{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,14]],"date-time":"2026-05-14T03:12:28Z","timestamp":1778728348031,"version":"3.51.4"},"reference-count":41,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2026,9,1]],"date-time":"2026-09-01T00:00:00Z","timestamp":1788220800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2026,9,1]],"date-time":"2026-09-01T00:00:00Z","timestamp":1788220800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/legal\/tdmrep-license"},{"start":{"date-parts":[[2026,4,14]],"date-time":"2026-04-14T00:00:00Z","timestamp":1776124800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001858","name":"Sweden's Innovation Agency","doi-asserted-by":"publisher","award":["2024\\u201301718"],"award-info":[{"award-number":["2024\\u201301718"]}],"id":[{"id":"10.13039\/501100001858","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Journal of Systems and Software"],"published-print":{"date-parts":[[2026,9]]},"DOI":"10.1016\/j.jss.2026.112896","type":"journal-article","created":{"date-parts":[[2026,4,15]],"date-time":"2026-04-15T07:13:20Z","timestamp":1776237200000},"page":"112896","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":0,"special_numbering":"C","title":["SCENE: Guidelines for Security Chaos Engineering based on a systematic literature review"],"prefix":"10.1016","volume":"239","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-5656-9253","authenticated-orcid":false,"given":"Rodi","family":"Jolak","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3446-1265","authenticated-orcid":false,"given":"Mazen","family":"Mohamad","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9672-2689","authenticated-orcid":false,"given":"Ramana Reddy","family":"Avula","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1442-0298","authenticated-orcid":false,"given":"Jason","family":"Meek","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-3879-4573","authenticated-orcid":false,"given":"Alexander","family":"\u00c5str\u00f6m","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"78","reference":[{"key":"10.1016\/j.jss.2026.112896_b1","doi-asserted-by":"crossref","unstructured":"Bailey, T., Marchione, P., Swartz, P., Salih, R., Clark, M.R., Denz, R., 2022. Measuring Resiliency of System of Systems using Chaos Engineering Experiments. In: Proceedings of SPIE - the International Society for Optical Engineering.","DOI":"10.1117\/12.2632779"},{"key":"10.1016\/j.jss.2026.112896_b2","doi-asserted-by":"crossref","first-page":"35","DOI":"10.1109\/MS.2016.60","article-title":"Chaos engineering","volume":"33","author":"Basiri","year":"2016","journal-title":"IEEE Softw."},{"key":"10.1016\/j.jss.2026.112896_b3","doi-asserted-by":"crossref","first-page":"3765","DOI":"10.1007\/s10207-024-00909-w","article-title":"Enhancing DevSecOps practice with Large Language Models and Security Chaos Engineering","volume":"23","author":"Bedoya","year":"2024","journal-title":"Int. J. Inf. Secur."},{"key":"10.1016\/j.jss.2026.112896_b4","doi-asserted-by":"crossref","unstructured":"Bedoya, M., Palacios, S., Diaz-L\u00f3pez, D., Nespoli, P., Laverde, E., Su\u00e1rez, S., 2023. Securing cloud-based military systems with Security Chaos Engineering and Artificial Intelligence. In: ACM International Conference Proceeding Series.","DOI":"10.1145\/3600160.3605076"},{"key":"10.1016\/j.jss.2026.112896_b5","doi-asserted-by":"crossref","unstructured":"Belyaeva, S., Yanovich, Y., 2023. Infrastructure Security Checking Service Based on Chaos Engineering Method. In: 2023 18th International Symposium on Problems of Redundancy in Information and Control Systems, REDUNDANCY 2023. pp. 100\u2013105.","DOI":"10.1109\/Redundancy59964.2023.10330188"},{"key":"10.1016\/j.jss.2026.112896_b6","series-title":"Transforming Qualitative Information: Thematic Analysis and Code Development","author":"Boyatzis","year":"1998"},{"key":"10.1016\/j.jss.2026.112896_b7","series-title":"Research Design: Qualitative, qUantitative, and Mixed Methods Approaches","author":"Creswell","year":"2017"},{"key":"10.1016\/j.jss.2026.112896_b8","doi-asserted-by":"crossref","first-page":"106172","DOI":"10.1109\/ACCESS.2023.3316028","article-title":"Enhancing Operational Resilience of Critical Infrastructure Processes Through Chaos Engineering","volume":"11","author":"Dedousis","year":"2023","journal-title":"IEEE Access"},{"key":"10.1016\/j.jss.2026.112896_b9","first-page":"199","article-title":"Continuous resilience testing in aws environments with advanced fault injection techniques","volume":"11","author":"Devi","year":"2023","journal-title":"Int. J. Inf. Technol. Comput. Eng."},{"key":"10.1016\/j.jss.2026.112896_b10","doi-asserted-by":"crossref","first-page":"1134","DOI":"10.1109\/TII.2023.3264101","article-title":"Chaos Engineering for Resilience Assessment of Digital Twins","author":"Fogli","year":"2024","journal-title":"IEEE Trans. Ind. Inform."},{"key":"10.1016\/j.jss.2026.112896_b11","first-page":"1","article-title":"Engineering of software-intensive systems: State of the art and research challenges","author":"H\u00f6lzl","year":"2008","journal-title":"Software-Intensive Syst. New Comput. Parad.: Challenges Visions"},{"key":"10.1016\/j.jss.2026.112896_b12","series-title":"ISO\/IEC\/IEEE 42010:2011(E). International Standard for Systems and Software Engineering \u2013 Architectural description","author":"International Organization for Standardization","year":"2011"},{"key":"10.1016\/j.jss.2026.112896_b13","series-title":"Guide To Advanced Empirical Software Engineering","first-page":"201","article-title":"Reporting experiments in software engineering","author":"Jedlitschka","year":"2008"},{"key":"10.1016\/j.jss.2026.112896_b14","series-title":"SCENE guidelines and live SLR for security chaos engineering","author":"Jolak","year":"2026"},{"key":"10.1016\/j.jss.2026.112896_b15","series-title":"Computational Science \u2013 ICCS 2024","first-page":"239","article-title":"\u03bc Chaos: Moving Chaos Engineering to IoT Devices","author":"Kalka","year":"2024"},{"key":"10.1016\/j.jss.2026.112896_b16","doi-asserted-by":"crossref","DOI":"10.1145\/3660788","article-title":"Beyond code generation: An observational study of chatgpt usage in software engineering practice","volume":"1","author":"Khojah","year":"2024","journal-title":"Proc. ACM Softw. Eng."},{"key":"10.1016\/j.jss.2026.112896_b17","doi-asserted-by":"crossref","first-page":"2381","DOI":"10.1109\/TSE.2025.3587794","article-title":"The impact of prompt programming on function-level code generation","volume":"51","author":"Khojah","year":"2025","journal-title":"IEEE Trans. Softw. Eng."},{"key":"10.1016\/j.jss.2026.112896_b18","doi-asserted-by":"crossref","first-page":"97","DOI":"10.1007\/s10664-007-9053-5","article-title":"Evaluating guidelines for reporting empirical software engineering studies","volume":"13","author":"Kitchenham","year":"2008","journal-title":"Empir. Softw. Eng."},{"key":"10.1016\/j.jss.2026.112896_b19","series-title":"Guidelines for Performing Systematic Literature Reviews in Software Engineering","author":"Kitchenham","year":"2007"},{"key":"10.1016\/j.jss.2026.112896_b20","doi-asserted-by":"crossref","first-page":"159","DOI":"10.2307\/2529310","article-title":"The measurement of observer agreement for categorical data","author":"Landis","year":"1977","journal-title":"Biometrics"},{"key":"10.1016\/j.jss.2026.112896_b21","series-title":"Chaos engineering: New approaches to security","author":"Lewis","year":"2019"},{"key":"10.1016\/j.jss.2026.112896_b22","first-page":"1995","article-title":"Technology readiness levels","volume":"6","author":"Mankins","year":"1995","journal-title":"White Pap. April."},{"key":"10.1016\/j.jss.2026.112896_b23","series-title":"Leveraging large language models for cybersecurity risk assessment\u2013a case from forestry cyber-physical systems","author":"Mert G\u00fcltekin","year":"2025"},{"key":"10.1016\/j.jss.2026.112896_b24","doi-asserted-by":"crossref","DOI":"10.1016\/j.jss.2024.112082","article-title":"Managing security evidence in safety-critical organizations","volume":"214","author":"Mohamad","year":"2024","journal-title":"J. Syst. Softw."},{"key":"10.1016\/j.jss.2026.112896_b25","doi-asserted-by":"crossref","unstructured":"Naqvi, M.A., Malik, S., Astekin, M., Moonen, L., 2022. On Evaluating Self-Adaptive and Self-Healing Systems using Chaos Engineering. In: Proceedings - 2022 IEEE International Conference on Autonomic Computing and Self-Organizing Systems. pp. 1\u201310.","DOI":"10.1109\/ACSOS55765.2022.00018"},{"key":"10.1016\/j.jss.2026.112896_b26","series-title":"Chaos engineering: A multi-vocal literature review","author":"Owotogbe","year":"2024"},{"key":"10.1016\/j.jss.2026.112896_b27","article-title":"On the Way to Automatic Exploitation of Vulnerabilities and Validation of Systems Security through Security Chaos Engineering","volume":"7","author":"Palacios Chavarro","year":"2023","journal-title":"Big Data Cogn. Comput."},{"key":"10.1016\/j.jss.2026.112896_b28","doi-asserted-by":"crossref","unstructured":"Pierce, T., Schanck, J., Groeger, A., Salih, R., Clark, M.R., 2021. Chaos engineering experiments in middleware systems using targeted network degradation and automatic fault injection. In: Proceedings of SPIE - the International Society for Optical Engineering.","DOI":"10.1117\/12.2584986"},{"key":"10.1016\/j.jss.2026.112896_b29","doi-asserted-by":"crossref","first-page":"141","DOI":"10.1080\/00224545.1982.9924431","article-title":"The construct validity of balanced likert scales","volume":"118","author":"Ray","year":"1982","journal-title":"J. Soc. Psychol."},{"key":"10.1016\/j.jss.2026.112896_b30","series-title":"Chaos Engineering","author":"Rosenthal","year":"2020"},{"key":"10.1016\/j.jss.2026.112896_b31","series-title":"Security Chaos Engineering","author":"Shortridge","year":"2023"},{"key":"10.1016\/j.jss.2026.112896_b32","doi-asserted-by":"crossref","first-page":"1171","DOI":"10.1109\/TSE.2002.1158289","article-title":"Ethical issues in empirical studies of software engineering","volume":"28","author":"Singer","year":"2003","journal-title":"IEEE Trans. Softw. Eng."},{"key":"10.1016\/j.jss.2026.112896_b33","series-title":"2024 9th International Conference on Fog and Mobile Edge Computing (FMEC)","first-page":"245","article-title":"Boosting Microservice Resilience: An Evaluation of Istio\u2019s Impact on Kubernetes Clusters Under Chaos","author":"Singh","year":"2024"},{"key":"10.1016\/j.jss.2026.112896_b34","doi-asserted-by":"crossref","unstructured":"Siwach, G., Haridas, A., Chinni, N., 2022. Evaluating operational readiness using chaos engineering simulations on Kubernetes architecture in Big Data. In: 2022 International Conference on Smart Applications, Communications and Networking, SmartNets 2022.","DOI":"10.1109\/SmartNets55823.2022.9993998"},{"key":"10.1016\/j.jss.2026.112896_b35","first-page":"101","article-title":"Automated Generation of Configurable Cloud-Native Chaos Testbeds","volume":"1462","author":"Soldani","year":"2021","journal-title":"Commun. Comput. Inf. Sci."},{"key":"10.1016\/j.jss.2026.112896_b36","first-page":"1446","article-title":"Research on software security testing","volume":"4","author":"Tian-yang","year":"2010","journal-title":"Int. J. Comput. Inf. Eng."},{"key":"10.1016\/j.jss.2026.112896_b37","doi-asserted-by":"crossref","first-page":"123044","DOI":"10.1109\/ACCESS.2020.3007338","article-title":"Cloudstrike: Chaos engineering for security and resiliency in cloud infrastructure","volume":"8","author":"Torkura","year":"2020","journal-title":"IEEE Access"},{"key":"10.1016\/j.jss.2026.112896_b38","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2020.102124","article-title":"Continuous auditing and threat detection in multi-cloud infrastructure","volume":"102","author":"Torkura","year":"2021","journal-title":"Comput. Secur."},{"key":"10.1016\/j.jss.2026.112896_b39","series-title":"2018 IEEE 17th International Symposium on Network Computing and Applications (NCA)","first-page":"1","article-title":"CSBAuditor: Proactive Security Risk Analysis for Cloud Storage Broker Systems","author":"Torkura","year":"2018"},{"key":"10.1016\/j.jss.2026.112896_b40","doi-asserted-by":"crossref","unstructured":"Wohlin, C., 2014. Guidelines for snowballing in systematic literature studies and a replication in software engineering. In: Proceedings of the 18th International Conference on Evaluation and Assessment in Software Engineering. pp. 1\u201310.","DOI":"10.1145\/2601248.2601268"},{"key":"10.1016\/j.jss.2026.112896_b41","series-title":"2021 40th International Symposium on Reliable Distributed Systems (SRDS)","first-page":"46","article-title":"Chaos Duck: A Tool for Automatic IoT Software Fault-Tolerance Analysis","author":"Zavalyshyn","year":"2021"}],"container-title":["Journal of Systems and Software"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0164121226001299?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0164121226001299?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2026,5,14]],"date-time":"2026-05-14T02:48:44Z","timestamp":1778726924000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0164121226001299"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,9]]},"references-count":41,"alternative-id":["S0164121226001299"],"URL":"https:\/\/doi.org\/10.1016\/j.jss.2026.112896","relation":{},"ISSN":["0164-1212"],"issn-type":[{"value":"0164-1212","type":"print"}],"subject":[],"published":{"date-parts":[[2026,9]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"SCENE: Guidelines for Security Chaos Engineering based on a systematic literature review","name":"articletitle","label":"Article Title"},{"value":"Journal of Systems and Software","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.jss.2026.112896","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2026 The Authors. Published by Elsevier Inc.","name":"copyright","label":"Copyright"}],"article-number":"112896"}}