{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,18]],"date-time":"2025-10-18T00:09:35Z","timestamp":1760746175276,"version":"build-2065373602"},"reference-count":77,"publisher":"MDPI AG","issue":"4","license":[{"start":{"date-parts":[[2025,10,13]],"date-time":"2025-10-13T00:00:00Z","timestamp":1760313600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Software"],"abstract":"<jats:p>To ensure adequate skill development, but also competitive advantage as a software engineering organization, initiatives in cybersecurity training is one of several important investment decisions to make for management. This study builds upon three case organizations in Sweden and Greece, where managers\u2019 and software developers\u2019 perceptions on trialability and observability effects are analyzed, grounded in the theory of innovation diffusion. Using interviews and a developer-centric survey, both quantitative and qualitative data are collected, and used in combination to support the development of a pre-investment framework for management. The analysis includes thematic analysis, cosine similarity comparison, and, to some extent, sentiment polarity scoring. A pre-investment framework consisting of a process of seven concrete steps is proposed, based on the empirical findings in the study.<\/jats:p>","DOI":"10.3390\/software4040025","type":"journal-article","created":{"date-parts":[[2025,10,14]],"date-time":"2025-10-14T05:48:21Z","timestamp":1760420901000},"page":"25","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["From Intention to Adoption: Managerial Misalignment in Cybersecurity Training Investments for Software Development Organizations"],"prefix":"10.3390","volume":"4","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6327-3565","authenticated-orcid":false,"given":"Hannes","family":"Salin","sequence":"first","affiliation":[{"name":"School of Information and Engineering, Dalarna University, Stationsgatan 4, SE-78433 Borl\u00e4nge, Sweden"}]},{"given":"Vasileios","family":"Gkougkaras","sequence":"additional","affiliation":[{"name":"Independent Researcher, GR-15124 Athens, Greece"}]}],"member":"1968","published-online":{"date-parts":[[2025,10,13]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Petersons, E. (2025, May 01). Cybersecurity Challenges in the Era of Digitalization. Available online: https:\/\/papers.ssrn.com\/sol3\/papers.cfm?abstract_id=4723047.","DOI":"10.2139\/ssrn.4723047"},{"key":"ref_2","first-page":"278","article-title":"Challenges for organizational structure and design as a result of digitalization and cybersecurity","volume":"11","year":"2020","journal-title":"Bus. Manag. Rev."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"106700","DOI":"10.1016\/j.infsof.2021.106700","article-title":"Challenges and solutions when adopting DevSecOps: A systematic review","volume":"141","author":"Rajapakse","year":"2022","journal-title":"Inf. Softw. Technol."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"173127","DOI":"10.1109\/ACCESS.2024.3493957","article-title":"Ai enabled threat detection: Leveraging artificial intelligence for advanced security and cyber threat mitigation","volume":"12","author":"Kavitha","year":"2024","journal-title":"IEEE Access"},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"57","DOI":"10.9734\/ajrcos\/2024\/v17i3424","article-title":"AI-Driven cloud security: Examining the impact of user behavior analysis on threat detection","volume":"17","author":"Olabanji","year":"2024","journal-title":"Asian J. Res. Comput. Sci."},{"key":"ref_6","first-page":"423","article-title":"Security-First DevOps: Integrating AI for Real-Time Threat Detection in CI\/CD Pipelines","volume":"1","author":"Vadde","year":"2023","journal-title":"Int. J. Adv. Eng. Technol. Innov."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Lala, S.K., Kumar, A., and Subbulakshmi, T. (2021, January 6\u20138). Secure web development using owasp guidelines. Proceedings of the 2021 5th International Conference on Intelligent Computing and Control Systems (ICICCS), Madurai, India.","DOI":"10.1109\/ICICCS51141.2021.9432179"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Lopez, T., Sharp, H., Tun, T., Bandara, A., Levine, M., and Nuseibeh, B. (2019, January 27). \u201cHopefully We Are Mostly Secure\u201d: Views on Secure Code in Professional Practice. Proceedings of the 2019 IEEE\/ACM 12th International Workshop on Cooperative and Human Aspects of Software Engineering (CHASE), Montreal, QC, Canada.","DOI":"10.1109\/CHASE.2019.00023"},{"key":"ref_9","first-page":"12","article-title":"Security-Centric Software Development: Integrating Secure Coding Practices into the Software Development Lifecycle","volume":"3","author":"Khair","year":"2018","journal-title":"Technol. Manag. Rev."},{"key":"ref_10","unstructured":"S\u00e1nchez-Gord\u00f3n, M., and Colomo-Palacios, R. (July, January 27). Security as culture: A systematic literature review of DevSecOps. Proceedings of the IEEE\/ACM 42nd International Conference on Software Engineering Workshops, Seoul, Republic of Korea."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"659","DOI":"10.1016\/j.bushor.2021.02.022","article-title":"Cybersecurity: Risk management framework and investment cost analysis","volume":"64","author":"Lee","year":"2021","journal-title":"Bus. Horizons"},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"tyac006","DOI":"10.1093\/cybsec\/tyac006","article-title":"Developing metrics to assess the effectiveness of cybersecurity awareness program","volume":"8","author":"Chaudhary","year":"2022","journal-title":"J. Cybersecur."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Onwubiko, C., and Onwubiko, A. (2019, January 3\u20134). Cyber kpi for return on security investment. Proceedings of the 2019 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (Cyber SA), Oxford, UK.","DOI":"10.1109\/CyberSA.2019.8899375"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Koutsouris, N., Vassilakis, C., and Kolokotronis, N. (2021, January 26\u201328). Cyber-security training evaluation metrics. Proceedings of the 2021 IEEE International Conference on Cyber Security and Resilience (CSR), Virtual.","DOI":"10.1109\/CSR51186.2021.9527946"},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Ryan, I., Roedig, U., and Stol, K.J. (2023, January 14\u201320). Measuring secure coding practice and culture: A finger pointing at the moon is not the moon. Proceedings of the 2023 IEEE\/ACM 45th International Conference on Software Engineering (ICSE), Melbourne, VIC, Australia.","DOI":"10.1109\/ICSE48619.2023.00140"},{"key":"ref_16","unstructured":"Salin, H., and Gkougkaras, V. (2025, August 10). The Effects of Cybersecurity Training for Software Development Organizations. Blekinge Tekniska H\u00f6gskola. Available online: http:\/\/www.diva-portal.org\/smash\/get\/diva2:1979684\/FULLTEXT01.pdf."},{"key":"ref_17","unstructured":"Rogers, E.M., Singhal, A., and Quinlan, M.M. (2014). Diffusion of innovations. An Integrated Approach to Communication Theory and Research, Routledge."},{"key":"ref_18","first-page":"1","article-title":"Diffusion of innovation","volume":"Volume 1","year":"2020","journal-title":"The International Encyclopedia of Media Psychology"},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"581","DOI":"10.1111\/j.0887-378X.2004.00325.x","article-title":"Diffusion of innovations in service organizations: Systematic review and recommendations","volume":"82","author":"Greenhalgh","year":"2004","journal-title":"Milbank Q."},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Assidi, S., Omran, M., Rana, T., and Borgi, H. (2025). The role of AI adoption in transforming the accounting profession: A diffusion of innovations theory approach. J. Account. Organ. Change.","DOI":"10.1108\/JAOC-04-2024-0124"},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Assimakopoulos, D., Carayannis, E.G., and Zeng, C. (2025). Digital Financial Inclusion Through Mobile Finance Innovation in Rural China: Cases from a Multi-level Study at the Base of the Pyramid. J. Knowl. Econ.","DOI":"10.1007\/s13132-025-02608-w"},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"3573","DOI":"10.62754\/joe.v4i1.6208","article-title":"Adoption of Website Technology as a Business Funding Platform for Student MSMEs: Diffusion of Innovation (DOI) Theory Perspective","volume":"4","author":"Utami","year":"2025","journal-title":"J. Ecohumanism"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"104058","DOI":"10.1016\/j.im.2024.104058","article-title":"Innovation recipes for high use on four Fintech types: A configurational perspective","volume":"62","author":"Ryu","year":"2025","journal-title":"Inf. Manag."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"e000926","DOI":"10.1136\/bmjph-2024-000926","article-title":"Applying a diffusion of innovations framework to characterise diffusion groups and more effectively reach late adopters: A cross-sectional study on COVID-19 vaccinations in Canada in late 2021","volume":"3","author":"Memedovich","year":"2025","journal-title":"BMJ Public Health"},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"8109","DOI":"10.1287\/mnsc.2023.00496","article-title":"Innovation Diffusion Among Coworkers: Evidence from Senior Doctors","volume":"71","author":"Barrenho","year":"2025","journal-title":"Manag. Sci."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"2459910","DOI":"10.1080\/10872981.2025.2459910","article-title":"Digital health competences and AI beliefs as conditions for the practice of evidence-based medicine: A study of prospective physicians in Canada","volume":"30","author":"Wagner","year":"2025","journal-title":"Med. Educ. Online"},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"381","DOI":"10.1080\/02607476.2025.2469128","article-title":"The diffusion of artificial intelligence innovation: Perspectives of preservice teachers on the integration of ChatGPT in education","volume":"51","author":"Nissim","year":"2025","journal-title":"J. Educ. Teach."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Oh, H., Ahn, H., and Park, E. (2025). Understanding user intention in metaverse education: A synthesis of diffusion of innovation and UTAUT2. Behav. Inf. Technol.","DOI":"10.1080\/0144929X.2025.2486583"},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"756","DOI":"10.1108\/GKMC-08-2020-0117","article-title":"Knowledge management systems usage: Application of diffusion of innovation theory","volume":"70","author":"Okour","year":"2021","journal-title":"Glob. Knowl. Mem. Commun."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"123877","DOI":"10.1016\/j.techfore.2024.123877","article-title":"Unraveling the dynamics of digital equality and trust in AI-empowered metaverses and AI-VR-convergence","volume":"210","author":"Jin","year":"2025","journal-title":"Technol. Forecast. Soc. Change"},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"297","DOI":"10.1146\/annurev.soc.28.110601.141051","article-title":"Integrating Models of Diffusion of Innovations: A Conceptual Framework","volume":"28","author":"Wejnert","year":"2002","journal-title":"Annu. Rev. Sociol."},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Thomas, D. (2017). Investment analysis methods, A Practitioner\u2019s Guide to Understanding the Basic Principles for Investment Decisions in Manufacturing.","DOI":"10.6028\/NIST.AMS.200-5"},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Zhichkin, K., Nosov, V., Zhichkin, A., and \u0141akomiak, A. (2021, January 2). Implementation of Sustainability Analyzes in Software Products for Evaluating the Effectiveness of Investment Projects. Proceedings of the International Scientific and Practical Conference Digital and Information Technologies in Economics and Management, Virtually.","DOI":"10.1007\/978-3-030-97730-6_6"},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3701208","article-title":"Tales of Transitions: Seeking Scientific Software Sustainability","volume":"9","author":"Cohoon","year":"2025","journal-title":"Proc. ACM-Hum.-Comput. Interact."},{"key":"ref_35","first-page":"225","article-title":"What is behind software quality management systems?","volume":"4","author":"Woodman","year":"2025","journal-title":"WIT Trans. Inf. Commun. Technol."},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"60955","DOI":"10.1109\/ACCESS.2025.3556313","article-title":"Rethinking Technological Investment and Cost-Benefit: A Software Requirements Dependency Extraction Case Study","volume":"13","author":"Ginde","year":"2025","journal-title":"IEEE Access"},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"88","DOI":"10.1109\/MS.2006.127","article-title":"How much software quality investment is enough: A value-based approach","volume":"23","author":"Huang","year":"2006","journal-title":"IEEE Softw."},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"12175","DOI":"10.1109\/ACCESS.2017.2773366","article-title":"An options approach to cybersecurity investment","volume":"6","author":"Chronopoulos","year":"2017","journal-title":"IEEE Access"},{"key":"ref_39","doi-asserted-by":"crossref","first-page":"157","DOI":"10.1111\/joes.12456","article-title":"Dangerous games: A literature review on cybersecurity investments","volume":"36","author":"Fedele","year":"2022","journal-title":"J. Econ. Surv."},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"28","DOI":"10.1108\/JBS-06-2020-0116","article-title":"Cybersecurity: Investing for competitive outcomes","volume":"43","author":"Kosutic","year":"2022","journal-title":"J. Bus. Strategy"},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"133","DOI":"10.1108\/11766090710754204","article-title":"Strategic investment decision making: The influence of pre-decision control mechanisms","volume":"4","author":"Alkaraan","year":"2007","journal-title":"Qual. Res. Account. Manag."},{"key":"ref_42","first-page":"147","article-title":"Adopting Secure Software Development Practices to Improve Financial Transactions in the Banking Sector","volume":"11","author":"Abbas","year":"2025","journal-title":"Int. J. Adv. Res. Ideas Innov. Technol."},{"key":"ref_43","doi-asserted-by":"crossref","first-page":"436","DOI":"10.1016\/j.future.2021.05.033","article-title":"Economic model for evaluating the value creation through information sharing within the cybersecurity information sharing ecosystem","volume":"124","author":"Rashid","year":"2021","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.cose.2016.09.006","article-title":"A model of the information security investment decision-making process","volume":"63","author":"Dor","year":"2016","journal-title":"Comput. Secur."},{"key":"ref_45","doi-asserted-by":"crossref","first-page":"613","DOI":"10.1108\/IMDS-08-2020-0462","article-title":"Cybersecurity awareness training programs: A cost\u2013benefit analysis framework","volume":"121","author":"Zhang","year":"2021","journal-title":"Ind. Manag. Data Syst."},{"key":"ref_46","doi-asserted-by":"crossref","first-page":"438","DOI":"10.1145\/581271.581274","article-title":"The economics of information security investment","volume":"5","author":"Gordon","year":"2002","journal-title":"ACM Trans. Inf. Syst. Secur. TISSEC"},{"key":"ref_47","doi-asserted-by":"crossref","first-page":"tyaa005","DOI":"10.1093\/cybsec\/tyaa005","article-title":"Integrating cost\u2013benefit analysis into the NIST Cybersecurity Framework via the Gordon\u2013Loeb Model","volume":"6","author":"Gordon","year":"2020","journal-title":"J. Cybersecur."},{"key":"ref_48","first-page":"115","article-title":"Information segmentation and investing in cybersecurity","volume":"12","author":"Gordon","year":"2020","journal-title":"J. Inf. Secur."},{"key":"ref_49","doi-asserted-by":"crossref","unstructured":"Husseis, A., Flores, J.L., Bregar, A., Mazzeo, G., and Coppolino, L. (2023, January 11\u201315). Enhancing Cybersecurity Proactive Decision-Making Through Attack Tree Analysis and MITRE Framework. Proceedings of the 2023 IEEE International Carnahan Conference on Security Technology (ICCST), Pune, India.","DOI":"10.1109\/ICCST59048.2023.10726853"},{"key":"ref_50","unstructured":"Dumitru, D., and Ion, T. (June, January 30). Cybersecurity educational programs: Costs and benefits. Proceedings of the 2019 New Trends in Sustainable Business and Consumption Conference, Bari, Italy."},{"key":"ref_51","unstructured":"Cefaratti, V. (2021). The Human Factor: Identifying and Providing a Cost-Benefit Analysis of Cybersecurity Education. [Master\u2019s Thesis, Utica College]."},{"key":"ref_52","doi-asserted-by":"crossref","unstructured":"Taherdoost, H. (2024). Towards an Innovative Model for Cybersecurity Awareness Training. Information, 15.","DOI":"10.3390\/info15090512"},{"key":"ref_53","doi-asserted-by":"crossref","first-page":"100","DOI":"10.51594\/csitrj.v5i1.708","article-title":"Cybersecurity awareness and education programs: A review of employee engagement and accountability","volume":"5","author":"Abrahams","year":"2024","journal-title":"Comput. Sci. IT Res. J."},{"key":"ref_54","doi-asserted-by":"crossref","first-page":"319","DOI":"10.2307\/249008","article-title":"Perceived usefulness, perceived ease of use, and user acceptance of information technology","volume":"13","author":"Davis","year":"1989","journal-title":"MIS Q."},{"key":"ref_55","unstructured":"Dash, B., and Ansari, M.F. (2025, May 10). An Effective Cybersecurity Awareness Training Model: First Defense of an Organizational Security Strategy. Available online: https:\/\/www.researchgate.net\/publication\/359772764_An_Effective_Cybersecurity_Awareness_Training_Model_First_Defense_of_an_Organizational_Security_Strategy."},{"key":"ref_56","doi-asserted-by":"crossref","first-page":"555","DOI":"10.1080\/1475939X.2023.2248134","article-title":"Stakeholders\u2019 opinions support the people-process-technology framework for implementing digital transformation in higher education","volume":"32","author":"Taher","year":"2023","journal-title":"Technol. Pedagog. Educ."},{"key":"ref_57","doi-asserted-by":"crossref","first-page":"425","DOI":"10.2307\/30036540","article-title":"User acceptance of information technology: Toward a unified view","volume":"27","author":"Venkatesh","year":"2003","journal-title":"MIS Q."},{"key":"ref_58","unstructured":"Bryman, A. (2016). Social Research Methods, Oxford University Press."},{"key":"ref_59","unstructured":"Yin, R.K. (2017). Case Study Research and Applications: Design and Methods, Sage Publications."},{"key":"ref_60","doi-asserted-by":"crossref","first-page":"77","DOI":"10.1191\/1478088706qp063oa","article-title":"Using thematic analysis in psychology","volume":"3","author":"Braun","year":"2006","journal-title":"Qual. Res. Psychol."},{"key":"ref_61","doi-asserted-by":"crossref","unstructured":"Krippendorff, K. (2018). Content Analysis: An Introduction to Its Methodology, Sage Publications.","DOI":"10.4135\/9781071878781"},{"key":"ref_62","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1016\/j.cosrev.2017.10.002","article-title":"The evolution of sentiment analysis\u2014A review of research topics, venues, and top cited papers","volume":"27","author":"Graziotin","year":"2018","journal-title":"Comput. Sci. Rev."},{"key":"ref_63","doi-asserted-by":"crossref","unstructured":"Bhattacharjee, S., Das, A., Bhattacharya, U., Parui, S.K., and Roy, S. (2015, January 9\u201311). Sentiment analysis using cosine similarity measure. Proceedings of the 2015 IEEE 2nd International Conference on Recent Trends in Information Systems (ReTIS), Kolkata, India.","DOI":"10.1109\/ReTIS.2015.7232847"},{"key":"ref_64","doi-asserted-by":"crossref","unstructured":"Mulugoju, A., M, N.R., and Mohammed, M. (2023, January 23\u201325). Social Network-based Data Clustering with Sampling-based Multiview-Points Cosine-based Similarity Metrics of Hybrid Topic Models. Proceedings of the 2023 Second International Conference on Augmented Intelligence and Sustainable Systems (ICAISS), Trichy, India.","DOI":"10.1109\/ICAISS58487.2023.10250738"},{"key":"ref_65","doi-asserted-by":"crossref","unstructured":"Pandey, R., Chaudhari, D., Bhawani, S., Pawar, O., and Barve, S. (2023, January 7\u201318). Interview Bot with Automatic Question Generation and Answer Evaluation. Proceedings of the 2023 9th International Conference on Advanced Computing and Communication Systems (ICACCS), Coimbatore, India.","DOI":"10.1109\/ICACCS57279.2023.10112918"},{"key":"ref_66","doi-asserted-by":"crossref","unstructured":"Zirpe, S., and Joglekar, B. (2017, January 6\u20137). Polarity shift detection approaches in sentiment analysis: A survey. Proceedings of the 2017 International Conference on Inventive Systems and Control (ICISC), Coimbatore, India.","DOI":"10.1109\/ICISC.2017.8068737"},{"key":"ref_67","unstructured":"Tremblay, P.D. (2025, September 01). Shaping and Adapting: Unlocking the Power of Colonel John Boyd\u2019s OODA Loop. Available online: https:\/\/www.pogo.org\/investigations\/unlocking-power-of-colonel-john-boyds-ooda-loop."},{"key":"ref_68","doi-asserted-by":"crossref","unstructured":"Petersen, R., Santos, D., Smith, M., and Witte, G. (2020). Workforce Framework for Cybersecurity (NICE Framework), Technical Report.","DOI":"10.6028\/NIST.SP.800-181r1-draft"},{"key":"ref_69","unstructured":"European Commission (2025, April 28). SME Definition. Available online: https:\/\/single-market-economy.ec.europa.eu\/smes\/sme-fundamentals\/sme-definition_en."},{"key":"ref_70","doi-asserted-by":"crossref","first-page":"16094069251333886","DOI":"10.1177\/16094069251333886","article-title":"Thematic Analysis and Artificial Intelligence: A Step-by-Step Process for Using ChatGPT in Thematic Analysis","volume":"24","author":"Naeem","year":"2025","journal-title":"Int. J. Qual. Methods"},{"key":"ref_71","first-page":"390","article-title":"The use of Generative AI in qualitative analysis: Inductive thematic analysis with ChatGPT","volume":"7","author":"Perkins","year":"2024","journal-title":"J. Appl. Learn. Teach."},{"key":"ref_72","unstructured":"Zhang, H., Wu, C., Xie, J., Lyu, Y., Cai, J., and Carroll, J.M. (2023). Redefining qualitative analysis in the AI era: Utilizing ChatGPT for efficient thematic analysis. arXiv."},{"key":"ref_73","doi-asserted-by":"crossref","first-page":"38805","DOI":"10.1109\/ACCESS.2023.3268224","article-title":"Exploring students\u2019 perceptions of ChatGPT: Thematic analysis and follow-up survey","volume":"11","author":"Shoufan","year":"2023","journal-title":"IEEE Access"},{"key":"ref_74","doi-asserted-by":"crossref","first-page":"e2744","DOI":"10.1002\/smr.2744","article-title":"A SWOT Analysis of Software Development Life Cycle Security Metrics","volume":"37","author":"Khalid","year":"2025","journal-title":"J. Softw. Evol. Process"},{"key":"ref_75","doi-asserted-by":"crossref","unstructured":"Sampada, G., Sake, T. (2021). A systematic review on security metric in secure software development lifecycle. Smart Computing, CRC Press.","DOI":"10.1201\/9781003167488-38"},{"key":"ref_76","doi-asserted-by":"crossref","first-page":"146","DOI":"10.1016\/j.infsof.2018.05.011","article-title":"Mapping the field of software life cycle security metrics","volume":"102","author":"Morrison","year":"2018","journal-title":"Inf. Softw. Technol."},{"key":"ref_77","doi-asserted-by":"crossref","unstructured":"Ghaisas, S., Rose, P., Daneva, M., Sikkel, K., and Wieringa, R.J. (2013, January 20). Generalizing by similarity: Lessons learnt from industrial case studies. Proceedings of the 2013 1st International Workshop on Conducting Empirical Studies in Industry (CESI), San Francisco, CA, USA.","DOI":"10.1109\/CESI.2013.6618468"}],"container-title":["Software"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2674-113X\/4\/4\/25\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,17]],"date-time":"2025-10-17T04:11:07Z","timestamp":1760674267000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2674-113X\/4\/4\/25"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,10,13]]},"references-count":77,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2025,12]]}},"alternative-id":["software4040025"],"URL":"https:\/\/doi.org\/10.3390\/software4040025","relation":{},"ISSN":["2674-113X"],"issn-type":[{"type":"electronic","value":"2674-113X"}],"subject":[],"published":{"date-parts":[[2025,10,13]]}}}