{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,8]],"date-time":"2026-02-08T15:54:41Z","timestamp":1770566081967,"version":"3.49.0"},"reference-count":41,"publisher":"IEEE","license":[{"start":{"date-parts":[[2019,9,1]],"date-time":"2019-09-01T00:00:00Z","timestamp":1567296000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2019,9,1]],"date-time":"2019-09-01T00:00:00Z","timestamp":1567296000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2019,9,1]],"date-time":"2019-09-01T00:00:00Z","timestamp":1567296000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019,9]]},"DOI":"10.1109\/esem.2019.8870153","type":"proceedings-article","created":{"date-parts":[[2019,10,17]],"date-time":"2019-10-17T19:16:25Z","timestamp":1571339785000},"page":"1-12","source":"Crossref","is-referenced-by-count":11,"title":["The Impact of Software Security Practices on Development Effort: An Initial Survey"],"prefix":"10.1109","author":[{"given":"Elaine","family":"Venson","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Reem","family":"Alfayez","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Marilia M. F.","family":"Gomes","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rejane M. C.","family":"Figueiredo","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Barry","family":"Boehm","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1186\/s40411-015-0023-0"},{"key":"ref38","article-title":"Fundamental Practices for Secure Software Development","author":"rice","year":"2018","journal-title":"Software Assurance Forum for Excellence in Code (SAFECode) White Paper Third Edition"},{"key":"ref33","year":"0","journal-title":"CLASP Concepts - OWASP"},{"key":"ref32","year":"2012","journal-title":"Microsoft Security Development Lifecycle (SDL) Process Guidance - Version 5 2"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1145\/3055305.3055312"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-41488-6_10"},{"key":"ref37","article-title":"An Empirically Evaluated Checklist for Surveys in Software Engineering","author":"mollri","year":"2019","journal-title":"arXiv 1901 09850 [cs]"},{"key":"ref36","author":"de mello","year":"2016","journal-title":"Conceptual framework for supporting the identification of representative samples for surveys in software engineering"},{"key":"ref35","year":"2018","journal-title":"Fundamental Practices for Secure Software Development Essential Elements of a Secure Development Lifecycle Program"},{"key":"ref34","year":"0","journal-title":"Software Security Economics Theory in Practice | Springer-Link"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1080\/19393550802623206"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1109\/CESI.2017.5"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/2413038.2413041"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1145\/3011883.3011884"},{"key":"ref13","first-page":"18","article-title":"The Impact of Security by Design on the Success of Open Source Software","author":"chehrazi","year":"2016","journal-title":"Proceeding of ECIS 2016"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2007.56"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2015.03.041"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2010.159"},{"key":"ref17","author":"boehm","year":"2009","journal-title":"Software Cost Estimation with COCOMO II"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-36465-X_17"},{"key":"ref19","first-page":"9","article-title":"Cost Estimation for Secure Software & Systems","author":"colbert","year":"2008","journal-title":"ISPA\/SCEA 2008 Joint International Conference"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-23318-5_6"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2014.366"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1007\/s41019-016-0019-8"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1109\/SC2.2017.23"},{"key":"ref6","author":"mcgraw","year":"2006","journal-title":"Software Security Building Security In"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-30806-7_12"},{"key":"ref5","article-title":"High-Level Cybersecurity Meeting Warns of Dire Effects of Cyberattacks on Prosperity, Innovation and Global Collaboration","author":"schmitt","year":"2018","journal-title":"World Economic Forum"},{"key":"ref8","first-page":"14","author":"heitzenrater","year":"2016","journal-title":"The Days Before Zero Day Investment Models for Secure Software Engineering"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/SecDev.2016.020"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/MS.2018.1661316"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1117\/12.2015465"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1080\/01402390.2012.742013"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-012-9220-1"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-31811-0_10"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/ITSIM.2010.5561460"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2016.45"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1145\/2652524.2652566"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1109\/BIFE.2012.149"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2015.45"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/WBMA.2015.9"}],"event":{"name":"2019 ACM\/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM)","location":"Porto de Galinhas, Recife, Brazil","start":{"date-parts":[[2019,9,19]]},"end":{"date-parts":[[2019,9,20]]}},"container-title":["2019 ACM\/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8864031\/8870138\/08870153.pdf?arnumber=8870153","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,7,17]],"date-time":"2022-07-17T17:54:48Z","timestamp":1658080488000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8870153\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,9]]},"references-count":41,"URL":"https:\/\/doi.org\/10.1109\/esem.2019.8870153","relation":{},"subject":[],"published":{"date-parts":[[2019,9]]}}}