{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,5]],"date-time":"2026-02-05T07:43:56Z","timestamp":1770277436960,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":28,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,11,7]],"date-time":"2020-11-07T00:00:00Z","timestamp":1604707200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0\/"}],"funder":[{"name":"National Science Foundation","award":["CCF-1941816"],"award-info":[{"award-number":["CCF-1941816"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020,11,8]]},"DOI":"10.1145\/3368089.3417041","type":"proceedings-article","created":{"date-parts":[[2020,11,8]],"date-time":"2020-11-08T06:03:47Z","timestamp":1604815427000},"page":"1517-1520","source":"Crossref","is-referenced-by-count":5,"title":["Inferring and securing software configurations using automated reasoning"],"prefix":"10.1145","author":[{"given":"Paul","family":"Gazzillo","sequence":"first","affiliation":[{"name":"University of Central Florida, USA"}]}],"member":"320","published-online":{"date-parts":[[2020,11,7]]},"reference":[{"key":"e_1_3_2_2_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/2642937.2642990"},{"key":"e_1_3_2_2_2_1","doi-asserted-by":"publisher","DOI":"10.5555\/2541773"},{"key":"e_1_3_2_2_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2013.34"},{"key":"e_1_3_2_2_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2008.50"},{"key":"e_1_3_2_2_6_1","unstructured":"CVE. 2017. CVE-2017-9798. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-9798. Accessed: 2020-06-10.  CVE. 2017. CVE-2017-9798. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-9798. Accessed: 2020-06-10."},{"key":"e_1_3_2_2_7_1","unstructured":"detectify blog. 2016. OWASP TOP 10: Security Misconfiguration. https:\/\/blog. detectify.com\/ 2016 \/06\/17\/owasp-top-10-security-misconfiguration-5 \/. Accessed: 2020-06-10.  detectify blog. 2016. OWASP TOP 10: Security Misconfiguration. https:\/\/blog. detectify.com\/ 2016 \/06\/17\/owasp-top-10-security-misconfiguration-5 \/. Accessed: 2020-06-10."},{"key":"e_1_3_2_2_8_1","unstructured":"detectify blog. 2017. AWS S3 Misconfiguration Explained-And How To Fix It. https:\/\/blog.detectify.com\/ 2017 \/07\/13\/aws-s3-misconfiguration-explained-fix\/. Accessed: 2020-06-10.  detectify blog. 2017. AWS S3 Misconfiguration Explained-And How To Fix It. https:\/\/blog.detectify.com\/ 2017 \/07\/13\/aws-s3-misconfiguration-explained-fix\/. Accessed: 2020-06-10."},{"key":"e_1_3_2_2_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/2934466.2934467"},{"key":"e_1_3_2_2_10_1","unstructured":"Eclipse Foundation. 2018. IoT Developer Survey Results. https:\/\/iot.eclipse.org\/ community\/resources\/iot-surveys\/assets\/iot-developer-survey-2018.pdf. Accessed: 2020-06-10.  Eclipse Foundation. 2018. IoT Developer Survey Results. https:\/\/iot.eclipse.org\/ community\/resources\/iot-surveys\/assets\/iot-developer-survey-2018.pdf. Accessed: 2020-06-10."},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/3106237.3106283"},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3233027.3236404"},{"key":"e_1_3_2_2_13_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2011.06.026"},{"key":"e_1_3_2_2_14_1","unstructured":"IEEE. 2012. IEEE Standard for Configuration Management in Systems and Software Engineering.  IEEE. 2012. IEEE Standard for Configuration Management in Systems and Software Engineering."},{"key":"e_1_3_2_2_15_1","volume-title":"Automated Technology for Verification and Analysis","author":"Marescotti Matteo"},{"key":"e_1_3_2_2_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/2884781.2884793"},{"key":"e_1_3_2_2_17_1","unstructured":"Kuldeep S. Meel Moshe Y. Vardi Supratik Chakraborty Daniel J. Fremont Sanjit A. Seshia Dror Fried Alexander Ivrii and Sharad Malik. 2015. Constrained Sampling and Counting: Universal Hashing Meets SAT Solving. CoRR abs\/1512.06633 ( 2015 ). arXiv: 1512.06633 http:\/\/arxiv.org\/abs\/1512.06633  Kuldeep S. Meel Moshe Y. Vardi Supratik Chakraborty Daniel J. Fremont Sanjit A. Seshia Dror Fried Alexander Ivrii and Sharad Malik. 2015. Constrained Sampling and Counting: Universal Hashing Meets SAT Solving. CoRR abs\/1512.06633 ( 2015 ). arXiv: 1512.06633 http:\/\/arxiv.org\/abs\/1512.06633"},{"key":"e_1_3_2_2_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICPC.2017.34"},{"key":"e_1_3_2_2_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/3338906.3338967"},{"key":"e_1_3_2_2_21_1","unstructured":"Krebs on Security. 2019. Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years. https:\/\/krebsonsecurity.com\/ 2019 \/03\/facebook-storedhundreds-of-millions-of-user-passwords-in-plain-text-for-years\/. Accessed: 2020-06-10.  Krebs on Security. 2019. Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years. https:\/\/krebsonsecurity.com\/ 2019 \/03\/facebook-storedhundreds-of-millions-of-user-passwords-in-plain-text-for-years\/. Accessed: 2020-06-10."},{"key":"e_1_3_2_2_22_1","unstructured":"OWASP. [n.d.]. OWASP Top 10 2017 GM Data Analysis. https:\/\/github.com\/ OWASP\/Top10\/tree\/master\/2017\/datacall\/analysis. Accessed: 2020-06-10.  OWASP. [n.d.]. OWASP Top 10 2017 GM Data Analysis. https:\/\/github.com\/ OWASP\/Top10\/tree\/master\/2017\/datacall\/analysis. Accessed: 2020-06-10."},{"key":"e_1_3_2_2_23_1","unstructured":"OWASP. [n.d.]. Top 10-2017: The Ten Most Critical Web Application Security Risks. https:\/\/owasp.org\/www-pdf-archive\/OWASP_Top_10-2017_%28en% 29. pdf.pdf. Accessed: 2020-06-10.  OWASP. [n.d.]. Top 10-2017: The Ten Most Critical Web Application Security Risks. https:\/\/owasp.org\/www-pdf-archive\/OWASP_Top_10-2017_%28en% 29. pdf.pdf. Accessed: 2020-06-10."},{"key":"e_1_3_2_2_24_1","unstructured":"PCWorld. 2016. Massive smart device botnet highlights the dangers of default passwords. https:\/\/www.pcworld.com\/article\/3127257\/iot-botnet-highlights-thedangers-of-default-passwords.html. Accessed: 2020-06-10.  PCWorld. 2016. Massive smart device botnet highlights the dangers of default passwords. https:\/\/www.pcworld.com\/article\/3127257\/iot-botnet-highlights-thedangers-of-default-passwords.html. Accessed: 2020-06-10."},{"key":"e_1_3_2_2_25_1","volume-title":"Proceedings of the International Workshop on Open Source Software and Product Lines","author":"Sincero J."},{"key":"e_1_3_2_2_26_1","volume-title":"Mobile & Tablet Operating System Market Share Worldwide"},{"key":"e_1_3_2_2_27_1","unstructured":"W3Techs World Wide Web Technology Surveys. 2019. Usage statistics of Apache. https:\/\/w3techs.com\/technologies\/details\/ws-apache\/all\/all. Accessed: 2020-06-10.  W3Techs World Wide Web Technology Surveys. 2019. Usage statistics of Apache. https:\/\/w3techs.com\/technologies\/details\/ws-apache\/all\/all. Accessed: 2020-06-10."},{"key":"e_1_3_2_2_28_1","unstructured":"W3Techs World Wide Web Technology Surveys. 2019. Usage statistics of Unix for websites. https:\/\/w3techs.com\/technologies\/details\/os-unix\/all\/all. Accessed: 2020-06-10.  W3Techs World Wide Web Technology Surveys. 2019. Usage statistics of Unix for websites. https:\/\/w3techs.com\/technologies\/details\/os-unix\/all\/all. Accessed: 2020-06-10."},{"key":"e_1_3_2_2_29_1","unstructured":"Sachin Kumar Microsoft TechNet. 2014. Why you should avoid manual 'server hardening'. https:\/\/blogs.technet.microsoft.com\/mspfe\/2014\/05\/29\/why-youshould-avoid-manual-server-hardening\/. Accessed: 2020-06-10.  Sachin Kumar Microsoft TechNet. 2014. Why you should avoid manual 'server hardening'. https:\/\/blogs.technet.microsoft.com\/mspfe\/2014\/05\/29\/why-youshould-avoid-manual-server-hardening\/. Accessed: 2020-06-10."},{"key":"e_1_3_2_2_30_1","unstructured":"Zack Whittaker. 2018. GitHub says bug exposed some plaintext passwords. https: \/\/www.zdnet.com\/article\/github-says-bug-exposed-account-passwords\/. Accessed: 2020-06-10.  Zack Whittaker. 2018. GitHub says bug exposed some plaintext passwords. https: \/\/www.zdnet.com\/article\/github-says-bug-exposed-account-passwords\/. Accessed: 2020-06-10."}],"event":{"name":"ESEC\/FSE '20: 28th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering","location":"Virtual Event USA","acronym":"ESEC\/FSE '20","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering"]},"container-title":["Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3368089.3417041","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3368089.3417041","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3368089.3417041","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:01:58Z","timestamp":1750197718000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3368089.3417041"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,11,7]]},"references-count":28,"alternative-id":["10.1145\/3368089.3417041","10.1145\/3368089"],"URL":"https:\/\/doi.org\/10.1145\/3368089.3417041","relation":{},"subject":[],"published":{"date-parts":[[2020,11,7]]}}}