{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T04:56:23Z","timestamp":1755838583731,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":27,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,4,4]],"date-time":"2017-04-04T00:00:00Z","timestamp":1491264000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,4,4]]},"DOI":"10.1145\/3055305.3055312","type":"proceedings-article","created":{"date-parts":[[2017,3,28]],"date-time":"2017-03-28T17:42:08Z","timestamp":1490722928000},"page":"85-94","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":17,"title":["Surveying Security Practice Adherence in Software Development"],"prefix":"10.1145","author":[{"given":"Patrick","family":"Morrison","sequence":"first","affiliation":[{"name":"Department of Computer Science, North Carolina State University, Raleigh, North Carolina"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Benjamin H.","family":"Smith","sequence":"additional","affiliation":[{"name":"Emerging Technology Institute IBM, Inc., Research Triangle Park, NC"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Laurie","family":"Williams","sequence":"additional","affiliation":[{"name":"Department of Computer Science, North Carolina State University, Raleigh, North Carolina"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2017,4,4]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-41488-6_10"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1987875.1987900"},{"key":"e_1_3_2_1_3_1","volume-title":"A technology acceptance model for empirically testing new end-user information systems: Theory and results","author":"Davis F.","year":"1986","unstructured":"F. Davis . A technology acceptance model for empirically testing new end-user information systems: Theory and results , 1986 . F. Davis. A technology acceptance model for empirically testing new end-user information systems: Theory and results, 1986."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.2307\/249008"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2009.56"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1456659.1456667"},{"key":"e_1_3_2_1_7_1","volume-title":"The Discovery of Grounded Theory","author":"Glaser B. G.","year":"1967","unstructured":"B. G. Glaser and A. L. Strauss . The Discovery of Grounded Theory ; Strategies for Grounded Research. Aldine de Gruyter , New York, NY, 1967 . B. G. Glaser and A. L. Strauss. The Discovery of Grounded Theory; Strategies for Grounded Research. Aldine de Gruyter, New York, NY, 1967."},{"key":"e_1_3_2_1_8_1","volume-title":"The Security Development Lifecycle","author":"Howard M.","year":"2006","unstructured":"M. Howard and S. Lipner . The Security Development Lifecycle . Microsoft Press , Redmond, WA, USA , 2006 . M. Howard and S. Lipner. The Security Development Lifecycle. Microsoft Press, Redmond, WA, USA, 2006."},{"key":"e_1_3_2_1_9_1","volume-title":"Showing how security has (and hasn't) improved, after ten years of trying","author":"Kaminsky D.","year":"2011","unstructured":"D. Kaminsky , M. Eddington , and A. Cecchitti . Showing how security has (and hasn't) improved, after ten years of trying , 2011 . D. Kaminsky, M. Eddington, and A. Cecchitti. Showing how security has (and hasn't) improved, after ten years of trying, 2011."},{"key":"e_1_3_2_1_10_1","volume-title":"Principles and Practice of Structural Equation Modeling","author":"Kline R. B.","year":"2015","unstructured":"R. B. Kline . Principles and Practice of Structural Equation Modeling . Guilford Publications , 4 th edition, 2015 . R. B. Kline. Principles and Practice of Structural Equation Modeling. Guilford Publications, 4th edition, 2015.","edition":"4"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.5555\/647276.722338"},{"key":"e_1_3_2_1_12_1","volume-title":"Evaluation framework for object-oriented languages: Version 1.4","author":"Williams L. L. L.","year":"2004","unstructured":"L. L. L. Williams , W. Krebs . Evaluation framework for object-oriented languages: Version 1.4 , 2004 . L. L. L. Williams, W. Krebs. Evaluation framework for object-oriented languages: Version 1.4, 2004."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.sysarc.2006.06.009"},{"key":"e_1_3_2_1_14_1","volume-title":"Essential communication practices for extreme programming in a global software development team. Information and software Technology, 48(9):781--794","author":"Layman L.","year":"2006","unstructured":"L. Layman , L. Williams , D. Damian , and H. Bures . Essential communication practices for extreme programming in a global software development team. Information and software Technology, 48(9):781--794 , 2006 . Special Issue Section: Distributed software Development . L. Layman, L. Williams, D. Damian, and H. Bures. Essential communication practices for extreme programming in a global software development team. Information and software Technology, 48(9):781--794, 2006. Special Issue Section: Distributed software Development."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0378-7206(01)00143-4"},{"key":"e_1_3_2_1_16_1","unstructured":"M. Martinez and M. Pellegrino. Owasp software security assurance process. M. Martinez and M. Pellegrino. Owasp software security assurance process."},{"key":"e_1_3_2_1_17_1","volume-title":"Code Complete","author":"McConnell S.","year":"2004","unstructured":"S. McConnell . Code Complete , 2 nd ed. Microso. Press, Redmond, WA , 2004 . S. McConnell. Code Complete, 2nd ed. Microso. Press, Redmond, WA, 2004.","edition":"2"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.5555\/1121680"},{"key":"e_1_3_2_1_19_1","volume-title":"The building security in maturity model","author":"McGraw G.","year":"2013","unstructured":"G. McGraw , S. Migues , and J. West . The building security in maturity model , 2013 . G. McGraw, S. Migues, and J. West. The building security in maturity model, 2013."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2016.103"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"crossref","DOI":"10.4135\/9781529682571","volume-title":"Qualitative Content Analysis in Practice","author":"Schreier M.","year":"2012","unstructured":"M. Schreier . Qualitative Content Analysis in Practice . SAGE Publications , New Delhi , 2012 . M. Schreier. Qualitative Content Analysis in Practice. SAGE Publications, New Delhi, 2012."},{"key":"e_1_3_2_1_22_1","unstructured":"S. Simpson M. Howard K. Randolph C. Goldschmidt M. Coles and M. Belk. Fundamental practices for secure software development. S. Simpson M. Howard K. Randolph C. Goldschmidt M. Coles and M. Belk. Fundamental practices for secure software development."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.2307\/30036540"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1719030.1719036"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1108\/JEIM-09-2014-0088"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2008.01.010"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2012.10.002"}],"event":{"name":"HoTSoS '17: Symposium and Bootcamp","sponsor":["National Security Agency National Security Agency","Vanderbilt University Vanderbilt University","University of Maryland University of Maryland"],"location":"Hanover MD USA","acronym":"HoTSoS '17"},"container-title":["Proceedings of the Hot Topics in Science of Security: Symposium and Bootcamp"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3055305.3055312","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3055305.3055312","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:23:26Z","timestamp":1750220606000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3055305.3055312"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,4,4]]},"references-count":27,"alternative-id":["10.1145\/3055305.3055312","10.1145\/3055305"],"URL":"https:\/\/doi.org\/10.1145\/3055305.3055312","relation":{},"subject":[],"published":{"date-parts":[[2017,4,4]]},"assertion":[{"value":"2017-04-04","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}