{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,11]],"date-time":"2025-11-11T15:42:24Z","timestamp":1762875744208,"version":"3.41.0"},"reference-count":21,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015,9]]},"DOI":"10.1109\/scam.2015.7335423","type":"proceedings-article","created":{"date-parts":[[2015,11,23]],"date-time":"2015-11-23T22:49:26Z","timestamp":1448318966000},"page":"259-264","source":"Crossref","is-referenced-by-count":2,"title":["Improving prioritization of software weaknesses using security models with AVUS"],"prefix":"10.1109","author":[{"given":"Stephan","family":"Renatus","sequence":"first","affiliation":[{"name":"Fraunhofer Institute for Applied and Integrated Security AISEC, Germany"}]},{"given":"Corrie","family":"Bartelheimer","sequence":"additional","affiliation":[{"name":"Fraunhofer Institute for Applied and Integrated Security AISEC, Germany"}]},{"given":"Jorn","family":"Eichler","sequence":"additional","affiliation":[{"name":"Fraunhofer Institute for Applied and Integrated Security AISEC, Germany"}]}],"member":"263","reference":[{"doi-asserted-by":"publisher","key":"ref10","DOI":"10.1109\/ICSE.2013.6606613"},{"year":"2013","author":"christey","article-title":"Introduction to CWRAF","key":"ref11"},{"year":"2014","author":"christey","article-title":"Common weakness scoring system (CWSS)","key":"ref12"},{"doi-asserted-by":"publisher","key":"ref13","DOI":"10.1109\/MSP.2012.3"},{"key":"ref14","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1145\/222132.222136","article-title":"Software reflexion models: Bridging the gap between source and high-level models","volume":"20","author":"murphy","year":"1995","journal-title":"ACM SIGSOFT Software Engineering Notes"},{"doi-asserted-by":"publisher","key":"ref15","DOI":"10.1109\/ESEM.2009.5314220"},{"year":"2007","author":"mell","article-title":"A complete guide to the common vulnerability scoring system version 2.0","key":"ref16"},{"year":"2011","author":"cox","article-title":"Xv6, a simple Unix-like teaching operating system","key":"ref17"},{"year":"2003","author":"jones","journal-title":"Haskell 98 Language and Libraries The Revised Report","key":"ref18"},{"doi-asserted-by":"publisher","key":"ref19","DOI":"10.1145\/1291201.1291218"},{"doi-asserted-by":"publisher","key":"ref4","DOI":"10.1109\/ESEM.2009.5314230"},{"doi-asserted-by":"publisher","key":"ref3","DOI":"10.1016\/j.cose.2015.04.012"},{"doi-asserted-by":"publisher","key":"ref6","DOI":"10.1145\/1315245.1315311"},{"doi-asserted-by":"publisher","key":"ref5","DOI":"10.1109\/NTMS.2011.5720656"},{"key":"ref8","doi-asserted-by":"crossref","first-page":"963","DOI":"10.1145\/1297846.1297964","article-title":"Understanding the value of program analysis tools","author":"jaspan","year":"2007","journal-title":"Companion to Object-oriented Programming Systems and Applications (OOPSLA 2007)"},{"doi-asserted-by":"publisher","key":"ref7","DOI":"10.1145\/586139.586142"},{"key":"ref2","first-page":"83","article-title":"Manual vs. automated vulnerability assessment: A case study","author":"kupsch","year":"2009","journal-title":"Managing Insider Security Threats (MIST 2009)"},{"doi-asserted-by":"publisher","key":"ref1","DOI":"10.1145\/1041685.1029911"},{"doi-asserted-by":"publisher","key":"ref9","DOI":"10.1109\/ICSE.2015.76"},{"doi-asserted-by":"publisher","key":"ref20","DOI":"10.1109\/PASSAT\/SocialCom.2011.121"},{"key":"ref21","first-page":"1","article-title":"Towards enabling architectural refactorings through source code annotations","volume":"p 82","author":"krahn","year":"2006","journal-title":"Modellierung 2006"}],"event":{"name":"2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM)","start":{"date-parts":[[2015,9,27]]},"location":"Bremen, Germany","end":{"date-parts":[[2015,9,28]]}},"container-title":["2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/7321933\/7335391\/07335423.pdf?arnumber=7335423","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,31]],"date-time":"2025-05-31T13:54:19Z","timestamp":1748699659000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/7335423\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,9]]},"references-count":21,"URL":"https:\/\/doi.org\/10.1109\/scam.2015.7335423","relation":{},"subject":[],"published":{"date-parts":[[2015,9]]}}}