{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,6]],"date-time":"2026-05-06T01:57:51Z","timestamp":1778032671144,"version":"3.51.4"},"reference-count":84,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"10","license":[{"start":{"date-parts":[[2023,10,1]],"date-time":"2023-10-01T00:00:00Z","timestamp":1696118400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2023,10,1]],"date-time":"2023-10-01T00:00:00Z","timestamp":1696118400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2023,10,1]],"date-time":"2023-10-01T00:00:00Z","timestamp":1696118400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IIEEE Trans. Software Eng."],"published-print":{"date-parts":[[2023,10,1]]},"DOI":"10.1109\/tse.2023.3301660","type":"journal-article","created":{"date-parts":[[2023,8,21]],"date-time":"2023-08-21T13:50:58Z","timestamp":1692625858000},"page":"4510-4525","source":"Crossref","is-referenced-by-count":4,"title":["Runtime Verification of Crypto APIs: An Empirical Study"],"prefix":"10.1109","volume":"49","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3754-029X","authenticated-orcid":false,"given":"Adriano","family":"Torres","sequence":"first","affiliation":[{"name":"Computer Science Department, University of Brasília, Brasília, Brazil"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8385-8314","authenticated-orcid":false,"given":"Pedro","family":"Costa","sequence":"additional","affiliation":[{"name":"Computer Science Department, University of Brasília, Brasília, Brazil"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1236-3119","authenticated-orcid":false,"given":"Luis","family":"Amaral","sequence":"additional","affiliation":[{"name":"Computer Science Department, University of Brasília, Brasília, Brazil"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-5328-9011","authenticated-orcid":false,"given":"Jonata","family":"Pastro","sequence":"additional","affiliation":[{"name":"Computer Science Department, University of Brasília, Brasília, Brazil"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2380-2829","authenticated-orcid":false,"given":"Rodrigo","family":"Bonif\u00e1cio","sequence":"additional","affiliation":[{"name":"Computer Science Department, University of Brasília, Brasília, Brazil"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1323-8769","authenticated-orcid":false,"given":"Marcelo","family":"d'Amorim","sequence":"additional","affiliation":[{"name":"Department of Computer Science, North Carolina State University, Raleigh, NC, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5631-4816","authenticated-orcid":false,"given":"Owolabi","family":"Legunsen","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Cornell University, Ithaca, NY, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3470-3647","authenticated-orcid":false,"given":"Eric","family":"Bodden","sequence":"additional","affiliation":[{"name":"Paderborn University and the Fraunhofer Institute for Mechatronic Systems Design, Paderborn, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2159-339X","authenticated-orcid":false,"given":"Edna","family":"Dias Canedo","sequence":"additional","affiliation":[{"name":"Computer Science Department, University of Brasília, Brasília, Brazil"}]}],"member":"263","reference":[{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/ICST46399.2020.00038"},{"key":"ref57","first-page":"735","article-title":"Testing configuration changes in context to prevent production failures","author":"sun","year":"2020","journal-title":"Proc 14th USENIX Symp Oper Syst Des Implementation (OSDI 20)"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1007\/s10515-019-00267-1"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11164-3_24"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11164-3_24"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-20883-7_2"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/2884781.2884782"},{"key":"ref58","article-title":"ACM publications policy on research involving human participants and subjects","year":"2002"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1145\/2594291.2594299"},{"key":"ref52","article-title":"Use of hard-coded credentials","year":"2022"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/2970276.2970356"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2013.6693067"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2015.206"},{"key":"ref54","article-title":"Scalable parametric runtime monitoring","author":"jin","year":"2012"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/ICST49551.2021.00020"},{"key":"ref16","article-title":"Towards categorizing and formalizing the JDK API","author":"lee","year":"2012"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/2393596.2393598"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2012.63"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1145\/3379597.3387482"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1109\/ICSME46990.2020.00037"},{"key":"ref46","article-title":"CrySL repository","year":"2022"},{"key":"ref45","article-title":"JaCoCo Code Coverage","year":"2022"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1109\/ICST.2016.40"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1145\/3382494.3422166"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2022.3150302"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1109\/ICSENG.2018.8638176"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1016\/j.ress.2019.03.031"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-72013-1_24"},{"key":"ref49","first-page":"433","article-title":"DeFlaker: Automatically detecting flaky tests","author":"bell","year":"0","journal-title":"Proc IEEE\/ACM 40th Int Conf Softw Eng (ICSE)"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516693"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3345659"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/ICST.2019.00037"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.52"},{"key":"ref3","article-title":"Cryptographic mechanisms: Recommendations and key lengths","year":"2022"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2019.2948910"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.31"},{"key":"ref82","doi-asserted-by":"publisher","DOI":"10.1109\/SANER.2018.8330231"},{"key":"ref81","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2021.111092"},{"key":"ref40","first-page":"242","article-title":"Security analysis of the OWASP benchmark with Julia","volume":"1816","author":"ferrara","year":"2017","journal-title":"Proc 1st Italian Conf Cybersecurity (ITASEC)"},{"key":"ref84","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2017.8115707"},{"key":"ref83","doi-asserted-by":"publisher","DOI":"10.1145\/2884781.2884782"},{"key":"ref80","doi-asserted-by":"publisher","DOI":"10.1007\/s10703-017-0274-y"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2009.50"},{"key":"ref79","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2019.2906161"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-00768-2_23"},{"key":"ref78","doi-asserted-by":"publisher","DOI":"10.1145\/3105761"},{"key":"ref37","article-title":"Juliet test suite for Java (User Guide)","year":"2012"},{"key":"ref36","article-title":"Apache QPID Broker-J","year":"2022"},{"key":"ref31","article-title":"CogniCrypt – The secure integration of cryptographic software","author":"kr\u00fcger","year":"2022"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-30446-1_17"},{"key":"ref30","year":"2022","journal-title":"Java Cryptography Architecture (JCA) Reference Guide"},{"key":"ref74","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11164-3_20"},{"key":"ref33","article-title":"JavaMOP","year":"2022"},{"key":"ref77","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2016.49"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2012.6227231"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1109\/SIES.2016.7509425"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-131Ar2"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1145\/2884781.2884790"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1145\/3524610.3527895"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/SecDev.2019.00017"},{"key":"ref71","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-23820-3_24"},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-28891-3_18"},{"key":"ref73","doi-asserted-by":"publisher","DOI":"10.1109\/MASS.2015.15"},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.1109\/JSYST.2016.2614599"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833582"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243783"},{"key":"ref23","article-title":"Missing cryptographic step","year":"2022"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11698-3_27"},{"key":"ref26","article-title":"Juliet benchmark","year":"2017"},{"key":"ref25","article-title":"OWASP benchmark","year":"2022"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-35632-2_11"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2019.2948910"},{"key":"ref64","article-title":"Visualcodegrepper","year":"2022"},{"key":"ref63","article-title":"SonarQube","year":"2022"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00010"},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-30303-1_20"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2022.3154717"},{"key":"ref65","first-page":"1","article-title":"SMV-hunter: Large scale, automated detection of SSL\/TLS man-in-the-middle vulnerabilities in android apps","author":"greenwood","year":"0","journal-title":"Proc Netw Distrib Syst Secur Symp (NDSS) Internet Soc"},{"key":"ref28","author":"ferguson","year":"2010","journal-title":"Cryptography Engineering Design Principles and Practical Applications"},{"key":"ref27","author":"hook","year":"2005","journal-title":"Beginning Cryptography with Java"},{"key":"ref29","article-title":"Use of a broken or risky cryptographic algorithm","year":"2022"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2015.12.021"},{"key":"ref62","article-title":"Xanitizer","year":"2022"},{"key":"ref61","article-title":"Find security bugs","author":"arteau","year":"2022"}],"container-title":["IEEE Transactions on Software Engineering"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/32\/10286436\/10225251.pdf?arnumber=10225251","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,27]],"date-time":"2026-01-27T05:47:54Z","timestamp":1769492874000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10225251\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,1]]},"references-count":84,"journal-issue":{"issue":"10"},"URL":"https:\/\/doi.org\/10.1109\/tse.2023.3301660","relation":{},"ISSN":["0098-5589","1939-3520","2326-3881"],"issn-type":[{"value":"0098-5589","type":"print"},{"value":"1939-3520","type":"electronic"},{"value":"2326-3881","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,10,1]]}}}