{"id":"https://openalex.org/W3194418750","doi":"https://doi.org/10.1007/s10270-022-00991-5","title":"Checking security compliance between models and code","display_name":"Checking security compliance between models and code","publication_year":2022,"publication_date":"2022-03-18","ids":{"openalex":"https://openalex.org/W3194418750","doi":"https://doi.org/10.1007/s10270-022-00991-5","mag":"3194418750"},"language":"en","primary_location":{"id":"doi:10.1007/s10270-022-00991-5","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10270-022-00991-5","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10270-022-00991-5.pdf","source":{"id":"https://openalex.org/S64245694","display_name":"Software & Systems Modeling","issn_l":"1619-1366","issn":["1619-1366","1619-1374"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Software and Systems Modeling","raw_type":"journal-article"},"type":"article","indexed_in":["arxiv","crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://link.springer.com/content/pdf/10.1007/s10270-022-00991-5.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5007822940","display_name":"Katja Tuma","orcid":"https://orcid.org/0000-0001-7189-2817"},"institutions":[{"id":"https://openalex.org/I865915315","display_name":"Vrije Universiteit Amsterdam","ror":"https://ror.org/008xxew50","country_code":"NL","type":"education","lineage":["https://openalex.org/I865915315"]}],"countries":["NL"],"is_corresponding":true,"raw_author_name":"Katja Tuma","raw_affiliation_strings":["Vrije Universiteit Amsterdam, Amsterdam, The Netherlands"],"affiliations":[{"raw_affiliation_string":"Vrije Universiteit Amsterdam, Amsterdam, The Netherlands","institution_ids":["https://openalex.org/I865915315"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5070179477","display_name":"Sven Peldszus","orcid":"https://orcid.org/0000-0002-2604-0487"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Sven Peldszus","raw_affiliation_strings":["Ruhr University Bochum, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000688587","display_name":"Daniel Str\u00fcber","orcid":"https://orcid.org/0000-0002-5969-3521"},"institutions":[{"id":"https://openalex.org/I66862912","display_name":"Chalmers University of Technology","ror":"https://ror.org/040wg7k59","country_code":"SE","type":"education","lineage":["https://openalex.org/I66862912"]},{"id":"https://openalex.org/I145872427","display_name":"Radboud University Nijmegen","ror":"https://ror.org/016xsfp80","country_code":"NL","type":"education","lineage":["https://openalex.org/I145872427"]}],"countries":["NL","SE"],"is_corresponding":false,"raw_author_name":"Daniel Str\u00fcber","raw_affiliation_strings":["Chalmers | Gothenburg University, G\u00f6teborg, Sweden","Radboud University Nijmegen, Nijmegen, The Netherlands"],"affiliations":[{"raw_affiliation_string":"Chalmers | Gothenburg University, G\u00f6teborg, Sweden","institution_ids":["https://openalex.org/I66862912"]},{"raw_affiliation_string":"Radboud University Nijmegen, Nijmegen, The Netherlands","institution_ids":["https://openalex.org/I145872427"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5012313708","display_name":"Riccardo Scandariato","orcid":"https://orcid.org/0000-0003-3591-7671"},"institutions":[{"id":"https://openalex.org/I159176309","display_name":"Universit\u00e4t Hamburg","ror":"https://ror.org/00g30e956","country_code":"DE","type":"education","lineage":["https://openalex.org/I159176309"]},{"id":"https://openalex.org/I884043246","display_name":"Hamburg University of Technology","ror":"https://ror.org/04bs1pb34","country_code":"DE","type":"education","lineage":["https://openalex.org/I884043246"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Riccardo Scandariato","raw_affiliation_strings":["Hamburg University of Technology, Hamburg, Germany"],"affiliations":[{"raw_affiliation_string":"Hamburg University of Technology, Hamburg, Germany","institution_ids":["https://openalex.org/I159176309","https://openalex.org/I884043246"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5029120753","display_name":"Jan J\u00fcrjens","orcid":"https://orcid.org/0000-0002-8938-0470"},"institutions":[{"id":"https://openalex.org/I2802076133","display_name":"University of Koblenz and Landau","ror":"https://ror.org/01j9f6752","country_code":"DE","type":"education","lineage":["https://openalex.org/I2802076133"]},{"id":"https://openalex.org/I4387153937","display_name":"Universit\u00e4t Koblenz","ror":"https://ror.org/0433e6t24","country_code":null,"type":"education","lineage":["https://openalex.org/I4387153937"]},{"id":"https://openalex.org/I4210163630","display_name":"Fraunhofer Institute for Software and Systems Engineering","ror":"https://ror.org/058kjq542","country_code":"DE","type":"facility","lineage":["https://openalex.org/I4210163630","https://openalex.org/I4923324"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Jan J\u00fcrjens","raw_affiliation_strings":["Fraunhofer Institute for Software and Systems Engineering ISST, Dortmund, Germany","University of Koblenz-Landau, Mainz, Germany"],"affiliations":[{"raw_affiliation_string":"Fraunhofer Institute for Software and Systems Engineering ISST, Dortmund, Germany","institution_ids":["https://openalex.org/I4210163630"]},{"raw_affiliation_string":"University of Koblenz-Landau, Mainz, Germany","institution_ids":["https://openalex.org/I2802076133","https://openalex.org/I4387153937"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5007822940"],"corresponding_institution_ids":["https://openalex.org/I865915315"],"apc_list":{"value":2290,"currency":"EUR","value_usd":2890},"apc_paid":{"value":2290,"currency":"EUR","value_usd":2890},"fwci":1.9365,"has_fulltext":true,"cited_by_count":13,"citation_normalized_percentile":{"value":0.85290193,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":"22","issue":"1","first_page":"273","last_page":"296"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8931193351745605},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.5795965194702148},{"id":"https://openalex.org/keywords/computer-security-model","display_name":"Computer security model","score":0.5432494878768921},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5083596110343933},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.5039767622947693},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.5005190372467041},{"id":"https://openalex.org/keywords/java","display_name":"Java","score":0.4973142445087433},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.4922286570072174},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.4592438042163849},{"id":"https://openalex.org/keywords/static-program-analysis","display_name":"Static program analysis","score":0.4485008120536804},{"id":"https://openalex.org/keywords/source-lines-of-code","display_name":"Source lines of code","score":0.4180292785167694},{"id":"https://openalex.org/keywords/kpi-driven-code-analysis","display_name":"KPI-driven code analysis","score":0.4143190383911133},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3822551965713501},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.3342481255531311},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.3225530982017517},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.2797914147377014},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.2465135157108307},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.2340983748435974},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.22312191128730774},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.20797070860862732},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1262049674987793},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.08392718434333801}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8931193351745605},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.5795965194702148},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.5432494878768921},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5083596110343933},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.5039767622947693},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.5005190372467041},{"id":"https://openalex.org/C548217200","wikidata":"https://www.wikidata.org/wiki/Q251","display_name":"Java","level":2,"score":0.4973142445087433},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.4922286570072174},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.4592438042163849},{"id":"https://openalex.org/C137287247","wikidata":"https://www.wikidata.org/wiki/Q1329550","display_name":"Static program analysis","level":4,"score":0.4485008120536804},{"id":"https://openalex.org/C199519371","wikidata":"https://www.wikidata.org/wiki/Q942695","display_name":"Source lines of code","level":3,"score":0.4180292785167694},{"id":"https://openalex.org/C121957198","wikidata":"https://www.wikidata.org/wiki/Q14365593","display_name":"KPI-driven code analysis","level":5,"score":0.4143190383911133},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3822551965713501},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.3342481255531311},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.3225530982017517},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.2797914147377014},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.2465135157108307},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.2340983748435974},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.22312191128730774},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.20797070860862732},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1262049674987793},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.08392718434333801},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0}],"mesh":[],"locations_count":9,"locations":[{"id":"doi:10.1007/s10270-022-00991-5","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10270-022-00991-5","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10270-022-00991-5.pdf","source":{"id":"https://openalex.org/S64245694","display_name":"Software & Systems Modeling","issn_l":"1619-1366","issn":["1619-1366","1619-1374"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Software and Systems Modeling","raw_type":"journal-article"},{"id":"pmh:oai:research.vu.nl:openaire/c0f9e2a5-aeef-4779-a9d5-2a7376564b75","is_oa":true,"landing_page_url":"https://research.vu.nl/en/publications/c0f9e2a5-aeef-4779-a9d5-2a7376564b75","pdf_url":null,"source":{"id":"https://openalex.org/S4306401107","display_name":"VU Research Portal","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I865915315","host_organization_name":"Vrije Universiteit Amsterdam","host_organization_lineage":["https://openalex.org/I865915315"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Tuma, K, Peldszus, S, Str\u00fcber, D, Scandariato, R & J\u00fcrjens, J 2023, 'Checking security compliance between models and code', Software and Systems Modeling, vol. 22, no. 1, pp. 273-296. https://doi.org/10.1007/s10270-022-00991-5","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:arXiv.org:2108.08579","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2108.08579","pdf_url":"https://arxiv.org/pdf/2108.08579","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"pmh:oai:repository.ubn.ru.nl:2066/289900","is_oa":true,"landing_page_url":"https://hdl.handle.net/2066/289900","pdf_url":"https://repository.ubn.ru.nl//bitstream/handle/2066/289900/289900.pdf","source":{"id":"https://openalex.org/S4306401067","display_name":"Radboud Repository (Radboud University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I145872427","host_organization_name":"Radboud University Nijmegen","host_organization_lineage":["https://openalex.org/I145872427"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Article / Letter to editor"},{"id":"pmh:ru:oai:repository.ubn.ru.nl:2066/289900","is_oa":true,"landing_page_url":"http://hdl.handle.net/2066/289900","pdf_url":"https://repository.ubn.ru.nl/bitstream/handle/2066/289900/1/289900.pdf","source":{"id":"https://openalex.org/S4306401843","display_name":"Data Archiving and Networked Services (DANS)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1322597698","host_organization_name":"Royal Netherlands Academy of Arts and Sciences","host_organization_lineage":["https://openalex.org/I1322597698"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Software and Systems Modeling, 22, 273 - 296","raw_type":"info:eu-repo/semantics/article"},{"id":"pmh:oai:null:11420/14026","is_oa":true,"landing_page_url":"http://hdl.handle.net/11420/14026","pdf_url":null,"source":{"id":"https://openalex.org/S4306401751","display_name":"tub.dok (Hamburg University of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I884043246","host_organization_name":"Hamburg University of Technology","host_organization_lineage":["https://openalex.org/I884043246"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Journal Article"},{"id":"pmh:oai:publica.fraunhofer.de:publica/428187","is_oa":false,"landing_page_url":"https://publica.fraunhofer.de/handle/publica/428187","pdf_url":null,"source":{"id":"https://openalex.org/S4306400318","display_name":"Fraunhofer-Publica (Fraunhofer-Gesellschaft)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4923324","host_organization_name":"Fraunhofer-Gesellschaft","host_organization_lineage":["https://openalex.org/I4923324"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"journal article"},{"id":"pmh:oai:research.vu.nl:openaire_cris_publications/c0f9e2a5-aeef-4779-a9d5-2a7376564b75","is_oa":true,"landing_page_url":"https://hdl.handle.net/1871.1/c0f9e2a5-aeef-4779-a9d5-2a7376564b75","pdf_url":null,"source":{"id":"https://openalex.org/S4306401107","display_name":"VU Research Portal","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I865915315","host_organization_name":"Vrije Universiteit Amsterdam","host_organization_lineage":["https://openalex.org/I865915315"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Tuma, K, Peldszus, S, Str\u00fcber, D, Scandariato, R & J\u00fcrjens, J 2023, 'Checking security compliance between models and code', Software and Systems Modeling, vol. 22, no. 1, pp. 273-296. https://doi.org/10.1007/s10270-022-00991-5","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"doi:10.15480/882.4953","is_oa":true,"landing_page_url":"https://doi.org/10.15480/882.4953","pdf_url":null,"source":{"id":"https://openalex.org/S7407052987","display_name":"TUHH Open Research","issn_l":null,"issn":[],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article-journal"}],"best_oa_location":{"id":"doi:10.1007/s10270-022-00991-5","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10270-022-00991-5","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10270-022-00991-5.pdf","source":{"id":"https://openalex.org/S64245694","display_name":"Software & Systems Modeling","issn_l":"1619-1366","issn":["1619-1366","1619-1374"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Software and Systems Modeling","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/8","score":0.6000000238418579,"display_name":"Decent work and economic growth"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320320875","display_name":"Deutscher Akademischer Austauschdienst","ror":"https://ror.org/039djdh30"},{"id":"https://openalex.org/F4320332999","display_name":"Horizon 2020 Framework Programme","ror":"https://ror.org/00k4n6c32"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3194418750.pdf","grobid_xml":"https://content.openalex.org/works/W3194418750.grobid-xml"},"referenced_works_count":71,"referenced_works":["https://openalex.org/W146540859","https://openalex.org/W572872720","https://openalex.org/W1499141839","https://openalex.org/W1525731446","https://openalex.org/W1647671624","https://openalex.org/W1761184020","https://openalex.org/W1829867068","https://openalex.org/W1933769607","https://openalex.org/W1971500471","https://openalex.org/W1973944748","https://openalex.org/W1980974366","https://openalex.org/W1983872353","https://openalex.org/W2004901564","https://openalex.org/W2028834599","https://openalex.org/W2039122942","https://openalex.org/W2047590718","https://openalex.org/W2054332523","https://openalex.org/W2078197322","https://openalex.org/W2080946064","https://openalex.org/W2089132965","https://openalex.org/W2089216878","https://openalex.org/W2098019984","https://openalex.org/W2099752871","https://openalex.org/W2105285801","https://openalex.org/W2106371080","https://openalex.org/W2111937777","https://openalex.org/W2112857338","https://openalex.org/W2113115074","https://openalex.org/W2116560806","https://openalex.org/W2122049982","https://openalex.org/W2130475833","https://openalex.org/W2134296086","https://openalex.org/W2166743230","https://openalex.org/W2172100572","https://openalex.org/W2204102791","https://openalex.org/W2294072104","https://openalex.org/W2343325785","https://openalex.org/W2492688925","https://openalex.org/W2510711881","https://openalex.org/W2514968539","https://openalex.org/W2525290333","https://openalex.org/W2535972765","https://openalex.org/W2591902139","https://openalex.org/W2649501556","https://openalex.org/W2680736912","https://openalex.org/W2767443427","https://openalex.org/W2791828696","https://openalex.org/W2796023385","https://openalex.org/W2804646481","https://openalex.org/W2809689731","https://openalex.org/W2810028966","https://openalex.org/W2890916148","https://openalex.org/W2897344898","https://openalex.org/W2907724967","https://openalex.org/W2943425875","https://openalex.org/W2982646748","https://openalex.org/W2990442582","https://openalex.org/W3013132547","https://openalex.org/W3029236728","https://openalex.org/W3103102799","https://openalex.org/W3103666600","https://openalex.org/W3108199902","https://openalex.org/W3109195496","https://openalex.org/W4205736829","https://openalex.org/W4241796404","https://openalex.org/W4244726870","https://openalex.org/W4244969923","https://openalex.org/W4246206803","https://openalex.org/W4253790686","https://openalex.org/W4285413042","https://openalex.org/W4285719527"],"related_works":["https://openalex.org/W2120086576","https://openalex.org/W4232396753","https://openalex.org/W2252827360","https://openalex.org/W2375214848","https://openalex.org/W2034209539","https://openalex.org/W2762611631","https://openalex.org/W2986478207","https://openalex.org/W100266679","https://openalex.org/W4312706861","https://openalex.org/W2148190602"],"abstract_inverted_index":{"Abstract":[0],"It":[1],"is":[2,44],"challenging":[3],"to":[4,95,125],"verify":[5],"that":[6,33],"the":[7,15,18,23,37,54,91,108,121,126,131,144],"planned":[8],"security":[9,25,31,105,128,139],"mechanisms":[10,26],"are":[11],"actually":[12],"implemented":[13,24],"in":[14,36,93,98,107],"software.":[16],"In":[17],"context":[19],"of":[20,120,130,138],"model-based":[21],"development,":[22],"must":[27],"capture":[28],"all":[29],"intended":[30],"properties":[32,129],"were":[34],"considered":[35],"design":[38,65,132],"models.":[39],"Assuring":[40],"this":[41],"compliance":[42,62,100,140],"manually":[43],"labor":[45],"intensive":[46],"and":[47,67,82,102,116,142],"can":[48],"be":[49],"error-prone.":[50],"This":[51],"work":[52],"introduces":[53],"first":[55],"semi-automatic":[56],"technique":[57],"for":[58],"secure":[59],"data":[60],"flow":[61],"checks":[63,141],"between":[64,74],"models":[66],"code.":[68,109],"We":[69,134],"develop":[70],"heuristic-based":[71],"automated":[72,114],"mappings":[73,111],"a":[75,83],"design-level":[76],"model":[77],"(SecDFD,":[78],"provided":[79],"by":[80],"humans)":[81],"code-level":[84],"representation":[85],"(Program":[86],"Model,":[87],"automatically":[88],"extracted":[89],"from":[90],"implementation)":[92],"order":[94],"guide":[96],"users":[97],"discovering":[99],"violations,":[101],"hence,":[103],"potential":[104],"flaws":[106],"These":[110],"enable":[112],"an":[113],",":[115],"project-specific":[117],"static":[118],"analysis":[119],"implementation":[122],"with":[123],"respect":[124],"desired":[127],"model.":[133],"developed":[135],"two":[136],"types":[137],"evaluated":[143],"entire":[145],"approach":[146],"on":[147],"open":[148],"source":[149],"Java":[150],"projects.":[151]},"counts_by_year":[{"year":2025,"cited_by_count":9},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":2}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}