{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,24]],"date-time":"2025-10-24T20:59:21Z","timestamp":1761339561237,"version":"3.28.0"},"reference-count":22,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015,8,24]]},"DOI":"10.1109\/empire.2015.7431304","type":"proceedings-article","created":{"date-parts":[[2016,3,14]],"date-time":"2016-03-14T20:24:32Z","timestamp":1457987072000},"page":"25-32","source":"Crossref","is-referenced-by-count":3,"title":["Which security catalogue is better for novices?"],"prefix":"10.1109","author":[{"given":"Katsiaryna","family":"Labunets","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Federica","family":"Paci","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Fabio","family":"Massacci","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-13094-6_14"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2013.10.004"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/ESEM.2013.29"},{"key":"ref13","first-page":"1327","article-title":"The method evaluation model: a theoretical model for validating information systems design methods","author":"moody","year":"2003","journal-title":"Proc of ECIS &#x2018;03"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-75563-0_29"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2015.49"},{"journal-title":"Experiment page","year":"0","key":"ref16"},{"journal-title":"ATM Security Risk Assessment Methodology SESAR WP 16 2 ATM Security","article-title":"SESAR","year":"2003","key":"ref17"},{"journal-title":"The IT-Grundschutz-Catalogues","year":"2005","key":"ref18"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.2307\/249008"},{"key":"ref4","article-title":"Enterprise security architecture; a business-driven approach","author":"sherwood","year":"2005","journal-title":"Backbeat Books"},{"key":"ref3","first-page":"68","article-title":"Threat modeling-uncover security design flaws using the stride approach","author":"hernan","year":"2006","journal-title":"MSDN Magazine-Louisville"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2008.05.013"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-16101-3_7"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-31072-0_26"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-34210-3_7"},{"key":"ref2","first-page":"800","article-title":"Risk management guide for information technology systems","volume":"800","author":"stoneburner","year":"2002","journal-title":"NIST Special Publication"},{"journal-title":"Tech Rep","article-title":"ISO\/IEC 27005, Information technology Security techniques-Information security risk management","year":"2011","key":"ref1"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-87875-9_50"},{"key":"ref20","article-title":"R Package &#x2018;compute.es&#x2019;","author":"re","year":"2014","journal-title":"Compute Effect Sizes"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-29044-2"},{"journal-title":"R Package samplesize&#x2019; &#x2018; Sample size calculation for various t-Tests and Wilcoxon-Test","year":"2012","author":"scherer","key":"ref21"}],"event":{"name":"2015 IEEE Fifth International Workshop on Empirical Requirements Engineering (EmpiRE)","start":{"date-parts":[[2015,8,24]]},"location":"Ottawa, ON, Canada","end":{"date-parts":[[2015,8,24]]}},"container-title":["2015 IEEE Fifth International Workshop on Empirical Requirements Engineering (EmpiRE)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/7430398\/7431294\/07431304.pdf?arnumber=7431304","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,3,21]],"date-time":"2017-03-21T11:08:29Z","timestamp":1490094509000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/7431304\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,8,24]]},"references-count":22,"URL":"https:\/\/doi.org\/10.1109\/empire.2015.7431304","relation":{},"subject":[],"published":{"date-parts":[[2015,8,24]]}}}