{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,23]],"date-time":"2026-06-23T13:29:46Z","timestamp":1782221386038,"version":"3.54.5"},"reference-count":25,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2002]]},"DOI":"10.1109\/icsm.2002.1167766","type":"proceedings-article","created":{"date-parts":[[2003,6,26]],"date-time":"2003-06-26T01:03:42Z","timestamp":1056589422000},"page":"194-203","source":"Crossref","is-referenced-by-count":20,"title":["Maintaining software with a security perspective"],"prefix":"10.1109","author":[{"given":"K.","family":"Jiwnani","sequence":"first","affiliation":[{"name":"Dept. of Comput. Sci., Maryland Univ., College Park, MD, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"M.","family":"Zelkowitz","sequence":"additional","affiliation":[{"name":"Dept. of Comput. Sci., Maryland Univ., College Park, MD, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"263","reference":[{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1002\/spe.4380200205"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/SP.1986.10021"},{"key":"ref12","article-title":"Software Testing Techniques","author":"beizer","year":"1990"},{"key":"ref13","article-title":"Protection Analysis Project Final Report","author":"bisbey","year":"1978"},{"key":"ref14","article-title":"Security Analysis and Enhancements of Computer Operating Systems","author":"abbott","year":"1976","journal-title":"Report NBSIR 76&#x2013;1041"},{"key":"ref15","first-page":"34","article-title":"Common System Vulnerabilities","author":"spafford","year":"1992","journal-title":"Proc Workshop Future Directions in Computer Misuse and Anomaly Detection"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1145\/185403.185412"},{"key":"ref17","article-title":"A taxonomy of Security Faults in the Unix Operating System","author":"aslam","year":"1995"},{"key":"ref18","article-title":"Use of a taxonomy of Security Faults","author":"aslam","year":"1996","journal-title":"Technical Report TR 96&#x2013;050"},{"key":"ref19","article-title":"A Taxonomy of UNIX System and Network Vulnerabilities","author":"bishop","year":"1995","journal-title":"Technical Report CS-95&#x2013;19"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/1499949.1500018"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1016\/0167-4048(89)90054-0"},{"key":"ref6","article-title":"Vulnerability Analysis of Software through Syntax Testing","author":"kaksonen","year":"2000","journal-title":"Technical Research Centre of Finland"},{"key":"ref5","article-title":"The Design of A Secure Operating System","author":"mccauley","year":"1979","journal-title":"National Computer Conference"},{"key":"ref8","article-title":"Software Fault Injection: Incoculating Programs Against Errors","author":"voas","year":"1998"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1145\/263244.263267"},{"key":"ref2","article-title":"Broadening the Scope of Penetration Testing Techniques","author":"ron","year":"1999"},{"key":"ref9","first-page":"98","article-title":"Vulnerability Testing of Software System Using Fault Injection","author":"du","year":"1998"},{"key":"ref1","article-title":"Microsoft Secrets: How the World's Most Powerful Software Company Creates Technology, Shapes Markets, and Manages People","author":"cusumano","year":"1995"},{"key":"ref20","article-title":"Categorization of Software Errors that led to Security Breaches","author":"du","year":"1998","journal-title":"21st National Information Systems Security Conference (NISSC'98)"},{"key":"ref22","article-title":"A survey of software fault surveys","author":"marick","year":"1990","journal-title":"Technical Report UIUCDCS-R-90&#x2013;1651"},{"key":"ref21","article-title":"A grammar based fault classification scheme and its application to the classification of the errors of TEX","author":"demillo","year":"1995","journal-title":"Technical Report SERC-TR-165-P"},{"key":"ref24","article-title":"Orthogonal Defect Classification - A Concept for In-Process Measurements","volume":"18","author":"ram","year":"1992","journal-title":"IEEE Transactions on Software Engineering"},{"key":"ref23","article-title":"ODC for Process Measurement, Analysis and Control","author":"chillarege","year":"1994","journal-title":"Proc of the Fourth International Conference on Software Quality ASQC Software Division"},{"key":"ref25","article-title":"A Comparison of the Security of Windows NT and UNIX","author":"hedbom","year":"1998","journal-title":"Nordic Workshop on Secure IT-Systems"}],"event":{"name":"Proceedings International Conference on Software Maintenance","location":"Montreal, QC, Canada","start":{"date-parts":[[2002,10,3]]},"end":{"date-parts":[[2002,10,6]]}},"container-title":["International Conference on Software Maintenance, 2002. Proceedings."],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/8357\/26332\/01167766.pdf?arnumber=1167766","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,6,9]],"date-time":"2021-06-09T00:52:21Z","timestamp":1623199941000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/1167766\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2002]]},"references-count":25,"URL":"https:\/\/doi.org\/10.1109\/icsm.2002.1167766","relation":{},"subject":[],"published":{"date-parts":[[2002]]}}}