J Wirel Mob Netw, Ubiquit Comput, Dependable Appl (JoWUA)"},{"key":"17218_CR23","doi-asserted-by":"publisher","first-page":"110","DOI":"10.1016\/j.jlamp.2016.08.006","volume":"87","author":"M Bugliesi","year":"2017","unstructured":"Bugliesi M, Calzavara S, Focardi R (2017) Formal methods for web security. J Logical Algebraic Methods Program 87:110\u2013126. https:\/\/doi.org\/10.1016\/j.jlamp.2016.08.006","journal-title":"J Logical Algebraic Methods Program"},{"key":"17218_CR24","first-page":"2","volume":"3","author":"A Kozachok","year":"2017","unstructured":"Kozachok A, Bochkov M, Lai MT, Kochetkov E (2017) First order logic for program code functional requirements description. Bo\u043fpoc\u044b \u043a\u0438\u0431ep\u0431e\u0437o\u043fac\u043doc\u0442\u0438 3:2\u20137","journal-title":"Bo\u043fpoc\u044b \u043a\u0438\u0431ep\u0431e\u0437o\u043fac\u043doc\u0442\u0438"},{"key":"17218_CR25","doi-asserted-by":"publisher","unstructured":"Rivera J (2017). Cyber security via formal methods: A framework for implementing formal methods. In 2017 International Conference on Cyber Conflict (CyCon US) (pp. 76\u201381) IEEE.https:\/\/doi.org\/10.1109\/CYCONUS.2017.8167500","DOI":"10.1109\/CYCONUS.2017.8167500"},{"key":"17218_CR26","doi-asserted-by":"publisher","unstructured":"Li H, Li X, Hao J, Xu G, Feng Z, Xie X (2017) Fesr: A framework for eliciting security requirements based on integration of common criteria and weakness detection formal model. In 2017 IEEE International Conference on Software Quality, Reliability and Security (QRS) (pp. 352\u2013363).IEEE. https:\/\/doi.org\/10.1109\/QRS.2017.45","DOI":"10.1109\/QRS.2017.45"},{"issue":"8","key":"17218_CR27","doi-asserted-by":"publisher","first-page":"70","DOI":"10.1109\/MC.2016.228","volume":"49","author":"J Voas","year":"2016","unstructured":"Voas J, Schaffer K (2016) Whatever happened to formal methods for security? Computer 49(8):70\u201379. https:\/\/doi.org\/10.1109\/MC.2016.228","journal-title":"Computer"},{"key":"17218_CR28","unstructured":"Chong S, Guttman J, Datta A, Myers A, Pierce B, Schaumont P, Zeldovich N (2016) Report on the NSF workshop on formal methods for security. arXiv preprint arXiv:1608.00678"},{"key":"17218_CR29","doi-asserted-by":"publisher","unstructured":"Subburaj VH, Urban JE (2016) Formal specification language and agent applications. In Intelligent Agents in Data-intensive Computing (pp. 99\u2013122). Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-23742-8_5","DOI":"10.1007\/978-3-319-23742-8_5"},{"key":"17218_CR30","doi-asserted-by":"publisher","unstructured":"Biondi F, Legay A (2016) Security and privacy of protocols and software with formal methods. In International Symposium on Leveraging Applications of Formal Methods (pp. 883\u2013892). Springer, Cham. https:\/\/doi.org\/10.1007\/978-3-319-47166-2_61","DOI":"10.1007\/978-3-319-47166-2_61"},{"issue":"1","key":"17218_CR31","first-page":"64","volume":"11","author":"MR Ramesh","year":"2016","unstructured":"Ramesh MR, Reddy CS (2016) A survey on security requirement elicitation methods: classification, merits and demerits. Int J Appl Eng Res 11(1):64\u201370","journal-title":"Int J Appl Eng Res"},{"key":"17218_CR32","doi-asserted-by":"publisher","unstructured":"Jindal R, Malhotra R, Jain A (2016). Automated classification of security requirements. In 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI) (pp. 2027\u20132033). IEEE.https:\/\/doi.org\/10.1109\/ICACCI.2016.7732349","DOI":"10.1109\/ICACCI.2016.7732349"},{"issue":"2","key":"17218_CR33","doi-asserted-by":"publisher","first-page":"109","DOI":"10.1007\/s11334-015-0259-1","volume":"12","author":"B Hamid","year":"2016","unstructured":"Hamid B, G\u00fcrgens S, Fuchs A (2016) Security patterns modeling and formalization for pattern-based development of secure software systems. Innov Syst Softw Eng 12(2):109\u2013140. https:\/\/doi.org\/10.1007\/s11334-015-0259-1","journal-title":"Innov Syst Softw Eng"},{"issue":"7","key":"17218_CR34","doi-asserted-by":"publisher","first-page":"1196","DOI":"10.1017\/S0960129514000437","volume":"26","author":"S Boldo","year":"2016","unstructured":"Boldo S, Lelay C, Melquiond G (2016) Formalization of real analysis: A survey of proof assistants and libraries. Math Struct Comput Sci 26(7):1196\u20131233. https:\/\/doi.org\/10.1017\/S0960129514000437","journal-title":"Math Struct Comput Sci"},{"key":"17218_CR35","doi-asserted-by":"publisher","unstructured":"Motii A, Hamid B, Lanusse A, Bruel JM (2015). Guiding the selection of security patterns based on security requirements and pattern classification. In Proceedings of the 20th European Conference on Pattern Languages of Programs (pp. 1\u201317). https:\/\/doi.org\/10.1145\/2855321.2855332","DOI":"10.1145\/2855321.2855332"},{"key":"17218_CR36","doi-asserted-by":"publisher","unstructured":"Mu\u00f1ante D, Chiprianov V, Gallon L, Aniorte P (2014) A review of security requirements engineering methods with respect to risk analysis and model-driven engineering. International Cross-Domain Conference and Workshop on Availability, Reliability, and Security (CD-ARES), Fribourg, Switzerland. pp.79\u201393. https:\/\/doi.org\/10.1007\/978-3-319-10975-6_6","DOI":"10.1007\/978-3-319-10975-6_6"},{"issue":"5","key":"17218_CR37","doi-asserted-by":"publisher","first-page":"1122","DOI":"10.1093\/comjnl\/bxu027","volume":"58","author":"A Affleck","year":"2014","unstructured":"Affleck A, Krishna A, Achuthan NR (2014) Non-functional requirements framework: A mathematical programming approach. Comput J 58(5):1122\u20131139. https:\/\/doi.org\/10.1093\/comjnl\/bxu027","journal-title":"Comput J"},{"key":"17218_CR38","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-04897-0_7","author":"B Hamid","year":"2014","unstructured":"Hamid B, Percebois C (2014) A modeling and formal approach for the precise specification of security patterns. Int Symp Eng. https:\/\/doi.org\/10.1007\/978-3-319-04897-0_7","journal-title":"Int Symp Eng"},{"key":"17218_CR39","doi-asserted-by":"publisher","unstructured":"El-Hadary H, El-Kassas (2014) capturing security requirements for software systems. J Adv Reshttps:\/\/doi.org\/10.1016\/j.jare.2014.03.001","DOI":"10.1016\/j.jare.2014.03.001"},{"issue":"17","key":"17218_CR40","first-page":"12","volume":"90","author":"R Saranya","year":"2014","unstructured":"Saranya R (2014) Survey on security measures of software requirement engineering. Int J Comput Appl 90(17):12","journal-title":"Int J Comput Appl"},{"key":"17218_CR41","doi-asserted-by":"publisher","unstructured":"Lucio L, Zhang Q, Nguyen PH, Amrani M, Klein J, Vangheluwe H, Le Traon Y (2014) Advances in model-driven security. Adv Comput 93:103\u2013152. Elsevier.https:\/\/doi.org\/10.1016\/B978-0-12-800162-2.00003-8","DOI":"10.1016\/B978-0-12-800162-2.00003-8"},{"key":"17218_CR42","doi-asserted-by":"publisher","first-page":"337","DOI":"10.1016\/j.scico.2014.04.002","volume":"96","author":"Y Zhao","year":"2014","unstructured":"Zhao Y, Rozier KY (2014) Formal specification and verification of a coordination protocol for an automated air traffic control system. Sci Comput Program 96:337\u2013353. https:\/\/doi.org\/10.1016\/j.scico.2014.04.002","journal-title":"Sci Comput Program"},{"key":"17218_CR43","doi-asserted-by":"publisher","unstructured":"Armstrong RC, Punnoose RJ, Wong MH, Mayo JR (2014) Survey of existing tools for formal verification. Sandia Report SAND2014\u201320533.https:\/\/doi.org\/10.2172\/1166644","DOI":"10.2172\/1166644"},{"key":"17218_CR44","doi-asserted-by":"publisher","unstructured":"Anand A, Rahli V (2014) Towards a formally verified proof assistant. In International Conference on Interactive Theorem Proving (pp. 27\u201344). Springer, Cham. https:\/\/doi.org\/10.1007\/978-3-319-08970-6_3","DOI":"10.1007\/978-3-319-08970-6_3"},{"issue":"4","key":"17218_CR45","doi-asserted-by":"publisher","first-page":"66","DOI":"10.1145\/2591012","volume":"57","author":"J Avigad","year":"2014","unstructured":"Avigad J, Harrison J (2014) Formally verified mathematics. Commun ACM 57(4):66\u201375. https:\/\/doi.org\/10.1145\/2591012","journal-title":"Commun ACM"},{"key":"17218_CR46","first-page":"77","volume":"36","author":"G Klein","year":"2014","unstructured":"Klein G, Nipkow T (2014) Applications of interactive proof to data flow analysis and security. Softw Syst Safety 36:77\u2013134","journal-title":"Softw Syst Safety"},{"key":"17218_CR47","doi-asserted-by":"publisher","unstructured":"Sa\u00e2daoui A, Souayeh NBYB, Bouhoula A (2014) Formal approach for managing firewall misconfigurations. In 2014 IEEE Eighth International Conference on Research Challenges in Information Science (RCIS) (pp. 1\u201310). IEEE. https:\/\/doi.org\/10.1109\/RCIS.2014.6861044","DOI":"10.1109\/RCIS.2014.6861044"},{"issue":"19","key":"17218_CR48","doi-asserted-by":"publisher","first-page":"4664","DOI":"10.19026\/rjaset.5.4298","volume":"5","author":"S Hussain","year":"2013","unstructured":"Hussain S, Dunne P, Rasool G (2013) (2013): Formal specification of security properties using Z notation. Res J Appl Sci Eng Technol 5(19):4664\u20134670","journal-title":"Res J Appl Sci Eng Technol"},{"issue":"3","key":"17218_CR49","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1007\/s00766-013-0190-7","volume":"19","author":"TD Breaux","year":"2013","unstructured":"Breaux TD, Hibshi H, Rao A (2013) Eddy, a formal language for specifying and analyzing data flow specifications for conflicting privacy requirements. Requirements Eng 19(3):281\u2013307. https:\/\/doi.org\/10.1007\/s00766-013-0190-7","journal-title":"Requirements Eng"},{"issue":"3","key":"17218_CR50","doi-asserted-by":"publisher","first-page":"489","DOI":"10.1109\/JSYST.2012.2222000","volume":"7","author":"L Sassaman","year":"2013","unstructured":"Sassaman L, Patterson ML, Bratus S, Locasto ME (2013) Security applications of formal language theory. IEEE Syst J 7(3):489\u2013500. https:\/\/doi.org\/10.1109\/JSYST.2012.2222000","journal-title":"IEEE Syst J"},{"key":"17218_CR51","doi-asserted-by":"publisher","first-page":"210","DOI":"10.1016\/j.procs.2013.09.263","volume":"20","author":"M Rodano","year":"2013","unstructured":"Rodano M, Giammarco K (2013) A formal method for evaluation of a modeled system architecture. Procedia Comput Sci 20:210\u2013215. https:\/\/doi.org\/10.1016\/j.procs.2013.09.263","journal-title":"Procedia Comput Sci"},{"key":"17218_CR52","doi-asserted-by":"publisher","unstructured":"Ayala-Rinc\u00f3n M, Rego YS (2013) Formalization in PVS of balancing properties necessary for proving security of the Dolev-Yao cascade protocol model. J Formalized Reason 6(1):31\u201361[83].https:\/\/doi.org\/10.6092\/issn.1972-5787\/3720","DOI":"10.6092\/issn.1972-5787\/3720"},{"key":"17218_CR53","unstructured":"Islam G, Qureshi MA (2012) A framework for security requirements elicitation"},{"key":"17218_CR54","doi-asserted-by":"publisher","unstructured":"Amrani M, Lucio L, Selim G, Combemale B, Dingel J, et al (2012) A tridimensional approach for studying the formal verification of model transformations. Verification and validation of model Transformations (VOLT), Montreal, Canada. hal-00684717. https:\/\/doi.org\/10.1109\/ICST.2012.197","DOI":"10.1109\/ICST.2012.197"},{"key":"17218_CR55","unstructured":"Butin DF (2012) Inductive analysis of security protocols in Isabelle\/HOL with applications to electronic voting.\u00a0(Doctoral dissertation, Dublin City University)"},{"key":"17218_CR56","doi-asserted-by":"publisher","unstructured":"Pironti A, Pozza D, Sisto R (2012) Automated formal methods for security protocol engineering. In Cyber Security Standards, Practices and Industrial Applications: Systems and Methodologies (pp. 138\u2013166). IGI Global. https:\/\/doi.org\/10.4018\/978-1-60960-851-4.ch008","DOI":"10.4018\/978-1-60960-851-4.ch008"},{"key":"17218_CR57","doi-asserted-by":"publisher","unstructured":"Cheney J (2011) A formal framework for provenance security. In 2011 IEEE 24th Computer Security Foundations Symposium (pp. 281\u2013293). IEEE.https:\/\/doi.org\/10.1109\/CSF.2011.26","DOI":"10.1109\/CSF.2011.26"},{"key":"17218_CR58","doi-asserted-by":"crossref","unstructured":"Jain S, Ingle M (2011) Software security requirements gathering instrument. Int J Adv Comput Sci Appl (IJACSA) 2(7)","DOI":"10.14569\/IJACSA.2011.020717"},{"key":"17218_CR59","doi-asserted-by":"publisher","first-page":"274","DOI":"10.2197\/ipsjjip.19.274","volume":"19","author":"A Fuchs","year":"2011","unstructured":"Fuchs A, G\u00fcrgens S, Rudolph C (2011) Formal notions of trust and confidentiality-enabling reasoning about system security. J Inf Process 19:274\u2013291. https:\/\/doi.org\/10.2197\/ipsjjip.19.274","journal-title":"J Inf Process"},{"issue":"2","key":"17218_CR60","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1016\/j.scico.2010.03.007","volume":"76","author":"G Li","year":"2011","unstructured":"Li G, Palmer R, DeLisi M, Gopalakrishnan G, Kirby RM (2011) Formal specification of MPI 2.0: Case study in specifying a practical concurrent programming API. Sci Comput Program 76(2):65\u201381. https:\/\/doi.org\/10.1016\/j.scico.2010.03.007","journal-title":"Sci Comput Program"},{"key":"17218_CR61","unstructured":"Harbach MR (2011) Methods and tools for the formal verification of software\u00a0(Doctoral dissertation)"},{"issue":"1","key":"17218_CR62","doi-asserted-by":"publisher","first-page":"7","DOI":"10.1007\/s00766-009-0092-x","volume":"15","author":"B Fabian","year":"2010","unstructured":"Fabian B, G\u00fcrses S, Heisel M, Santen T, Schmidt H (2010) A comparison of security requirements engineering methods. Requirements Eng 15(1):7\u201340. https:\/\/doi.org\/10.1007\/s00766-009-0092-x","journal-title":"Requirements Eng"},{"key":"17218_CR63","doi-asserted-by":"publisher","DOI":"10.1016\/j.csi.2010.01.006","author":"D Mellado","year":"2010","unstructured":"Mellado D et al (2010) A systematic review of security requirements engineering. Comput Standards Interfaces. https:\/\/doi.org\/10.1016\/j.csi.2010.01.006","journal-title":"Comput Standards Interfaces"},{"key":"17218_CR64","doi-asserted-by":"publisher","unstructured":"Weldemariam K, Kemmerer RA, Villafiorita A (2010). Formal specification and analysis of an e-voting system. In 2010 International Conference on Availability, Reliability and Security (pp. 164\u2013171). IEEE. https:\/\/doi.org\/10.1109\/ARES.2010.83","DOI":"10.1109\/ARES.2010.83"},{"key":"17218_CR65","doi-asserted-by":"publisher","unstructured":"Fuchs A, G\u00fcrgens S, Rudolph C (2010) A formal notion of trust\u2013enabling reasoning about security properties. In IFIP International Conference on Trust Management (pp. 200\u2013215). Springer, Berlin, Heidelberg. https:\/\/doi.org\/10.1007\/978-3-642-13446-3_14","DOI":"10.1007\/978-3-642-13446-3_14"},{"key":"17218_CR66","doi-asserted-by":"crossref","unstructured":"Parnas DL (2010) Really rethinking 'formal methods'. Computer 43(1):28\u201334. https:\/\/doi.ieeecomputersociety.org\/10.1109\/MC.2010.74","DOI":"10.1109\/MC.2010.22"},{"key":"17218_CR67","doi-asserted-by":"publisher","unstructured":"Gruner S (2010) FM+ AM\u201909: workshop on formal methods and agile methods. Innov Syst Softw Eng 6(1\u20132):135\u2013136[95]. https:\/\/doi.org\/10.1007\/s11334-009-0101-8","DOI":"10.1007\/s11334-009-0101-8"},{"key":"17218_CR68","volume-title":"Quantification and formalization of security","author":"MR Clarkson","year":"2010","unstructured":"Clarkson MR (2010) Quantification and formalization of security. Cornell University"},{"issue":"4","key":"17218_CR69","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1145\/1592434.1592436","volume":"41","author":"J Woodcock","year":"2009","unstructured":"Woodcock J, Larsen PG, Bicarregui J, Fitzgerald J (2009) Formal methods: Practice and experience. ACM Comput Surv (CSUR) 41(4):19. https:\/\/doi.org\/10.1145\/1592434.1592436","journal-title":"ACM Comput Surv (CSUR)"},{"key":"17218_CR70","doi-asserted-by":"publisher","unstructured":"Sengupta A, Mazumdar C, Bagchi A (2009). A formal methodology for detection of vulnerabilities in an enterprise information system. In 2009 Fourth International Conference on Risks and Security of Internet and Systems (CRiSIS 2009) (pp. 74\u201381). IEEE. https:\/\/doi.org\/10.1109\/CRISIS.2009.5411976","DOI":"10.1109\/CRISIS.2009.5411976"},{"key":"17218_CR71","doi-asserted-by":"crossref","unstructured":"Tschantz MC, Wing JM (2009) Formal methods for privacy. In International Symposium on Formal Methods. Springer, Berlin, Heidelberg,\u00a0pp 1\u201315","DOI":"10.1007\/978-3-642-05089-3_1"},{"key":"17218_CR72","doi-asserted-by":"publisher","unstructured":"Menzel M, Thomas I, Sch\u00fcler B, Schnjakin M, Meinel C (2009) Security requirements specification in process-aware information systems. In ISSE 2009 Securing Electronic Business Processes (pp. 145\u2013154). Vieweg+ Teubner. https:\/\/doi.org\/10.1007\/978-3-8348-9363-5_14","DOI":"10.1007\/978-3-8348-9363-5_14"},{"key":"17218_CR73","doi-asserted-by":"publisher","DOI":"10.1016\/j.entcs.2009.09.001","author":"CL Heitmeyer","year":"2009","unstructured":"Heitmeyer CL (2009) On the role of formal methods in software certification: An experience report. Naval Res Lab Washington DC. https:\/\/doi.org\/10.1016\/j.entcs.2009.09.001","journal-title":"Naval Res Lab Washington DC"},{"issue":"4","key":"17218_CR74","first-page":"325","volume":"2","author":"J Briffaut","year":"2009","unstructured":"Briffaut J, Lalande JF, Toinard C (2009) Formalization of security properties: enforcement for mac operating systems and verification of dynamic mac policies. Int J Adv Secur 2(4):325\u2013343","journal-title":"Int J Adv Secur"},{"key":"17218_CR75","doi-asserted-by":"publisher","unstructured":"Chunlei W, Minhuan H, Ronghui H (2009) Formally analyzing software vulnerability based on model checking. In 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing (Vol. 1, pp. 615\u2013618). IEEE. https:\/\/doi.org\/10.1109\/NSWCTC.2009.104","DOI":"10.1109\/NSWCTC.2009.104"},{"issue":"2","key":"17218_CR76","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1145\/1595453.1595457","volume":"41","author":"S Liu","year":"2009","unstructured":"Liu S, Takahashi K, Hayashi T, Nakayama T (2009) Teaching formal methods in the context of software engineering. ACM SIGCSE Bull 41(2):17\u201323. https:\/\/doi.org\/10.1145\/1595453.1595457","journal-title":"ACM SIGCSE Bull"},{"issue":"1","key":"17218_CR77","doi-asserted-by":"publisher","first-page":"133","DOI":"10.1109\/TSE.2007.70754","volume":"34","author":"C Haley","year":"2008","unstructured":"Haley C, Laney R, Moffett J, Nuseibeh B (2008) Security requirements engineering: A framework for representation and analysis. IEEE Trans Software Eng 34(1):133\u2013153. https:\/\/doi.org\/10.1109\/TSE.2007.70754","journal-title":"IEEE Trans Software Eng"},{"key":"17218_CR78","doi-asserted-by":"publisher","unstructured":"Weiss M, Mouratidis H (2008). Selecting security patterns that fulfill security requirements. In 2008 16th IEEE International Requirements Engineering Conference (pp. 169\u2013172). IEEE.https:\/\/doi.org\/10.1109\/RE.2008.32","DOI":"10.1109\/RE.2008.32"},{"key":"17218_CR79","unstructured":"Matoussi A, Laleau R (2008) A survey of non-functional requirements in software development process. LACL"},{"key":"17218_CR80","doi-asserted-by":"publisher","unstructured":"Ma\u00f1a A, Pujol G (2008) Towards formal specification of abstract security properties. In 2008 Third International Conference on Availability, Reliability and Security (pp. 80\u201387). IEEE. https:\/\/doi.org\/10.1109\/ARES.2008.202","DOI":"10.1109\/ARES.2008.202"},{"key":"17218_CR81","doi-asserted-by":"publisher","unstructured":"Hassan R, Bohner S, El-Kassas S (2008). Formal derivation of security design specifications from security requirements. In Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead (p. 10). ACM.https:\/\/doi.org\/10.1145\/1413140.1413152","DOI":"10.1145\/1413140.1413152"},{"key":"17218_CR82","unstructured":"Hadavi MA, Hamishagi VS, Sangchi HM (2008) Security requirements engineering; State of the art and research challenges. Proc Int MultiConference Eng Comput Sci 1:19\u201321"},{"key":"17218_CR83","volume-title":"Principles of model checking","author":"C Baier","year":"2008","unstructured":"Baier C, Katoen JP, Larsen KG (2008) Principles of model checking. MIT press"},{"issue":"9","key":"17218_CR84","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1145\/1378727.1378742","volume":"51","author":"M Hinchey","year":"2008","unstructured":"Hinchey M, Jackson M, Cousot P, Cook B, Bowen JP, Margaria T (2008) Software engineering and formal methods. Commun ACM 51(9):54\u201359. https:\/\/doi.org\/10.1145\/1378727.1378742","journal-title":"Commun ACM"},{"issue":"2","key":"17218_CR85","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1007\/s11334-008-0051-6","volume":"4","author":"A Cerone","year":"2008","unstructured":"Cerone A, Curzon P (2008) Formal methods for interactive systems. Innov Syst Softw Eng 4(2):123\u2013212. https:\/\/doi.org\/10.1007\/s11334-008-0051-6","journal-title":"Innov Syst Softw Eng"},{"key":"17218_CR86","doi-asserted-by":"publisher","unstructured":"Goertzel KM, Winograd T, McKinley HL, Oh LJ, Colon M, McGibbon T, Vienneau R (2007) Software security assurance: A State-of-Art Report (SAR). Information Assurance Technology Analysis Center (IATAC) Herndon VA. https:\/\/doi.org\/10.21236\/ADA472363","DOI":"10.21236\/ADA472363"},{"key":"17218_CR87","unstructured":"Keele S (2007) Guidelines for performing systematic literature reviews in software engineering (Vol. 5). Technical report, Ver. 2.3 EBSE Technical Report. EBSE"},{"issue":"2","key":"17218_CR88","doi-asserted-by":"publisher","first-page":"618","DOI":"10.1016\/j.dss.2005.05.019","volume":"43","author":"A J\u00f8sang","year":"2007","unstructured":"J\u00f8sang A, Ismail R, Boyd C (2007) A survey of trust and reputation systems for online service provision. Decis Support Syst 43(2):618\u2013664. https:\/\/doi.org\/10.1016\/j.dss.2005.05.019","journal-title":"Decis Support Syst"},{"key":"17218_CR89","doi-asserted-by":"publisher","unstructured":"Morimoto S, Shigematsu S, Goto Y, Cheng J (2007). Formal verification of security specifications with common criteria. In Proceedings of the 2007 ACM symposium on Applied computing (pp. 1506\u20131512).https:\/\/doi.org\/10.1145\/1244002.1244325","DOI":"10.1145\/1244002.1244325"},{"issue":"5","key":"17218_CR90","first-page":"619","volume":"13","author":"JR Abrial","year":"2007","unstructured":"Abrial JR (2007) Formal methods: Theory becoming practice. J UCS 13(5):619\u2013628","journal-title":"J UCS"},{"key":"17218_CR91","unstructured":"Jang SJ,\u00a0Ryoo J,\u00a0Lee C (2006) Design of software security verification with formal method tools. Int J Comput Netw Secur\u00a06(9B):163"},{"key":"17218_CR92","doi-asserted-by":"publisher","unstructured":"Haley CB, Moffett JD, Laney R, Nuseibeh B (2006). A framework for security requirements engineering. In Proceedings of the 200 international workshop on Software engineering for secure systems (pp. 35\u201342). ACM.https:\/\/doi.org\/10.1145\/1137627.1137634","DOI":"10.1145\/1137627.1137634"},{"key":"17218_CR93","doi-asserted-by":"crossref","unstructured":"Sodiya AS, Onashoga SA, Ajay\u0129 OB (2006) Towards Building Secure Software Systems. Issues Informing Sci Information Technol 3","DOI":"10.28945\/920"},{"key":"17218_CR94","doi-asserted-by":"publisher","unstructured":"Blazy S, Dargaye Z, Leroy X (2006). Formal verification of a C compiler front-end. In International Symposium on Formal Methods (pp. 460\u2013475). Springer, Berlin, Heidelberg. https:\/\/doi.org\/10.1007\/11813040_31","DOI":"10.1007\/11813040_31"},{"key":"17218_CR95","doi-asserted-by":"publisher","unstructured":"De Landtsheer R, Van Lamsweerde A (2005) Reasoning about confidentiality at requirements engineering time. In Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering (pp. 41\u201349). ACM.https:\/\/doi.org\/10.1145\/1081706.1081715","DOI":"10.1145\/1081706.1081715"},{"issue":"4","key":"17218_CR96","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1082983.1083207","volume":"30","author":"J Viega","year":"2005","unstructured":"Viega J (2005) Building security requirements with CLASP. ACM SIGSOFT Softw Eng Notes 30(4):1\u20137. https:\/\/doi.org\/10.1145\/1082983.1083207","journal-title":"ACM SIGSOFT Softw Eng Notes"},{"issue":"5","key":"17218_CR97","doi-asserted-by":"publisher","first-page":"457","DOI":"10.1016\/j.csi.2005.01.004","volume":"27","author":"S G\u00fcrgens","year":"2005","unstructured":"G\u00fcrgens S, Ochsenschl\u00e4ger P, Rudolph C (2005) On a formal framework for security properties. Comput Standards Interf 27(5):457\u2013466. https:\/\/doi.org\/10.1016\/j.csi.2005.01.004","journal-title":"Comput Standards Interf"},{"key":"17218_CR98","doi-asserted-by":"publisher","unstructured":"Giorgini P, Massacci F, Mylopoulos J, Zannone N (2005) Modeling security requirements through ownership, permission and delegation. In 13th IEEE International Conference on Requirements Engineering (RE'05) (pp. 167\u2013176). IEEE. https:\/\/doi.org\/10.1109\/RE.2005.43","DOI":"10.1109\/RE.2005.43"},{"key":"17218_CR99","doi-asserted-by":"publisher","unstructured":"Barthe, G., & Dufay, G. (2005). Formal methods for smartcard security. In Foundations of Security Analysis and Design III (pp. 133\u2013177). Springer, Berlin, Heidelberg. https:\/\/doi.org\/10.1007\/11554578_5","DOI":"10.1007\/11554578_5"},{"key":"17218_CR100","doi-asserted-by":"publisher","unstructured":"Haley CB, Laney RC, Nuseibeh B (2004) Deriving security requirements from crosscutting threat descriptions. In: Proceedings of the 3rd international conference on aspect-oriented software development, ACM Press, New York, USA, pp. 112\u2013121.https:\/\/doi.org\/10.1145\/976270.976285","DOI":"10.1145\/976270.976285"},{"key":"17218_CR101","doi-asserted-by":"publisher","unstructured":"Van Lamsweerde A (2004) Elaborating security requirements by construction of intentional anti-models. In Proceedings of the 26th International Conference on Software Engineering (pp. 148\u2013157). IEEE Computer Society.https:\/\/doi.org\/10.1109\/ICSE.2004.1317437","DOI":"10.1109\/ICSE.2004.1317437"},{"key":"17218_CR102","doi-asserted-by":"publisher","unstructured":"Demolombe R (2004) Reasoning about trust: A formal logical framework. In International Conference on Trust Management (pp. 291\u2013303). Springer, Berlin, Heidelberg. https:\/\/doi.org\/10.1007\/978-3-540-24747-0_22","DOI":"10.1007\/978-3-540-24747-0_22"},{"key":"17218_CR103","doi-asserted-by":"crossref","unstructured":"Agudo I, Lopez J (2004) Specification and Formal verification of security requirements. In: CompSysTech, pp 1\u20136","DOI":"10.1145\/1050330.1050440"},{"key":"17218_CR104","unstructured":"Chiang CC (2004) Teaching a formal method in a software engineering course. In: Proceedings of the 2nd annual conference on Mid-south college computing, pp 39\u201352"},{"issue":"1","key":"17218_CR105","doi-asserted-by":"publisher","first-page":"53","DOI":"10.5381\/jot.2003.2.1.c6","volume":"2","author":"D Firesmith","year":"2003","unstructured":"Firesmith D (2003) Engineering security requirements. J Object Technol 2(1):53\u201368","journal-title":"J Object Technol"},{"key":"17218_CR106","doi-asserted-by":"publisher","unstructured":"Older S, Chin SK (2002) Formal methods for assuring security of protocols. Comput J 45(1):46\u201354[100]. https:\/\/doi.org\/10.1093\/comjnl\/45.1.46","DOI":"10.1093\/comjnl\/45.1.46"},{"issue":"1","key":"17218_CR107","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1108\/09685220110366768","volume":"9","author":"M Gerber","year":"2001","unstructured":"Gerber M, von Solms R, Overbeek P (2001) Formalizing information security requirements. Inf Manag Comput Secur 9(1):32\u201337. https:\/\/doi.org\/10.1108\/09685220110366768","journal-title":"Inf Manag Comput Secur"},{"key":"17218_CR108","doi-asserted-by":"publisher","unstructured":"Heitmeyer C (2001) Applying Practical formal methods to the specification and analysis of security properties. In International Workshop on Mathematical Methods, Models, and Architectures for Network Security (pp. 84\u201389). Springer, Berlin, Heidelberg. https:\/\/doi.org\/10.1007\/3-540-45116-1_11","DOI":"10.1007\/3-540-45116-1_11"},{"key":"17218_CR109","unstructured":"Rushby J (2001) Security requirements specifications: How and what. Symp Requir Eng Inf Secur (SREIS), vol 441"},{"key":"17218_CR110","doi-asserted-by":"publisher","unstructured":"Lamsweerde AV (2000) Formal specification: a roadmap. Proc Conf Fut Softw Eng 147\u2013159. https:\/\/doi.org\/10.1145\/336512.336546","DOI":"10.1145\/336512.336546"}],"container-title":["Multimedia Tools and Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11042-023-17218-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11042-023-17218-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11042-023-17218-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,4,4]],"date-time":"2024-04-04T13:40:39Z","timestamp":1712238039000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11042-023-17218-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,13]]},"references-count":110,"journal-issue":{"issue":"14","published-online":{"date-parts":[[2024,4]]}},"alternative-id":["17218"],"URL":"https:\/\/doi.org\/10.1007\/s11042-023-17218-4","relation":{},"ISSN":["1573-7721"],"issn-type":[{"value":"1573-7721","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,10,13]]},"assertion":[{"value":"1 February 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"14 September 2023","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"21 September 2023","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"13 October 2023","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no conflict of interest. Data sharing is not applicable to this article as no datasets were generated or analyzed during the current study.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflicts of interest"}}]}}