{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,20]],"date-time":"2025-11-20T18:25:46Z","timestamp":1763663146333,"version":"3.28.0"},"reference-count":47,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013,11]]},"DOI":"10.1109\/ase.2013.6693092","type":"proceedings-article","created":{"date-parts":[[2014,1,6]],"date-time":"2014-01-06T12:07:25Z","timestamp":1389010045000},"page":"334-344","source":"Crossref","is-referenced-by-count":12,"title":["Finding architectural flaws using constraints"],"prefix":"10.1109","author":[{"given":"Radu","family":"Vanciu","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Marwan","family":"Abi-Antoun","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"19","doi-asserted-by":"publisher","DOI":"10.1109\/CSMR.2013.24"},{"key":"35","first-page":"70","article-title":"Idea: Towards architecture-centric security analysis of software","author":"sohr","year":"2010","journal-title":"ESSoS"},{"journal-title":"Mobile Application Security on Android","year":"2009","author":"burns","key":"17"},{"key":"36","first-page":"71","article-title":"Bauhaus - A tool suite for program analysis and reverse engineering","volume":"4006","author":"raza","year":"2006","journal-title":"Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)"},{"journal-title":"Android API Guides","year":"2012","key":"18"},{"key":"33","doi-asserted-by":"publisher","DOI":"10.1145\/2451116.2451148"},{"journal-title":"Scoria Evaluation Online Appendix","year":"2013","author":"vanciu","key":"15"},{"journal-title":"The Common Weakness Enumeration (CWE) Initiative","year":"2012","key":"34"},{"journal-title":"Java Platform Standard Edition 6 API Specification","year":"2012","key":"16"},{"key":"39","doi-asserted-by":"publisher","DOI":"10.1145\/2351676.2351691"},{"key":"13","first-page":"426","article-title":"SecureUML: A UML-based modeling language for model-driven security","author":"lodderstedt","year":"2002","journal-title":"UML Modelling Languages and Applications"},{"journal-title":"Automatic Distribution of Object-Oriented Programs","year":"2002","author":"spiegel","key":"14"},{"journal-title":"Object Constraint Language","year":"2013","key":"37"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1145\/581364.581365"},{"key":"38","doi-asserted-by":"publisher","DOI":"10.1109\/32.917525"},{"key":"12","first-page":"365","article-title":"Automated verification of UMLsec models for security requirements","volume":"3273","author":"jurjens","year":"2004","journal-title":"Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)"},{"key":"21","doi-asserted-by":"publisher","DOI":"10.1109\/32.908960"},{"key":"20","doi-asserted-by":"publisher","DOI":"10.1145\/1044834.1044835"},{"key":"43","doi-asserted-by":"publisher","DOI":"10.1145\/1542476.1542486"},{"key":"42","doi-asserted-by":"publisher","DOI":"10.1145\/292540.292561"},{"key":"41","doi-asserted-by":"publisher","DOI":"10.1016\/S0164-1212(02)00087-0"},{"key":"40","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2013.6606612"},{"key":"45","doi-asserted-by":"crossref","first-page":"210","DOI":"10.1007\/978-3-642-37057-1_15","article-title":"ANDROMEDA: Accurate and scalable security analysis of web applications","author":"tripp","year":"2013","journal-title":"Conference on Fundamental Approaches to Software Engineering (FASE)"},{"key":"44","article-title":"Highly precise taint analysis for android applications","author":"fritz","year":"2013","journal-title":"EC SPRIDE TU Darmstadt Tech Rep"},{"key":"47","first-page":"365","article-title":"Finding application errors and security flaws using PQL: A program query language","author":"martin","year":"2005","journal-title":"Proc 4th Object Oriented Programming Systems Languages and Applications Conf (OOPSLA)"},{"journal-title":"Analyzing A Heap Dump Using Object Query Language (OQL)","year":"2013","key":"46"},{"key":"22","article-title":"The soot framework for java program analysis: A retrospective","author":"lam","year":"2011","journal-title":"Cetus Users and Compiler Infrastructure Workshop (CETUS 2011)"},{"journal-title":"T J Watson Libraries for Analysis (WALA)","year":"2012","key":"23"},{"key":"24","doi-asserted-by":"publisher","DOI":"10.1145\/2351676.2351722"},{"key":"25","first-page":"21","article-title":"A study of android application security","author":"enck","year":"2011","journal-title":"USENIX Conference on Security"},{"key":"26","article-title":"SCanDroid: Automated security certification of android applications","author":"fuchs","year":"2009","journal-title":"Univ of Maryland Tech Rep"},{"key":"27","doi-asserted-by":"publisher","DOI":"10.1145\/1646353.1646374"},{"key":"28","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2004.111"},{"key":"29","first-page":"173","article-title":"Fine-grained access control with object-sensitive roles","author":"fischer","year":"2009","journal-title":"European Conference on Object-Oriented Programming (ECOOP)"},{"journal-title":"Threat Modeling","year":"2004","author":"swiderski","key":"3"},{"journal-title":"FindBugs Find Bugs in Java Programs","year":"2007","key":"2"},{"journal-title":"Writing Secure Code","year":"2003","author":"howard","key":"10"},{"key":"1","doi-asserted-by":"publisher","DOI":"10.1109\/ISSRE.2006.43"},{"key":"30","doi-asserted-by":"publisher","DOI":"10.1016\/j.cl.2008.05.006"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1109\/WCRE.2012.36"},{"key":"6","doi-asserted-by":"publisher","DOI":"10.1145\/1640089.1640113"},{"key":"32","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2012.69"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.1109\/CSMR.2013.37"},{"key":"31","first-page":"77","article-title":"Making sense of large heaps","author":"mitchell","year":"2009","journal-title":"European Conference on Object-Oriented Programming (ECOOP)"},{"key":"4","doi-asserted-by":"publisher","DOI":"10.1145\/1858996.1859001"},{"journal-title":"The CERT Oracle Secure Coding Standard for Java","year":"2011","author":"long","key":"9"},{"key":"8","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2005.119"}],"event":{"name":"2013 IEEE\/ACM 28th International Conference on Automated Software Engineering (ASE)","start":{"date-parts":[[2013,11,11]]},"location":"Silicon Valley, CA, USA","end":{"date-parts":[[2013,11,15]]}},"container-title":["2013 28th IEEE\/ACM International Conference on Automated Software Engineering (ASE)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6684409\/6693054\/06693092.pdf?arnumber=6693092","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,5]],"date-time":"2019-08-05T18:22:05Z","timestamp":1565029325000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/6693092\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,11]]},"references-count":47,"URL":"https:\/\/doi.org\/10.1109\/ase.2013.6693092","relation":{},"subject":[],"published":{"date-parts":[[2013,11]]}}}