{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T07:50:34Z","timestamp":1740124234929,"version":"3.37.3"},"reference-count":81,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2019,7,24]],"date-time":"2019-07-24T00:00:00Z","timestamp":1563926400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2019,7,24]],"date-time":"2019-07-24T00:00:00Z","timestamp":1563926400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Software Qual J"],"published-print":{"date-parts":[[2019,12]]},"DOI":"10.1007\/s11219-019-09454-5","type":"journal-article","created":{"date-parts":[[2019,7,24]],"date-time":"2019-07-24T10:59:40Z","timestamp":1563965980000},"page":"1531-1561","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Quality-centric security pattern mutations"],"prefix":"10.1007","volume":"27","author":[{"given":"Abbas","family":"Javan Jafari","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8668-5650","authenticated-orcid":false,"given":"Abbas","family":"Rasoolzadegan","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,7,24]]},"reference":[{"issue":"9","key":"9454_CR1","doi-asserted-by":"publisher","first-page":"1029","DOI":"10.1016\/j.infsof.2012.04.001","volume":"54","author":"J Abramov","year":"2012","unstructured":"Abramov, J., Sturm, A., & Shoval, P. (2012). Evaluation of the pattern-based method for secure development (PbSD): a controlled experiment. Information and Software Technology, 54(9), 1029\u20131043.","journal-title":"Information and Software Technology"},{"key":"9454_CR2","doi-asserted-by":"crossref","unstructured":"Alshammari, B., Fidge, C., & Corney, D. (2009). Security metrics for object-oriented class designs. Quality Software, 2009. QSIC\u201909. 9th International Conference on. IEEE, Jeju, South Korea, (pp. 11\u201320).","DOI":"10.1109\/QSIC.2009.11"},{"key":"9454_CR3","unstructured":"Alshammari, B., Fidge, C., & Corney, D. (2010). Security metrics for object-oriented designs, Software Engineering Conference (ASWEC), 2010 21st Australian. IEEE, Auckland, New Zealand, (pp. 55\u201364)."},{"key":"9454_CR4","first-page":"113","volume-title":"A natural classification scheme for software security patterns, dependable, autonomic and secure computing (DASC), 2011 IEEE Ninth International Conference on. IEEE","author":"AK Alvi","year":"2011","unstructured":"Alvi, A. K., & Zulkernine, M. (2011). A natural classification scheme for software security patterns, dependable, autonomic and secure computing (DASC), 2011 IEEE Ninth International Conference on. IEEE (pp. 113\u2013120)."},{"issue":"7","key":"9454_CR5","doi-asserted-by":"publisher","first-page":"1945","DOI":"10.1016\/j.jss.2013.03.063","volume":"86","author":"A Ampatzoglou","year":"2013","unstructured":"Ampatzoglou, A., Charalampidou, S., & Stamelos, I. (2013). Research state of the art on GoF design patterns: a mapping study. Journal of Systems and Software, 86(7), 1945\u20131964.","journal-title":"Journal of Systems and Software"},{"key":"9454_CR6","unstructured":"Anderson, R. J. (2010). Security engineering: a guide to building dependable distributed systems. John Wiley & Sons."},{"key":"9454_CR7","doi-asserted-by":"publisher","first-page":"52","DOI":"10.1016\/j.jss.2017.01.026","volume":"127","author":"EM Arvanitou","year":"2017","unstructured":"Arvanitou, E. M., Ampatzoglou, A., Chatzigeorgiou, A., Galster, M., & Avgeriou, P. (2017). A mapping study on design-time quality attributes and metrics. Journal of Systems and Software, 127, 52\u201377.","journal-title":"Journal of Systems and Software"},{"issue":"1","key":"9454_CR8","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1109\/32.979986","volume":"28","author":"J Bansiya","year":"2002","unstructured":"Bansiya, J., & Davis, C. G. (2002). A hierarchical model for object-oriented design quality assessment. IEEE Transactions on Software Engineering, 28(1), 4\u201317.","journal-title":"IEEE Transactions on Software Engineering"},{"issue":"7","key":"9454_CR9","doi-asserted-by":"publisher","first-page":"651","DOI":"10.1016\/j.infsof.2012.01.008","volume":"54","author":"S Barney","year":"2012","unstructured":"Barney, S., Petersen, K., Svahnberg, M., Aurum, A., & Barney, H. (2012). Software quality trade-offs: a systematic map. Information and Software Technology, 54(7), 651\u2013662.","journal-title":"Information and Software Technology"},{"issue":"1","key":"9454_CR10","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1145\/1125808.1125810","volume":"15","author":"D Basin","year":"2006","unstructured":"Basin, D., Doser, J., & Lodderstedt, T. (2006). Model driven security: from UML models to access control infrastructures. ACM Transactions on Software Engineering and Methodology (TOSEM), 15(1), 39\u201391.","journal-title":"ACM Transactions on Software Engineering and Methodology (TOSEM)"},{"key":"9454_CR11","unstructured":"Bernardi, S., Donatelli, S., & Merseguer, J. (2002). From UML sequence diagrams and statecharts to analysable petri net models, Proceedings of the 3rd international workshop on Software and performance (pp. 35\u201345). ACM."},{"key":"9454_CR12","unstructured":"Blakley, B., & Heath, C. (2004). Security design patterns (1s Edition). The Open Group Security Forum."},{"key":"9454_CR13","doi-asserted-by":"crossref","unstructured":"Bunke, M. (2015). Software-security patterns: degree of maturity. Proceedings of the 20th European Conference on Pattern Languages of Programs,\u00a0Kaufbeuren, Germany, (p. 42). ACM.","DOI":"10.1145\/2855321.2855364"},{"issue":"1","key":"9454_CR14","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1921532.1921561","volume":"36","author":"C Choppy","year":"2011","unstructured":"Choppy, C., Klai, K., & Zidani, H. (2011). Formal verification of UML state diagrams: a petri net based approach. ACM SIGSOFT Software Engineering Notes, 36(1), 1\u20138.","journal-title":"ACM SIGSOFT Software Engineering Notes"},{"key":"9454_CR15","unstructured":"Chung, L., Nixon, B. A., Yu, E., & Mylopoulos, J. (2012). Non-functional requirements in software engineering (1st Edition). Springer Science & Business Media."},{"key":"9454_CR16","unstructured":"Ciria, J. C., Dom\u00ednguez, E., Escario, I., Franc\u00e9s, \u00c1., Lape\u00f1a, M. J., & Zapata, M. A. (2014). The history-based authentication pattern, Proceedings of the 19th European Conference on Pattern Languages of Programs (p. 30). ACM."},{"key":"9454_CR17","unstructured":"de Muijnck-Hughes, J., & Duncan, I. (2012). Thinking towards a pattern language for predicate based encryption crypto-systems, Software Security and Reliability Companion (SERE-C), 2012 IEEE Sixth International Conference on. IEEE,\u00a0Gaithersburg, USA, (pp. 27\u201332)."},{"issue":"12","key":"9454_CR18","doi-asserted-by":"publisher","first-page":"3330","DOI":"10.1109\/TITS.2016.2518745","volume":"17","author":"Z Ding","year":"2016","unstructured":"Ding, Z., Jiang, M., & Zhou, M. (2016). Generating petri net-based behavioral models from textual use cases and application in railway networks. IEEE Transactions on Intelligent Transportation Systems, 17(12), 3330\u20133343.","journal-title":"IEEE Transactions on Intelligent Transportation Systems"},{"issue":"3","key":"9454_CR19","doi-asserted-by":"publisher","first-page":"274","DOI":"10.1016\/j.infsof.2009.10.001","volume":"52","author":"J Dong","year":"2010","unstructured":"Dong, J., Peng, T., & Zhao, Y. (2010). Automated verification of security pattern compositions. Information and Software Technology, 52(3), 274\u2013295.","journal-title":"Information and Software Technology"},{"key":"9454_CR20","unstructured":"Dougherty, C., Sayre, K., Seacord, R., Svoboda, D., & Togashi, K. (2009). Secure design patterns (Technical Report). Software Engineering Institute, Carnegie Mellon University."},{"key":"9454_CR21","unstructured":"Duncan, I., & de Muijnck-Hughes, J. (2014). Security pattern evaluation, Service Oriented System Engineering (SOSE), 2014 IEEE 8th International Symposium on, Oxford, UK, (pp. 428\u2013429). IEEE."},{"key":"9454_CR22","unstructured":"Elahi, G., Yu, E., Li, T., & Liu, L. (2011). Security requirements engineering in the wild: a survey of common practices, Computer Software and Applications Conference (COMPSAC), 2011 IEEE 35th Annual (pp. 314\u2013319). IEEE."},{"key":"9454_CR23","unstructured":"Fernandez, E. B. (2013). Security patterns in practice: designing secure architectures using software patterns (1st Edition). John Wiley & Sons."},{"key":"9454_CR24","unstructured":"Fernandez, E.B., Ortega-Arjona, J.L., 2009. Securing the Adapter pattern, OOPSLA MiniPLoP Conference, Orlando, Florida, USA."},{"key":"9454_CR25","unstructured":"Fernandez, E.B., Pan, R., 2001. A pattern language for security models, International PLoP 2001 Conference, Monticello, Illinois, USA."},{"key":"9454_CR26","unstructured":"Fernandez, E. B., & Sinibaldi, J. (2003). More patterns for operating system access control (pp. 381\u2013398). EuroPLoP."},{"key":"9454_CR27","doi-asserted-by":"crossref","unstructured":"Fernandez, E.B., Mujica, S., Valenzuela, F., 2011. Two security patterns: least privilege and security logger and auditor, Proceedings of the 2nd Asian Conference on Pattern Languages of Programs. ACM, Tokyo, pp. 1\u20136.","DOI":"10.1145\/2524629.2524638"},{"key":"9454_CR28","unstructured":"Fern\u00e1ndez, E. B., Monge, A. R., Carvajal, R., Encina, O., Hern\u00e1ndez, J., & Silva, P. (2014). Patterns for content-dependent and context-enhanced authorization, Proceedings of the 19th European Conference on Pattern Languages of Programs, Kloster Irsee, Germany, (p. 32). ACM."},{"issue":"3","key":"9454_CR29","doi-asserted-by":"publisher","first-page":"224","DOI":"10.1145\/501978.501980","volume":"4","author":"DF Ferraiolo","year":"2001","unstructured":"Ferraiolo, D. F., Sandhu, R., Gavrila, S., Kuhn, D. R., & Chandramouli, R. (2001). Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security (TISSEC), 4(3), 224\u2013274.","journal-title":"ACM Transactions on Information and System Security (TISSEC)"},{"key":"9454_CR30","unstructured":"Fowler, M., 2018. Refactoring homepage (Available at: \nhttps:\/\/refactoring.com\/catalog\/https:\/\/refactoring.com\/catalog\/\n\n)."},{"key":"9454_CR31","unstructured":"Fowler, M., Beck, K., Brant, J., Opdyke, W., & Roberts, D. (1999). Refactoring: improving the design of existing code (1st Edition). Addison-Wesley Professional."},{"key":"9454_CR32","unstructured":"Gamma, E., Johnson, R., Helm, R., & Vlissides, J. (1995). Design patterns: elements of reusable object-oriented software (1st Edition). Addison Wesley."},{"key":"9454_CR33","first-page":"1","volume-title":"Secure chained observer pattern in distributed systems, Proceedings of the 17th Conference on Pattern Languages of Programs","author":"VB Gondi","year":"2010","unstructured":"Gondi, V. B. (2010). Secure chained observer pattern in distributed systems, Proceedings of the 17th Conference on Pattern Languages of Programs, Nevada, USA, (pp. 1\u20139). ACM."},{"key":"9454_CR34","unstructured":"Hafiz, M. (2006). A collection of privacy design patterns, Proceedings of the 2006 conference on Pattern languages of programs, Portland, USA, (pp. 1\u201313). Portland: ACM."},{"key":"9454_CR35","first-page":"769","volume":"43","author":"M Hafiz","year":"2013","unstructured":"Hafiz, M. (2013). A pattern language for developing privacy enhancing technologies. Software: Practice and Experience, 43, 769\u2013787.","journal-title":"Software: Practice and Experience"},{"key":"9454_CR36","unstructured":"Hafiz, M., Adamczyk, P., & Johnson, R. E. (2012). Growing a pattern language (for security), Proceedings of the ACM international symposium on New ideas, new paradigms, and reflections on programming and software (pp. 139\u2013158). ACM."},{"issue":"3","key":"9454_CR37","doi-asserted-by":"publisher","first-page":"361","DOI":"10.1007\/s11219-010-9098-3","volume":"18","author":"M Haigh","year":"2010","unstructured":"Haigh, M. (2010). Software quality, non-functional software requirements and IT-business alignment. Software Quality Journal, 18(3), 361\u2013385.","journal-title":"Software Quality Journal"},{"issue":"5","key":"9454_CR38","doi-asserted-by":"publisher","first-page":"379","DOI":"10.1016\/j.cose.2006.03.002","volume":"25","author":"ST Halkidis","year":"2006","unstructured":"Halkidis, S. T., Chatzigeorgiou, A., & Stephanides, G. (2006). A qualitative analysis of software security patterns. Computers & Security, 25(5), 379\u2013392.","journal-title":"Computers & Security"},{"key":"9454_CR39","unstructured":"Hamid, B., Desnos, N., Grepet, C., & Jouvray, C. (2010). Model-based security and dependability patterns in RCES: the TERESA approach, Proceedings of the International Workshop on Security and Dependability for Resource Constrained Embedded Systems, Vienna, Austria, (p. 8). ACM."},{"key":"9454_CR40","unstructured":"Hamid, B., Geisel, J., Ziani, A., Bruel, J.-M., & Perez, J. (2013). Model-driven engineering for trusted embedded systems based on security and dependability patterns, International SDL Forum, Montreal, Canada, (pp. 72\u201390). Springer."},{"key":"9454_CR41","unstructured":"Hashizume, K., & Fernandez, E. B. (2009). Symmetric encryption and xml encryption patterns, Proceedings of the 16th Conference on Pattern Languages of Programs,\u00a0Chicago, Illinois, USA, (p. 13). ACM."},{"key":"9454_CR42","unstructured":"Heyman, T., Yskout, K., Scandariato, R., & Joosen, W. (2007). An analysis of the security patterns landscape, Proceedings of the Third International Workshop on Software Engineering for Secure Systems (p. 3). IEEE Computer Society."},{"key":"9454_CR43","unstructured":"Howard, M., & LeBlanc, D. (2003). Writing secure code (2nd Edition). Microsoft Press."},{"key":"9454_CR44","first-page":"213","volume-title":"Mapping UML diagrams to a petri net notation for system simulation","author":"Z Hu","year":"2004","unstructured":"Hu, Z., & Shatz, S. M. (2004). Mapping UML diagrams to a petri net notation for system simulation. Software Engineering and Knowledge Engineering (SEKE), Banff, Alberta, Canada, (pp. 213\u2013219)"},{"key":"9454_CR45","unstructured":"Jafari, A. J., & Rasoolzadegan, A. (2016). Securing gang of four design patterns, Proceedings of the 23rd Conference on Pattern Languages of Programs. Monticello, Illinois, USA, (p. 5). ACM."},{"key":"9454_CR46","volume-title":"Security patterns: a systematic mapping study","author":"AJ Jafari","year":"2019","unstructured":"Jafari, A. J., & Rasoolzadegan, A., (2019). Security patterns: a systematic mapping study (submitted for publication)."},{"key":"9454_CR47","unstructured":"Jasiul, B., Szpyrka, M., & \u015aliwa, J. (2014). Malware behavior modeling with colored petri nets, IFIP International Conference on Computer Information Systems and Industrial Management (pp. 667\u2013679). Springer."},{"key":"9454_CR48","unstructured":"J\u00fcrjens, J. (2005). Secure systems development with UML (1st Edition). Springer Science & Business Media."},{"issue":"5-6","key":"9454_CR49","doi-asserted-by":"publisher","first-page":"527","DOI":"10.1007\/s10009-007-0048-8","volume":"9","author":"J J\u00fcrjens","year":"2007","unstructured":"J\u00fcrjens, J., & Shabalin, P. (2007). Tools for secure systems development with UML. International Journal on Software Tools for Technology Transfer, 9(5-6), 527\u2013544.","journal-title":"International Journal on Software Tools for Technology Transfer"},{"key":"9454_CR50","volume-title":"Security patterns repository version 1.0","author":"DM Kienzle","year":"2002","unstructured":"Kienzle, D. M., Elder, M. C., Tyree, D., & Edwards-Hewitt, J. (2002). Security patterns repository version 1.0. Washington DC: DARPA."},{"key":"9454_CR51","unstructured":"Kobashi, T., Yoshioka, N., Okubo, T., Kaiya, H., Washizaki, H., & Fukazawa, Y. (2013). Validating security design patterns application using model testing, availability, Reliability and security (ARES), 2013 Eighth International Conference on,\u00a0Regensburg, Germany, (pp. 62\u201371). IEEE."},{"issue":"4","key":"9454_CR52","doi-asserted-by":"publisher","first-page":"429","DOI":"10.1007\/s10270-006-0030-z","volume":"5","author":"M Koch","year":"2006","unstructured":"Koch, M., & Parisi-Presicce, F. (2006). UML specification of access control policies and their formal verification. Software and Systems Modeling, 5(4), 429\u2013447.","journal-title":"Software and Systems Modeling"},{"key":"9454_CR53","unstructured":"Laverdiere, M., Mourad, A., Hanna, A., & Debbabi, M. (2006). Security design patterns: survey and evaluation, 2006 Canadian Conference on Electrical and Computer Engineering, Ottawa, Ontario, Canada, (pp. 1605\u20131608). IEEE."},{"key":"9454_CR54","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1016\/j.infsof.2016.11.009","volume":"83","author":"T Mariani","year":"2017","unstructured":"Mariani, T., & Vergilio, S. R. (2017). A systematic review on search-based refactoring. Information and Software Technology, 83, 14\u201334.","journal-title":"Information and Software Technology"},{"key":"9454_CR55","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1016\/j.jss.2016.11.030","volume":"125","author":"BB Mayvan","year":"2017","unstructured":"Mayvan, B. B., Rasoolzadegan, A., & Yazdi, Z. G. (2017). The state of the art on design patterns: a systematic mapping of the literature. Journal of Systems and Software, 125, 93\u2013118.","journal-title":"Journal of Systems and Software"},{"issue":"2","key":"9454_CR56","doi-asserted-by":"publisher","first-page":"126","DOI":"10.1109\/TSE.2004.1265817","volume":"30","author":"T Mens","year":"2004","unstructured":"Mens, T., & Tourw\u00e9, T. (2004). A survey of software refactoring. IEEE Transactions on Software Engineering, 30(2), 126\u2013139.","journal-title":"IEEE Transactions on Software Engineering"},{"issue":"1","key":"9454_CR57","doi-asserted-by":"publisher","first-page":"206","DOI":"10.1007\/s10664-013-9283-7","volume":"20","author":"M Misbhauddin","year":"2015","unstructured":"Misbhauddin, M., & Alshayeb, M. (2015). UML model refactoring: a systematic literature review. Empirical Software Engineering, 20(1), 206\u2013251.","journal-title":"Empirical Software Engineering"},{"issue":"6","key":"9454_CR58","doi-asserted-by":"publisher","first-page":"2503","DOI":"10.1007\/s10664-015-9414-4","volume":"21","author":"MW Mkaouer","year":"2016","unstructured":"Mkaouer, M. W., Kessentini, M., Bechikh, S., Cinn\u00e9ide, M. \u00d3., & Deb, K. (2016). On the use of many quality attributes for software refactoring: a many-objective search-based software engineering approach. Empirical Software Engineering, 21(6), 2503\u20132545.","journal-title":"Empirical Software Engineering"},{"key":"9454_CR59","unstructured":"Motii, A., Lanusse, A., Hamid, B., & Bruel, J.-M. (2016). Model-based real-time evaluation of security patterns: A SCADA system case study, International Conference on Computer Safety, Reliability, and Security (pp. 375\u2013389). Springer."},{"key":"9454_CR60","unstructured":"Opdyke, W.F., 1992. Refactoring object-oriented frameworks. PhD Thesis, University of Illinois Urbana-Champaign, IL, USA."},{"key":"9454_CR61","unstructured":"Ortiz, R., Garz\u00e1s, J., & Fern\u00e1ndez-Medina, E. (2011). Analysis of application of security patterns to build secure systems, International Conference on Advanced Information Systems Engineering, London, UK, (pp. 652\u2013659). Springer."},{"key":"9454_CR62","unstructured":"Priebe, T., Fernandez, E. B., Mehlau, J. I., & Pernul, G. (2004). A pattern system for access control, research directions in data and applications security XVIII: 18th Annual Conference on Data and Applications Security July 25\u201328, 2004, Sitges, Spain (pp. 235\u2013249). Boston: Springer US."},{"issue":"2","key":"9454_CR63","doi-asserted-by":"publisher","first-page":"42","DOI":"10.1109\/MS.2008.48","volume":"25","author":"B Regnell","year":"2008","unstructured":"Regnell, B., Svensson, R. B., & Olsson, T. (2008). Supporting roadmapping of quality requirements. IEEE Software, 25(2), 42\u201347.","journal-title":"IEEE Software"},{"key":"9454_CR64","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1016\/j.infsof.2015.04.002","volume":"65","author":"M Riaz","year":"2015","unstructured":"Riaz, M., Breaux, T., & Williams, L. (2015). How have we evaluated software pattern application? A systematic mapping study of research design practices. Information and Software Technology, 65, 14\u201338.","journal-title":"Information and Software Technology"},{"issue":"2","key":"9454_CR65","doi-asserted-by":"publisher","first-page":"38","DOI":"10.1109\/2.485845","volume":"29","author":"RS Sandhu","year":"1996","unstructured":"Sandhu, R. S., Coyne, E. J., Feinstein, H. L., & Youman, C. E. (1996). Role-based access control models. Computer, 29(2), 38\u201347.","journal-title":"Computer"},{"key":"9454_CR66","unstructured":"Schumacher, M., Fernandez, E. B., Hybertson, D., Buschmann, F., & Sommerlad, P. (2013). Security patterns: integrating security and systems engineering (1st Edition). John Wiley & Sons."},{"key":"9454_CR67","unstructured":"Smith, B., & Williams, L. (2012). On the effective use of security test patterns, software security and reliability (SERE), 2012 IEEE Sixth International Conference on,\u00a0Gaithersburg, MD, USA, (pp. 108\u2013117). IEEE."},{"key":"9454_CR68","unstructured":"Steel, C., & Nagappan, R. (2006). Core security patterns: best practices and strategies for \u201cJ2EE\u201d, web services, and identity management (1st Edition). Prentice Hall."},{"key":"9454_CR69","doi-asserted-by":"crossref","unstructured":"Steinegger, R. H., Deckers, D., Giessler, P., & Abeck, S. (2016). Risk-based authenticator for web applications. Proceedings of the 21st European Conference on Pattern Languages of Programs,\u00a0Kaufbeuren, Germany, (p. 16). ACM.","DOI":"10.1145\/3011784.3011800"},{"key":"9454_CR70","doi-asserted-by":"crossref","unstructured":"Sultana, K. Z., Williams, B. J., & Bhowmik, T. (2017). A study examining relationships between micro patterns and security vulnerabilities. Software Quality Journal, 27(1), 5-41.","DOI":"10.1007\/s11219-017-9397-z"},{"issue":"3","key":"9454_CR71","doi-asserted-by":"publisher","first-page":"293","DOI":"10.1007\/s11334-008-0065-0","volume":"4","author":"Y Thierry-Mieg","year":"2008","unstructured":"Thierry-Mieg, Y., & Hillah, L.-M. (2008). UML behavioral consistency checking using instantiable petri nets. Innovations in Systems and Software Engineering, 4(3), 293\u2013300.","journal-title":"Innovations in Systems and Software Engineering"},{"issue":"5","key":"9454_CR72","doi-asserted-by":"publisher","first-page":"681","DOI":"10.1016\/j.cose.2012.04.005","volume":"31","author":"AV Uzunov","year":"2012","unstructured":"Uzunov, A. V., Fernandez, E. B., & Falkner, K. (2012). Securing distributed systems using patterns: a survey. Computers & Security, 31(5), 681\u2013703.","journal-title":"Computers & Security"},{"key":"9454_CR73","doi-asserted-by":"crossref","first-page":"809","DOI":"10.1007\/s10270-015-0486-9","volume":"16","author":"A Van Den Berghe","year":"2015","unstructured":"Van Den Berghe, A., Scandariato, R., Yskout, K., & Joosen, W. (2015). Design notations for secure software: a systematic literature review. Software and Systems Modeling, 16, 809\u2013831.","journal-title":"Software and Systems Modeling"},{"issue":"2-3","key":"9454_CR74","doi-asserted-by":"publisher","first-page":"147","DOI":"10.1007\/s11235-011-9424-5","volume":"51","author":"N Yang","year":"2012","unstructured":"Yang, N., Yu, H., Sun, H., & Qian, Z. (2012). Modeling UML sequence diagrams using extended petri nets. Telecommunication Systems, 51(2-3), 147\u2013158.","journal-title":"Telecommunication Systems"},{"key":"9454_CR75","volume-title":"Case study research: design and methods (applied social research methods)","author":"RK Yin","year":"2009","unstructured":"Yin, R. K. (2009). Case study research: design and methods (applied social research methods). London and Singapore: Sage."},{"key":"9454_CR76","unstructured":"Yoder, J., Barcalow, J., 1997. Architectural patterns for enabling application security, 4th Conference on Pattern Languages of Programs (PLoP'97), Monticello, Illinois, USA."},{"key":"9454_CR77","unstructured":"Yskout, K., Scandariato, R., & Joosen, W. (2015). Do security patterns really help designers?, Software Engineering (ICSE), 2015 IEEE\/ACM 37th IEEE International Conference on, Florence, Italy, (pp. 292\u2013302). IEEE."},{"key":"9454_CR78","unstructured":"Yu, S., Wang, C., Ren, K., & Lou, W. (2010). Achieving secure, scalable, and fine-grained data access control in cloud computing, Infocom, 2010 proceedings IEEE,\u00a0San Diego, CA, USA, (pp. 1\u20139). IEEE."},{"issue":"5","key":"9454_CR79","doi-asserted-by":"publisher","first-page":"1213","DOI":"10.1109\/TSE.2011.79","volume":"38","author":"C Zhang","year":"2012","unstructured":"Zhang, C., & Budgen, D. (2012). What do we know about the effectiveness of software design patterns? IEEE Transactions on Software Engineering, 38(5), 1213\u20131231.","journal-title":"IEEE Transactions on Software Engineering"},{"issue":"5","key":"9454_CR80","doi-asserted-by":"publisher","first-page":"476","DOI":"10.1109\/TSE.2016.2599161","volume":"43","author":"F Zhang","year":"2017","unstructured":"Zhang, F., Hassan, A. E., McIntosh, S., & Zou, Y. (2017). The use of summation to aggregate software metrics hinders the performance of defect prediction models. IEEE Transactions on Software Engineering, 43(5), 476\u2013491.","journal-title":"IEEE Transactions on Software Engineering"},{"issue":"4","key":"9454_CR81","doi-asserted-by":"publisher","first-page":"357","DOI":"10.1007\/s11219-005-4251-0","volume":"13","author":"L Zhu","year":"2005","unstructured":"Zhu, L., Aurum, A., Gorton, I., & Jeffery, R. (2005). Tradeoff and sensitivity analysis in software architecture evaluation using analytic hierarchy process. Software Quality Journal, 13(4), 357\u2013375.","journal-title":"Software Quality Journal"}],"container-title":["Software Quality Journal"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11219-019-09454-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11219-019-09454-5\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11219-019-09454-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,7,22]],"date-time":"2020-07-22T23:05:45Z","timestamp":1595459145000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11219-019-09454-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,7,24]]},"references-count":81,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2019,12]]}},"alternative-id":["9454"],"URL":"https:\/\/doi.org\/10.1007\/s11219-019-09454-5","relation":{},"ISSN":["0963-9314","1573-1367"],"issn-type":[{"type":"print","value":"0963-9314"},{"type":"electronic","value":"1573-1367"}],"subject":[],"published":{"date-parts":[[2019,7,24]]},"assertion":[{"value":"24 July 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}