{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,1]],"date-time":"2025-07-01T23:14:24Z","timestamp":1751411664440,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":13,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,5,27]],"date-time":"2018-05-27T00:00:00Z","timestamp":1527379200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,5,27]]},"DOI":"10.1145\/3194707.3194708","type":"proceedings-article","created":{"date-parts":[[2018,8,30]],"date-time":"2018-08-30T14:00:37Z","timestamp":1535637637000},"page":"3-10","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Software security vulnerabilities"],"prefix":"10.1145","author":[{"given":"Pete","family":"Rotella","sequence":"first","affiliation":[{"name":"Cisco Systems, Inc."}]}],"member":"320","published-online":{"date-parts":[[2018,5,27]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Meli P. Scharfone K. and Romansky S. 2007. A Complete Guide to the Common Vulnerability Scoring System v 2.0; (June 2007); https:\/\/www.first.org\/cvss\/cvss-v2-guide.pdf.  Meli P. Scharfone K. and Romansky S. 2007. A Complete Guide to the Common Vulnerability Scoring System v 2.0; (June 2007); https:\/\/www.first.org\/cvss\/cvss-v2-guide.pdf."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISSREW.2014.116"},{"volume-title":"2nd International Workshop on Software Engineering Research and Industrial Practice,\" Florence","year":"2015","author":"Rotella P.","key":"e_1_3_2_1_3_1"},{"volume-title":"Bergamo","year":"2015","author":"Rotella P.","key":"e_1_3_2_1_4_1"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICST.2009.36"},{"key":"e_1_3_2_1_6_1","first-page":"526","volume-title":"Cape Town, South Africa","author":"Gegick M.","year":"2010"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSM.2015.7332492"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"crossref","unstructured":"J. Caballero E. Bodden and E. Athanasopoulos \"Engineering Secure Software Systems \" ESSoS 2016 (8<sup>th<\/sup> International Symposium Engineering Secure Software and Systems) London England April 2016.   J. Caballero E. Bodden and E. Athanasopoulos \"Engineering Secure Software Systems \" ESSoS 2016 (8<sup>th<\/sup> International Symposium Engineering Secure Software and Systems) London England April 2016.","DOI":"10.1007\/978-3-319-30806-7"},{"key":"e_1_3_2_1_9_1","unstructured":"R. Clarke D. Dorwin and R. Nash \"Is open source software more secure? https:\/\/courses.cs.washington.edu\/courses\/csep590\/05au\/whitepaper_turnin\/oss(10).pdf.  R. Clarke D. Dorwin and R. Nash \"Is open source software more secure? https:\/\/courses.cs.washington.edu\/courses\/csep590\/05au\/whitepaper_turnin\/oss(10).pdf."},{"key":"e_1_3_2_1_10_1","first-page":"189","volume-title":"Guelph","author":"Erturk E.","year":"2012"},{"key":"e_1_3_2_1_11_1","first-page":"192","volume-title":"Magosa","author":"Mahboob A.","year":"2013"},{"issue":"1","key":"e_1_3_2_1_12_1","first-page":"34","volume":"34","author":"Pandey R.","year":"2011","journal-title":"\"Reliability issues in open source software,\" in International Journal of Computer Applications"},{"volume-title":"Colmar","year":"2015","author":"Aversano L.","key":"e_1_3_2_1_13_1"}],"event":{"name":"ICSE '18: 40th International Conference on Software Engineering","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering","IEEE-CS Computer Society"],"location":"Gothenburg Sweden","acronym":"ICSE '18"},"container-title":["Proceedings of the 1st International Workshop on Security Awareness from Design to Deployment"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3194707.3194708","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3194707.3194708","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T19:07:22Z","timestamp":1750273642000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3194707.3194708"}},"subtitle":["baselining and benchmarking"],"short-title":[],"issued":{"date-parts":[[2018,5,27]]},"references-count":13,"alternative-id":["10.1145\/3194707.3194708","10.1145\/3194707"],"URL":"https:\/\/doi.org\/10.1145\/3194707.3194708","relation":{},"subject":[],"published":{"date-parts":[[2018,5,27]]},"assertion":[{"value":"2018-05-27","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}