{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,25]],"date-time":"2025-09-25T15:27:48Z","timestamp":1758814068125,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":25,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,8,27]],"date-time":"2018-08-27T00:00:00Z","timestamp":1535328000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,8,27]]},"DOI":"10.1145\/3230833.3233274","type":"proceedings-article","created":{"date-parts":[[2018,8,13]],"date-time":"2018-08-13T12:29:48Z","timestamp":1534163388000},"page":"1-7","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":12,"title":["Surveying Secure Software Development Practices in Finland"],"prefix":"10.1145","author":[{"given":"Kalle","family":"Rindell","sequence":"first","affiliation":[{"name":"University of Turku, Turku, Finland"}]},{"given":"Jukka","family":"Ruohonen","sequence":"additional","affiliation":[{"name":"University of Turku, Turku, Finland"}]},{"given":"Sami","family":"Hyrynsalmi","sequence":"additional","affiliation":[{"name":"Tampere University of Technology, Pori, Finland"}]}],"member":"320","published-online":{"date-parts":[[2018,8,27]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Security Engineering: A Guide to Building Dependable Distributed Systems (2 ed.)","author":"Anderson Ross J.","year":"2008","unstructured":"Ross J. Anderson . 2008 . Security Engineering: A Guide to Building Dependable Distributed Systems (2 ed.) . Wiley Publishing . Ross J. Anderson. 2008. Security Engineering: A Guide to Building Dependable Distributed Systems (2 ed.). Wiley Publishing."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/2.796139"},{"volume-title":"Selected Writings on Computing: A Personal Perspective","author":"Dijkstra Edsger W.","key":"e_1_3_2_1_3_1","unstructured":"Edsger W. Dijkstra . 1982. Selected Writings on Computing: A Personal Perspective . Springer-Verlag . Edsger W. Dijkstra. 1982. Selected Writings on Computing: A Personal Perspective. Springer-Verlag."},{"key":"e_1_3_2_1_4_1","unstructured":"DoD. 1983. TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA. United States Department of Defence.  DoD. 1983. TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA. United States Department of Defence."},{"key":"e_1_3_2_1_5_1","unstructured":"DoD. 1994. SOFTWARE DEVELOPMENT AND DOCUMENTATION. United States Department of Defence.  DoD. 1994. SOFTWARE DEVELOPMENT AND DOCUMENTATION. United States Department of Defence."},{"volume-title":"The security development lifecycle","author":"Howard Michael","key":"e_1_3_2_1_6_1","unstructured":"Michael Howard and Steve Lipner . 2006. The security development lifecycle . Vol. 8 . Microsoft Press Redmond . Michael Howard and Steve Lipner. 2006. The security development lifecycle. Vol. 8. Microsoft Press Redmond."},{"key":"e_1_3_2_1_7_1","unstructured":"IEEE. 1990. IEEE Standard Glossary of Software Engineering Terminology. 1--84 pages.  IEEE. 1990. IEEE Standard Glossary of Software Engineering Terminology. 1--84 pages."},{"key":"e_1_3_2_1_8_1","unstructured":"ISO\/IEC. 2001. ISO\/IEC 9126. Software engineering -- Product quality. ISO\/IEC.  ISO\/IEC. 2001. ISO\/IEC 9126. Software engineering -- Product quality. ISO\/IEC."},{"key":"e_1_3_2_1_9_1","unstructured":"ISO\/IEC standard 21827. 2008. Information Technology -- Security Techniques -- Systems Security Engineering -- Capability Maturity Model (SSE-CMM). ISO\/IEC.  ISO\/IEC standard 21827. 2008. Information Technology -- Security Techniques -- Systems Security Engineering -- Capability Maturity Model (SSE-CMM). ISO\/IEC."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/APSEC.2016.062"},{"key":"e_1_3_2_1_11_1","volume-title":"Software Security: Building Security In","author":"McGraw Gary","year":"2006","unstructured":"Gary McGraw . 2006 . Software Security: Building Security In . Addison-Wesley Professional . Gary McGraw. 2006. Software Security: Building Security In. Addison-Wesley Professional."},{"key":"e_1_3_2_1_12_1","volume-title":"Datenschutz und Datensicherheit - DuD 36, 9 (01","author":"McGraw Gary","year":"2012","unstructured":"Gary McGraw . 2012. Software Security . Datenschutz und Datensicherheit - DuD 36, 9 (01 Sep 2012 ), 662--665. Gary McGraw. 2012. Software Security. Datenschutz und Datensicherheit - DuD 36, 9 (01 Sep 2012), 662--665."},{"key":"e_1_3_2_1_14_1","unstructured":"Microsoft. 2017. Security Development Lifecycle for Agile Development. (2017).  Microsoft. 2017. Security Development Lifecycle for Agile Development. (2017)."},{"key":"e_1_3_2_1_15_1","unstructured":"OECD. 2018. Government at a Glance 2017 -- Finland Country Fact Sheet. (2018). https:\/\/www.oecd.org\/gov\/gov-at-a-glance-2017-finland.pdf  OECD. 2018. Government at a Glance 2017 -- Finland Country Fact Sheet. (2018). https:\/\/www.oecd.org\/gov\/gov-at-a-glance-2017-finland.pdf"},{"key":"e_1_3_2_1_16_1","volume-title":"The Alarming State of Secure Coding Neglect: A Survey Reveals a Deep Divide Between Developer Aspirations for Security and Organizational Practices. (2017)","author":"Oram Andy","year":"2018","unstructured":"Andy Oram . 2017. The Alarming State of Secure Coding Neglect: A Survey Reveals a Deep Divide Between Developer Aspirations for Security and Organizational Practices. (2017) . O'Reilly Media, Inc. Referenced in 5th of May 2018 : https:\/\/www.oreilly.com\/ideas\/the-alarming-state-of-secure-coding-neglect. Andy Oram. 2017. The Alarming State of Secure Coding Neglect: A Survey Reveals a Deep Divide Between Developer Aspirations for Security and Organizational Practices. (2017). O'Reilly Media, Inc. Referenced in 5th of May 2018: https:\/\/www.oreilly.com\/ideas\/the-alarming-state-of-secure-coding-neglect."},{"key":"e_1_3_2_1_17_1","unstructured":"OWASP. 2017. Software Assurance Maturity Model. (2017). https:\/\/www.owasp.org\/images\/6\/6f\/SAMM_Core_V1-5_FINAL.pdf  OWASP. 2017. Software Assurance Maturity Model. (2017). https:\/\/www.owasp.org\/images\/6\/6f\/SAMM_Core_V1-5_FINAL.pdf"},{"volume-title":"Lean Software Development: An Agile Toolkit: An Agile Toolkit","author":"Poppendieck Mary","key":"e_1_3_2_1_18_1","unstructured":"Mary Poppendieck and Tom Poppendieck . 2003. Lean Software Development: An Agile Toolkit: An Agile Toolkit . Addison-Wesley . Mary Poppendieck and Tom Poppendieck. 2003. Lean Software Development: An Agile Toolkit: An Agile Toolkit. Addison-Wesley."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.4018\/IJSSE.2017010103"},{"key":"e_1_3_2_1_20_1","volume-title":"Proceedings of 14th Symposium on Programming Languages and Software Tools, Jyrki Nummenmaa, Outi Sievi-Korte, and Erkki M\u00e4kinen (Eds.)","author":"Rindell Kalle","year":"2015","unstructured":"Kalle Rindell , Sami Hyrynsalmi , and Ville Lepp\u00e4nen . 2015 . Securing Scrum for VAHTI . In Proceedings of 14th Symposium on Programming Languages and Software Tools, Jyrki Nummenmaa, Outi Sievi-Korte, and Erkki M\u00e4kinen (Eds.) . University of Tampere, Tampere, Finland, 236--250. Kalle Rindell, Sami Hyrynsalmi, and Ville Lepp\u00e4nen. 2015. Securing Scrum for VAHTI. In Proceedings of 14th Symposium on Programming Languages and Software Tools, Jyrki Nummenmaa, Outi Sievi-Korte, and Erkki M\u00e4kinen (Eds.). University of Tampere, Tampere, Finland, 236--250."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/2372251.2372275"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/3129790.3129804"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2014.03.041"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2016.03.009"},{"key":"e_1_3_2_1_25_1","volume-title":"Sovelluskehityksen tietoturvaohje. (2013). https:\/\/www.vahtiohje.fi\/web\/guest\/vahti-1\/2013-sovelluskehityksen-tietoturvaohje Referenced 8th","author":"VAHTI","year":"2017","unstructured":"VAHTI 1\/2013. 2013. Sovelluskehityksen tietoturvaohje. (2013). https:\/\/www.vahtiohje.fi\/web\/guest\/vahti-1\/2013-sovelluskehityksen-tietoturvaohje Referenced 8th Oct. 2017 . VAHTI 1\/2013. 2013. Sovelluskehityksen tietoturvaohje. (2013). https:\/\/www.vahtiohje.fi\/web\/guest\/vahti-1\/2013-sovelluskehityksen-tietoturvaohje Referenced 8th Oct. 2017."},{"key":"e_1_3_2_1_26_1","volume-title":"Building Secure Software: How to Avoid Security Problems the Right Way","author":"Viega John","unstructured":"John Viega and Gary McGraw . 2002. Building Secure Software: How to Avoid Security Problems the Right Way ( 1 st ed.). Addison-Wesley . John Viega and Gary McGraw. 2002. Building Secure Software: How to Avoid Security Problems the Right Way (1st ed.). Addison-Wesley.","edition":"1"}],"event":{"name":"ARES 2018: International Conference on Availability, Reliability and Security","sponsor":["Universit\u00e4t Hamburg Universit\u00e4t Hamburg"],"location":"Hamburg Germany","acronym":"ARES 2018"},"container-title":["Proceedings of the 13th International Conference on Availability, Reliability and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3230833.3233274","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3230833.3233274","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:07:51Z","timestamp":1750212471000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3230833.3233274"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,8,27]]},"references-count":25,"alternative-id":["10.1145\/3230833.3233274","10.1145\/3230833"],"URL":"https:\/\/doi.org\/10.1145\/3230833.3233274","relation":{},"subject":[],"published":{"date-parts":[[2018,8,27]]},"assertion":[{"value":"2018-08-27","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}