{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T23:46:48Z","timestamp":1740181608688,"version":"3.37.3"},"reference-count":27,"publisher":"Springer Science and Business Media LLC","issue":"8","license":[{"start":{"date-parts":[[2024,11,4]],"date-time":"2024-11-04T00:00:00Z","timestamp":1730678400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,11,4]],"date-time":"2024-11-04T00:00:00Z","timestamp":1730678400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["SN COMPUT. SCI."],"DOI":"10.1007\/s42979-024-03372-5","type":"journal-article","created":{"date-parts":[[2024,11,4]],"date-time":"2024-11-04T13:02:48Z","timestamp":1730725368000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["SST: A Tool to Support the Triage of Security Smells in Microservice Applications"],"prefix":"10.1007","volume":"5","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-6411-0511","authenticated-orcid":false,"given":"Francisco","family":"Ponce","sequence":"first","affiliation":[]},{"given":"Andrea","family":"Malnati","sequence":"additional","affiliation":[]},{"given":"Roberto","family":"Negro","sequence":"additional","affiliation":[]},{"given":"Francesca Arcelli","family":"Fontana","sequence":"additional","affiliation":[]},{"given":"Hern\u00e1n","family":"Astudillo","sequence":"additional","affiliation":[]},{"given":"Antonio","family":"Brogi","sequence":"additional","affiliation":[]},{"given":"Jacopo","family":"Soldani","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,11,4]]},"reference":[{"key":"3372_CR1","unstructured":"M\u00e1rquez G, Soldani J, Ponce F, Astudillo H. Frameworks and high-availability in microservices: An industrial survey. In: CIbSE, 2020. pp. 57\u201370."},{"issue":"4","key":"3372_CR2","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1007\/s10664-020-09910-y","volume":"26","author":"Y Wang","year":"2021","unstructured":"Wang Y, Kadiyala H, Rubin J. Promises and challenges of microservices: an exploratory study. Empir Softw Eng. 2021;26(4):63. https:\/\/doi.org\/10.1007\/s10664-020-09910-y.","journal-title":"Empir Softw Eng"},{"key":"3372_CR3","doi-asserted-by":"publisher","unstructured":"Billawa P, Bambhore\u00a0Tukaram A, D\u00edaz\u00a0Ferreyra NE, Stegh\u00f6fer J-P, Scandariato R, Simhandl G. Sok: Security of microservice applications: A practitioners\u2019 perspective on challenges and best practices. In: Proceedings of the 17th international conference on availability, reliability and security. ARES \u201922. Association for Computing Machinery, New York, NY, USA 2022. https:\/\/doi.org\/10.1145\/3538969.3538986","DOI":"10.1145\/3538969.3538986"},{"key":"3372_CR4","doi-asserted-by":"publisher","first-page":"215","DOI":"10.1016\/j.jss.2018.09.082","volume":"146","author":"J Soldani","year":"2018","unstructured":"Soldani J, Tamburri DA, Van Den Heuvel W-J. The pains and gains of microservices: A systematic grey literature review. J Syst Softw. 2018;146:215\u201332. https:\/\/doi.org\/10.1016\/j.jss.2018.09.082.","journal-title":"J Syst Softw"},{"key":"3372_CR5","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2022.111393","volume":"192","author":"F Ponce","year":"2022","unstructured":"Ponce F, Soldani J, Astudillo H, Brogi A. Smells and refactorings for microservices security: A multivocal literature review. J Syst Softw. 2022;192: 111393. https:\/\/doi.org\/10.1016\/j.jss.2022.111393.","journal-title":"J Syst Softw"},{"key":"3372_CR6","doi-asserted-by":"publisher","unstructured":"Ponce F, Soldani J, Astudillo H, Brogi A. Should microservice security smells stay or be refactored? towards a trade-off analysis. In: Software architecture. Cham: Springer; 2022. pp. 131\u2013139. https:\/\/doi.org\/10.1007\/978-3-031-16697-6_9","DOI":"10.1007\/978-3-031-16697-6_9"},{"key":"3372_CR7","doi-asserted-by":"publisher","unstructured":"Ponce F, Soldani J, Taramasco C, Astudillo H, Brogi A. To security and beyond: On the impacts of microservice security smells and refactorings. In: 2023 XLIX Latin American Computer Conference (CLEI). IEEE, New York, USA 2023. pp. 1\u201310. https:\/\/doi.org\/10.1109\/CLEI60451.2023.10346146","DOI":"10.1109\/CLEI60451.2023.10346146"},{"key":"3372_CR8","doi-asserted-by":"publisher","unstructured":"Besker T, Martini A, Bosch J. Technical debt triage in backlog management. In: 2019 IEEE\/ACM international conference on technical debt (TechDebt). IEEE, New York, USA 2019. pp. 13\u201322. https:\/\/doi.org\/10.1109\/TechDebt.2019.00010","DOI":"10.1109\/TechDebt.2019.00010"},{"key":"3372_CR9","doi-asserted-by":"publisher","unstructured":"Ponce F, Soldani J, Taramasco C, Astudillo H, Brogi A. Triaging microservice security smells, with triss. In: Proceedings of the 28th international conference on evaluation and assessment in software engineering. EASE \u201924. Association for Computing Machinery, New York, NY, USA 2024. pp. 698\u2013706. https:\/\/doi.org\/10.1145\/3661167.3661282","DOI":"10.1145\/3661167.3661282"},{"key":"3372_CR10","doi-asserted-by":"publisher","unstructured":"Kapferer S, Zimmermann O. Domain-driven service design: Context modeling, model refactoring and contract generation. In: Service-Oriented Computing, Cham: Springer; 2020. pp. 189\u2013208. https:\/\/doi.org\/10.1007\/978-3-030-64846-6_11","DOI":"10.1007\/978-3-030-64846-6_11"},{"key":"3372_CR11","doi-asserted-by":"publisher","unstructured":"Panichella S, Rahman MI, Taibi D. Structural Coupling for Microservices. In: Proceedings of the 11th international conference on cloud computing and services science - CLOSER, SciTePress, Set\u00fabal, Portugal 2021. pp. 280\u2013287. INSTICC https:\/\/doi.org\/10.5220\/0010481902800287","DOI":"10.5220\/0010481902800287"},{"issue":"6","key":"3372_CR12","doi-asserted-by":"publisher","first-page":"459","DOI":"10.1007\/s42979-021-00825-z","volume":"2","author":"J Sorgalla","year":"2021","unstructured":"Sorgalla J, Wizenty P, Rademacher F, Sachweh S, Z\u00fcndorf A. Applying model-driven engineering to stimulate the adoption of devops processes in small and medium-sized development organizations: the case for microservice architecture. SN Comput Sci. 2021;2(6):459. https:\/\/doi.org\/10.1007\/s42979-021-00825-z.","journal-title":"SN Comput Sci"},{"key":"3372_CR13","doi-asserted-by":"publisher","DOI":"10.3390\/fi15070228","author":"G Dell\u2019Immagine","year":"2023","unstructured":"Dell\u2019Immagine G, Soldani J, Brogi A. Kubehound: Detecting microservices\u2019 security smells in kubernetes deployments. Future Internet. 2023. https:\/\/doi.org\/10.3390\/fi15070228.","journal-title":"Future Internet"},{"key":"3372_CR14","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2020.110827","volume":"171","author":"V Lenarduzzi","year":"2021","unstructured":"Lenarduzzi V, Besker T, Taibi D, Martini A, Arcelli Fontana F. A systematic literature review on technical debt prioritization: Strategies, processes, factors, and tools. J Syst Softw. 2021;171: 110827. https:\/\/doi.org\/10.1016\/j.jss.2020.110827.","journal-title":"J Syst Softw"},{"key":"3372_CR15","doi-asserted-by":"publisher","unstructured":"Wizenty P, Ponce F, Rademacher F, Soldani J, Astudillo H, Brogi A, Sachweh S. Towards resolving security smells in microservices, model-driven. In: 18th international conference on software technologies (ICSOFT), SciTePress, Set\u00fabal, Portugal 2023. pp. 15\u201326. INSTICC https:\/\/doi.org\/10.5220\/0012049800003538","DOI":"10.5220\/0012049800003538"},{"key":"3372_CR16","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2023.111829","volume":"206","author":"T Cerny","year":"2023","unstructured":"Cerny T, Abdelfattah AS, Maruf AA, Janes A, Taibi D. Catalog and detection techniques of microservice anti-patterns and bad smells: a tertiary study. J Syst Softw. 2023;206: 111829. https:\/\/doi.org\/10.1016\/j.jss.2023.111829.","journal-title":"J Syst Softw"},{"key":"3372_CR17","doi-asserted-by":"publisher","unstructured":"Haendler T, Sobernig S, Strembeck M. Towards triaging code-smell candidates via runtime scenarios and method-call dependencies. In: Proceedings of the XP2017 scientific workshops. XP \u201917. Association for Computing Machinery, New York, NY, USA 2017. https:\/\/doi.org\/10.1145\/3120459.3120468","DOI":"10.1145\/3120459.3120468"},{"issue":"S2","key":"3372_CR18","doi-asserted-by":"publisher","first-page":"133","DOI":"10.1007\/s13198-020-01001-x","volume":"11","author":"R Malhotra","year":"2020","unstructured":"Malhotra R, Singh P. Exploiting bad-smells and object-oriented characteristics to prioritize classes for refactoring. Int J Syst Assur Eng Manage. 2020;11(S2):133\u201344. https:\/\/doi.org\/10.1007\/s13198-020-01001-x.","journal-title":"Int J Syst Assur Eng Manage"},{"issue":"12","key":"3372_CR19","doi-asserted-by":"publisher","first-page":"2536","DOI":"10.1002\/smr.2536","volume":"35","author":"R Verma","year":"2023","unstructured":"Verma R, Kumar K, Verma HK. Code smell prioritization in object-oriented software systems: a systematic literature review. J Softw Evol Process. 2023;35(12):2536. https:\/\/doi.org\/10.1002\/smr.2536.","journal-title":"J Softw Evol Process"},{"issue":"9","key":"3372_CR20","doi-asserted-by":"publisher","first-page":"9157","DOI":"10.1007\/s13369-021-05766-6","volume":"46","author":"T Alshammari","year":"2021","unstructured":"Alshammari T, Alshayeb M. Toward a software bad smell prioritization model for software maintainability. Arab J Sci Eng. 2021;46(9):9157\u201377. https:\/\/doi.org\/10.1007\/s13369-021-05766-6.","journal-title":"Arab J Sci Eng"},{"key":"3372_CR21","doi-asserted-by":"publisher","unstructured":"Arcelli\u00a0Fontana F, Ferme V, Zanoni M, Roveda R. Towards a prioritization of code debt: A code smell intensity index. In: 2015 IEEE 7th international workshop on managing technical debt (MTD), IEEE, New York, USA 2015. pp. 16\u201324 https:\/\/doi.org\/10.1109\/MTD.2015.7332620","DOI":"10.1109\/MTD.2015.7332620"},{"key":"3372_CR22","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2021.111133","volume":"184","author":"TWW Aung","year":"2022","unstructured":"Aung TWW, Wan Y, Huo H, Sui Y. Multi-triage: a multi-task learning framework for bug triage. J Syst Softw. 2022;184: 111133. https:\/\/doi.org\/10.1016\/j.jss.2021.111133.","journal-title":"J Syst Softw"},{"key":"3372_CR23","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1155\/2022\/4347004","volume":"2022","author":"S Lim","year":"2022","unstructured":"Lim S, Zaidi S, Woo H, Lee C-G. Toward an effective bug triage system using transformers to add new developers. J Sens. 2022;2022:19. https:\/\/doi.org\/10.1155\/2022\/4347004.","journal-title":"J Sens"},{"key":"3372_CR24","doi-asserted-by":"publisher","unstructured":"Pecorelli F, Palomba F, Khomh F, De\u00a0Lucia A. Developer-driven code smell prioritization. In: Proceedings of the 17th international conference on mining software repositories. MSR \u201920, Association for Computing Machinery, New York, NY, USA 2020. pp. 220\u2013231. https:\/\/doi.org\/10.1145\/3379597.3387457","DOI":"10.1145\/3379597.3387457"},{"key":"3372_CR25","doi-asserted-by":"publisher","unstructured":"Sae-Lim N, Hayashi S, Saeki M. Context-based code smells prioritization for prefactoring. In: 2016 IEEE 24th international conference on program comprehension (ICPC), IEEE, New York, USA 2016. pp. 1\u201310. IEEE https:\/\/doi.org\/10.1109\/ICPC.2016.7503705","DOI":"10.1109\/ICPC.2016.7503705"},{"key":"3372_CR26","doi-asserted-by":"publisher","unstructured":"Sae-Lim N, Hayashi S, Saeki M. Revisiting context-based code smells prioritization: on supporting referred context. In: Proceedings of the XP2017 scientific workshops. XP \u201917. Association for Computing Machinery, New York, NY, USA 2017. https:\/\/doi.org\/10.1145\/3120459.3120463","DOI":"10.1145\/3120459.3120463"},{"key":"3372_CR27","doi-asserted-by":"publisher","first-page":"501","DOI":"10.1007\/s10515-014-0175-x","volume":"23","author":"SA Vidal","year":"2016","unstructured":"Vidal SA, Marcos C, D\u00edaz-Pace JA. An approach to prioritize code smells for refactoring. Autom Softw Eng. 2016;23:501\u201332. https:\/\/doi.org\/10.1007\/s10515-014-0175-x.","journal-title":"Autom Softw Eng"}],"container-title":["SN Computer Science"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s42979-024-03372-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s42979-024-03372-5\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s42979-024-03372-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,11,4]],"date-time":"2024-11-04T13:18:45Z","timestamp":1730726325000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s42979-024-03372-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,11,4]]},"references-count":27,"journal-issue":{"issue":"8","published-online":{"date-parts":[[2024,12]]}},"alternative-id":["3372"],"URL":"https:\/\/doi.org\/10.1007\/s42979-024-03372-5","relation":{},"ISSN":["2661-8907"],"issn-type":[{"type":"electronic","value":"2661-8907"}],"subject":[],"published":{"date-parts":[[2024,11,4]]},"assertion":[{"value":"7 September 2024","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"12 September 2024","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"4 November 2024","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors have no relevant financial or non-financial interests to disclose.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"Not Applicable.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Research Involving Human and\/or Animals"}},{"value":"Not Applicable.","order":4,"name":"Ethics","group":{"name":"EthicsHeading","label":"Informed Consent"}}],"article-number":"1014"}}