{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T03:25:09Z","timestamp":1740108309310,"version":"3.37.3"},"reference-count":21,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2018,8,25]],"date-time":"2018-08-25T00:00:00Z","timestamp":1535155200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"funder":[{"DOI":"10.13039\/100010661","name":"Horizon 2020 Framework Programme","doi-asserted-by":"publisher","award":["690116"],"award-info":[{"award-number":["690116"]}],"id":[{"id":"10.13039\/100010661","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Computing"],"published-print":{"date-parts":[[2019,2]]},"DOI":"10.1007\/s00607-018-0657-y","type":"journal-article","created":{"date-parts":[[2018,8,25]],"date-time":"2018-08-25T07:58:23Z","timestamp":1535183903000},"page":"119-138","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Emulating representative software vulnerabilities using field data"],"prefix":"10.1007","volume":"101","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2916-7571","authenticated-orcid":false,"given":"Raul","family":"Barbosa","sequence":"first","affiliation":[]},{"given":"Frederico","family":"Cerveira","sequence":"additional","affiliation":[]},{"given":"Lu\u00eds","family":"Gon\u00e7alo","sequence":"additional","affiliation":[]},{"given":"Henrique","family":"Madeira","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,8,25]]},"reference":[{"key":"657_CR1","volume-title":"Compilers: principles, techniques, and tools","author":"AV Aho","year":"2007","unstructured":"Aho AV, Lam MS, Sethi R, Ullman JD (2007) Compilers: principles, techniques, and tools, 2nd edn. Pearson\/Addison-Wesley, Boston","edition":"2"},{"issue":"5","key":"657_CR2","doi-asserted-by":"publisher","first-page":"164","DOI":"10.1145\/1165389.945462","volume":"37","author":"P Barham","year":"2003","unstructured":"Barham P, Dragovic B, Fraser K, Hand S, Harris T, Ho A, Neugebauer R, Pratt I, Warfield A (2003) Xen and the art of virtualization. SIGOPS Oper Syst Rev 37(5):164\u2013177. \n                    https:\/\/doi.org\/10.1145\/1165389.945462","journal-title":"SIGOPS Oper Syst Rev"},{"key":"657_CR3","doi-asserted-by":"crossref","unstructured":"Cerveira F, Barbosa R, Mercier M, Madeira H (2017) On the emulation of vulnerabilities through software fault injection. In: 2017 13th European dependable computing conference (EDCC)","DOI":"10.1109\/EDCC.2017.28"},{"key":"657_CR4","first-page":"359","volume-title":"Handbook of software reliability engineering","author":"R Chillarege","year":"1996","unstructured":"Chillarege R (1996) Orthogonal defect classification. In: Lyu MR (ed) Handbook of software reliability engineering. IEEE CS Press, McGraw-Hill, Washington, New York, pp 359\u2013400"},{"issue":"11","key":"657_CR5","doi-asserted-by":"publisher","first-page":"943","DOI":"10.1109\/32.177364","volume":"18","author":"R Chillarege","year":"1992","unstructured":"Chillarege R, Bhandari IS, Chaar JK, Halliday MJ, Moebus DS, Ray BK, Wong MY (1992) Orthogonal defect classification\u2013a concept for in-process measurements. IEEE Trans Softw Eng 18(11):943\u2013956","journal-title":"IEEE Trans Softw Eng"},{"key":"657_CR6","doi-asserted-by":"crossref","unstructured":"Christmansson J, Chillarege R (1996) Generation of an error set that emulates software faults based on field data. In: Proceedings of the twenty-sixth international symposium on fault-tolerant computing, IEEE, Washington, pp 304\u2013313","DOI":"10.1109\/FTCS.1996.534615"},{"issue":"4","key":"657_CR7","doi-asserted-by":"publisher","first-page":"38","DOI":"10.1109\/MSP.2013.54","volume":"11","author":"D Cotroneo","year":"2013","unstructured":"Cotroneo D, Natella R (2013) Fault injection for software certification. IEEE Secur Priv 11(4):38\u201345. \n                    https:\/\/doi.org\/10.1109\/MSP.2013.54","journal-title":"IEEE Secur Priv"},{"key":"657_CR8","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1016\/j.jss.2015.11.021","volume":"113","author":"D Cotroneo","year":"2016","unstructured":"Cotroneo D, Pietrantuono R, Russo S, Trivedi KS (2016) How do bugs surface? a comprehensive study on the characteristics of software bugs manifestation. J Syst Softw 113:27\u201343","journal-title":"J Syst Softw"},{"issue":"11","key":"657_CR9","doi-asserted-by":"publisher","first-page":"849","DOI":"10.1109\/TSE.2006.113","volume":"32","author":"JA Duraes","year":"2006","unstructured":"Duraes JA, Madeira HS (2006) Emulation of software faults: a field data study and a practical approach. IEEE Trans Softw Eng 32(11):849\u2013867. \n                    https:\/\/doi.org\/10.1109\/TSE.2006.113","journal-title":"IEEE Trans Softw Eng"},{"issue":"3","key":"657_CR10","doi-asserted-by":"publisher","first-page":"182","DOI":"10.1147\/sj.153.0182","volume":"15","author":"ME Fagan","year":"1976","unstructured":"Fagan ME (1976) Design and code inspections to reduce errors in program development. IBM Syst J 15(3):182\u2013211","journal-title":"IBM Syst J"},{"key":"657_CR11","doi-asserted-by":"publisher","unstructured":"Fonseca J, Vieira M (2008) Mapping software faults with web security vulnerabilities. In: 2008 IEEE international conference on dependable systems and networks With FTCS and DCC (DSN), pp 257\u2013266. \n                    https:\/\/doi.org\/10.1109\/DSN.2008.4630094","DOI":"10.1109\/DSN.2008.4630094"},{"key":"657_CR12","doi-asserted-by":"publisher","unstructured":"Fonseca J, Vieira M, Madeira H (2007) Testing and comparing web vulnerability scanning tools for SQL injection and XSS attacks. In: 13th Pacific Rim international symposium on dependable computing (PRDC 2007), pp 365\u2013372. \n                    https:\/\/doi.org\/10.1109\/PRDC.2007.55","DOI":"10.1109\/PRDC.2007.55"},{"key":"657_CR13","doi-asserted-by":"publisher","unstructured":"Fonseca J, Vieira M, Madeira H (2009) Vulnerability & attack injection for web applications. In: 2009 IEEE\/IFIP international conference on dependable systems networks, pp 93\u2013102. \n                    https:\/\/doi.org\/10.1109\/DSN.2009.5270349","DOI":"10.1109\/DSN.2009.5270349"},{"issue":"4","key":"657_CR14","doi-asserted-by":"publisher","first-page":"75","DOI":"10.1109\/2.585157","volume":"30","author":"MC Hsueh","year":"1997","unstructured":"Hsueh MC, Tsai TK, Iyer RK (1997) Fault injection techniques and tools. IEEE Comput 30(4):75\u201382. \n                    https:\/\/doi.org\/10.1109\/2.585157","journal-title":"IEEE Comput"},{"key":"657_CR15","volume-title":"Linux kernel development","author":"R Love","year":"2005","unstructured":"Love R (2005) Linux kernel development, 2nd edn. Novell Press, Provo","edition":"2"},{"key":"657_CR16","volume-title":"SSH Mastery: OpenSSH, PuTTY,tunnels and keys","author":"MW Lucas","year":"2012","unstructured":"Lucas MW (2012) SSH Mastery: OpenSSH, PuTTY,tunnels and keys. Tilted Windmill Press, Michigan"},{"issue":"9","key":"657_CR17","doi-asserted-by":"publisher","first-page":"888","DOI":"10.1109\/32.877848","volume":"26","author":"RA Maxion","year":"2000","unstructured":"Maxion RA, Olszewski RT (2000) Eliminating exception handling errors with dependability cases: a comparative, empirical study. IEEE Trans Software Eng 26(9):888\u2013906. \n                    https:\/\/doi.org\/10.1109\/32.877848","journal-title":"IEEE Trans Software Eng"},{"issue":"4","key":"657_CR18","doi-asserted-by":"publisher","first-page":"308","DOI":"10.1109\/TSE.1976.233837","volume":"SE\u20132","author":"TJ McCabe","year":"1976","unstructured":"McCabe TJ (1976) A complexity measure. IEEE Trans Soft Eng SE\u20132(4):308\u2013320. \n                    https:\/\/doi.org\/10.1109\/TSE.1976.233837","journal-title":"IEEE Trans Soft Eng"},{"issue":"3","key":"657_CR19","doi-asserted-by":"publisher","first-page":"136, 135","DOI":"10.1109\/52.589257","volume":"14","author":"S McConnell","year":"1997","unstructured":"McConnell S (1997) Best practices: Gauging software readiness with defect tracking. IEEE Softw 14(3):136, 135","journal-title":"IEEE Softw"},{"key":"657_CR20","doi-asserted-by":"publisher","unstructured":"Pereira G, Barbosa R, Madeira H (2016) Practical emulation of software defects in source code. In: 2016 12th European dependable computing conference (EDCC), pp 130\u2013140. \n                    https:\/\/doi.org\/10.1109\/EDCC.2016.19","DOI":"10.1109\/EDCC.2016.19"},{"key":"657_CR21","volume-title":"Computer security: principles and practice","author":"W Stallings","year":"2011","unstructured":"Stallings W, Brown L (2011) Computer security: principles and practice, 2nd edn. Prentice-Hall, Inc, Upper Saddle River","edition":"2"}],"container-title":["Computing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00607-018-0657-y\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00607-018-0657-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00607-018-0657-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,24]],"date-time":"2019-09-24T03:44:09Z","timestamp":1569296649000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00607-018-0657-y"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,8,25]]},"references-count":21,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2019,2]]}},"alternative-id":["657"],"URL":"https:\/\/doi.org\/10.1007\/s00607-018-0657-y","relation":{},"ISSN":["0010-485X","1436-5057"],"issn-type":[{"type":"print","value":"0010-485X"},{"type":"electronic","value":"1436-5057"}],"subject":[],"published":{"date-parts":[[2018,8,25]]},"assertion":[{"value":"30 September 2017","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"18 August 2018","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"25 August 2018","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}