{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:35:04Z","timestamp":1750307704258,"version":"3.41.0"},"reference-count":26,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2009,6,25]],"date-time":"2009-06-25T00:00:00Z","timestamp":1245888000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["SIGCSE Bull."],"published-print":{"date-parts":[[2009,6,25]]},"abstract":"<jats:p>Considerable reliance and trust is placed on software performing as expected, even when subjected to malicious treatment. Arguably, the most significant consequences to both the software vendor and the user result from security vulnerabilities being present within released code. To fully appreciate and test for these types of issues knowledge outside of \"general\" software testing techniques is typically required. As such, we were keen to establish whether there was a relationship between the reported, general lack of security testing, and what is currently being taught at the undergraduate level.<\/jats:p>","DOI":"10.1145\/1595453.1595484","type":"journal-article","created":{"date-parts":[[2009,8,24]],"date-time":"2009-08-24T14:08:31Z","timestamp":1251122911000},"page":"99-102","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Security testing"],"prefix":"10.1145","volume":"41","author":[{"given":"Matthew Nicolas","family":"Kreeger","sequence":"first","affiliation":[{"name":"nCipher Corporation, Cambridge, England, United Kingdom"}]}],"member":"320","published-online":{"date-parts":[[2009,6,25]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2007.96"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.5555\/525080.884272"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2005.45"},{"key":"e_1_2_1_4_1","unstructured":"CVE\n\n  \n   Editorial Board. CVE: Common vulnerabilities and exposures. http:\/\/cve.mitre.org\/ 2008.  CVE Editorial Board. CVE: Common vulnerabilities and exposures. http:\/\/cve.mitre.org\/ 2008."},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/336512.336559"},{"key":"e_1_2_1_6_1","first-page":"47","volume-title":"CISSE: Proceedings of the 12th Colloquium for Information Systems Security Education","author":"Frazier A.","year":"2008"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/331795.331848"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/359369.359392"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.5555\/1253531.1254695"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1113847.1113876"},{"issue":"5","key":"e_1_2_1_11_1","first-page":"163","article-title":"Testing across the curriculum: square one! Journal of Computing Sciences","volume":"19","author":"Leska C.","year":"2004","journal-title":"Colleges"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/2.755011"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2004.1281254"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1076\/csed.8.2.85.3819"},{"key":"e_1_2_1_15_1","unstructured":"NIST. The economic impacts of inadequate infrastructure for software testing. http:\/\/www.nist. gov\/director\/prog-ofc\/report02-3.pdf 2002.  NIST. The economic impacts of inadequate infrastructure for software testing. http:\/\/www.nist. gov\/director\/prog-ofc\/report02-3.pdf 2002."},{"key":"e_1_2_1_16_1","unstructured":"NIST. National vulnerability database version 2.2. http:\/\/nvd.nist.gov\/ 2008.  NIST. National vulnerability database version 2.2. http:\/\/nvd.nist.gov\/ 2008."},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2004.84"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2008.89"},{"key":"e_1_2_1_19_1","unstructured":"SANS Institute. SANS top-20 2007 security risks. http:\/\/www.sans.org\/top20\/ 2007.  SANS Institute. SANS top-20 2007 security risks. http:\/\/www.sans.org\/top20\/ 2007."},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.28945\/295"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1352322.1352246"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2007.70712"},{"key":"e_1_2_1_23_1","unstructured":"J. Walden. CSC 666-secure software engineering. http:\/\/kosh.nku.edu\/~waldenj\/classes\/2009\/ spring\/csc666\/csc666syl.pdf 2009.  J. Walden. CSC 666-secure software engineering. http:\/\/kosh.nku.edu\/~waldenj\/classes\/2009\/ spring\/csc666\/csc666syl.pdf 2009."},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1231047.1231052"},{"key":"e_1_2_1_25_1","first-page":"F1C","volume-title":"FIE'04: Proceedings of the Frontiers in Education Conference","author":"Wang J.A.","year":"2004"},{"key":"e_1_2_1_26_1","first-page":"124","volume-title":"CISSE: Proceedings of the 10th Colloquium for Information Systems Security Education","author":"Yau S.S.","year":"2006"}],"container-title":["ACM SIGCSE Bulletin"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1595453.1595484","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1595453.1595484","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T13:30:04Z","timestamp":1750253404000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1595453.1595484"}},"subtitle":["mind the knowledge gap"],"short-title":[],"issued":{"date-parts":[[2009,6,25]]},"references-count":26,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2009,6,25]]}},"alternative-id":["10.1145\/1595453.1595484"],"URL":"https:\/\/doi.org\/10.1145\/1595453.1595484","relation":{},"ISSN":["0097-8418"],"issn-type":[{"type":"print","value":"0097-8418"}],"subject":[],"published":{"date-parts":[[2009,6,25]]},"assertion":[{"value":"2009-06-25","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}