{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,23]],"date-time":"2025-12-23T12:28:48Z","timestamp":1766492928242,"version":"3.41.0"},"reference-count":0,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2019,11,14]],"date-time":"2019-11-14T00:00:00Z","timestamp":1573689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["SIGSOFT Softw. Eng. Notes"],"published-print":{"date-parts":[[2019,11,14]]},"abstract":"<jats:p>Security is a non-functional requirement difficult-to-handle during software development. However, it appears to be common in software engineering, that security is taken care of during the design- and test-phase only. If security is neglected during the implementation phase, flaws will be introduced. Those may be - if at all - found during testing where the cost-to-fix is higher as if found during the implementation phase. Hence, this research proposal suggests to investigate the extent to which code analysis tools can be used as a step towards continuous security inspection in software engineering projects. By automating security testing in development flaws can be found as soon as they are introduced. This could greatly reduce the cost to fix flaws and help building more secure software.<\/jats:p>","DOI":"10.1145\/3356773.3356798","type":"journal-article","created":{"date-parts":[[2019,11,14]],"date-time":"2019-11-14T22:07:36Z","timestamp":1573769256000},"page":"23-23","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":19,"title":["Security by Design in Software Engineering"],"prefix":"10.1145","volume":"44","author":[{"given":"Mark","family":"Kreitz","sequence":"first","affiliation":[{"name":"Bundeswehr University Munich, Munich, Germany"}]}],"member":"320","published-online":{"date-parts":[[2020,10,22]]},"container-title":["ACM SIGSOFT Software Engineering Notes"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3356773.3356798","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3356773.3356798","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:22:55Z","timestamp":1750202575000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3356773.3356798"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,11,14]]},"references-count":0,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2019,11,14]]}},"alternative-id":["10.1145\/3356773.3356798"],"URL":"https:\/\/doi.org\/10.1145\/3356773.3356798","relation":{},"ISSN":["0163-5948"],"issn-type":[{"type":"print","value":"0163-5948"}],"subject":[],"published":{"date-parts":[[2019,11,14]]},"assertion":[{"value":"2020-10-22","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}