{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,14]],"date-time":"2026-02-14T04:35:11Z","timestamp":1771043711290,"version":"3.50.1"},"reference-count":35,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"5","license":[{"start":{"date-parts":[[2022,5,1]],"date-time":"2022-05-01T00:00:00Z","timestamp":1651363200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2022,5,1]],"date-time":"2022-05-01T00:00:00Z","timestamp":1651363200000},"content-version":"am","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2022,5,1]],"date-time":"2022-05-01T00:00:00Z","timestamp":1651363200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2022,5,1]],"date-time":"2022-05-01T00:00:00Z","timestamp":1651363200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CCF-1350487"],"award-info":[{"award-number":["CCF-1350487"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Ohio Cyber Range"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IIEEE Trans. Software Eng."],"published-print":{"date-parts":[[2022,5,1]]},"DOI":"10.1109\/tse.2020.3030745","type":"journal-article","created":{"date-parts":[[2020,10,13]],"date-time":"2020-10-13T19:46:16Z","timestamp":1602618376000},"page":"1665-1675","source":"Crossref","is-referenced-by-count":41,"title":["Detecting Software Security Vulnerabilities Via Requirements Dependency Analysis"],"prefix":"10.1109","volume":"48","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3444-9004","authenticated-orcid":false,"given":"Wentao","family":"Wang","sequence":"first","affiliation":[{"name":"Department of Electrical Engineering and Computer Science, University of Cincinnati, Cincinnati, OH, USA"}]},{"given":"Faryn","family":"Dumont","sequence":"additional","affiliation":[{"name":"Department of Electrical Engineering and Computer Science, University of Cincinnati, Cincinnati, OH, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5566-2368","authenticated-orcid":false,"given":"Nan","family":"Niu","sequence":"additional","affiliation":[{"name":"Department of Electrical Engineering and Computer Science, University of Cincinnati, Cincinnati, OH, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9741-3212","authenticated-orcid":false,"given":"Glen","family":"Horton","sequence":"additional","affiliation":[{"name":"University of Cincinnati Libraries, University of Cincinnati, Cincinnati, OH, USA"}]}],"member":"263","reference":[{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1145\/2950290.2950354"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.2307\/3001968"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/MS.2018.1661332"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2016.2637166"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2017.55"},{"key":"ref34","first-page":"34","article-title":"A linear classifier based approach for identifying security requirements in open source software development","volume":"14","author":"wang","year":"2018","journal-title":"J Ind Inf Integr"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2009.91"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/857076.857079"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/ISRE.2001.948547"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/TCSS.2018.2872059"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/2593882.2593891"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/ICRE.2003.1232745"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2006.3"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1145\/1806799.1806825"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2016.2622264"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/ISSRE.2014.32"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1017\/S0269888903000638"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/1368088.1368112"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1109\/RE.2006.65"},{"key":"ref3","article-title":"Facebook security breach exposes accounts of 50 million users","author":"isaac","year":"2018"},{"key":"ref6","first-page":"4","article-title":"Predicting vulnerable software components via text mining","volume":"32","author":"scandariato","year":"2006","journal-title":"IEEE Trans Softw Eng"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/SST.2015.10"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2010.81"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/2483760.2483776"},{"key":"ref7","first-page":"199","article-title":"Automatic creation of SQL injection and cross-site scripting attacks","author":"kiezun","year":"2009","journal-title":"Proc Int Conf Softw Eng"},{"key":"ref2","article-title":"Worst day for eBAY, multiple flaws leave milliions of users vulnerable to hackers","author":"kumar","year":"2014"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2013.6606610"},{"key":"ref1","article-title":"CVSS severity distribution over time","year":"2020"},{"key":"ref20","article-title":"OWASP Zed Attack Proxy (ZAP)","year":"2020"},{"key":"ref22","article-title":"XSS filter evasion cheat sheet","year":"2020"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1145\/1135777.1135817"},{"key":"ref24","article-title":"Minimum security requirements for federal information and information systems","author":"ross","year":"0"},{"key":"ref23","first-page":"190","article-title":"Evaluating automated support for requirements similarity analysis in market-driven development","author":"nattoch dag","year":"2001","journal-title":"Proc Int Work Conf Requirements Eng Found Softw Quality"},{"key":"ref26","article-title":"Artifacts of &#x2018;detecting software vulnerabilities via requirements dependency analysis&#x2019;","author":"wang","year":"2020"},{"key":"ref25","article-title":"Protecting student privacy while using online educational services: Requirements and best practices US Department of Education","year":"2014"}],"container-title":["IEEE Transactions on Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/ieeexplore.ieee.org\/ielam\/32\/9775544\/9222252-aam.pdf","content-type":"application\/pdf","content-version":"am","intended-application":"syndication"},{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/32\/9775544\/09222252.pdf?arnumber=9222252","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,12,6]],"date-time":"2022-12-06T22:51:57Z","timestamp":1670367117000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9222252\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,5,1]]},"references-count":35,"journal-issue":{"issue":"5"},"URL":"https:\/\/doi.org\/10.1109\/tse.2020.3030745","relation":{},"ISSN":["0098-5589","1939-3520","2326-3881"],"issn-type":[{"value":"0098-5589","type":"print"},{"value":"1939-3520","type":"electronic"},{"value":"2326-3881","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,5,1]]}}}