{"id":"https://openalex.org/W2804537277","doi":"https://doi.org/10.1109/access.2018.2840322","title":"A Readiness Model for Security Requirements Engineering","display_name":"A Readiness Model for Security Requirements Engineering","publication_year":2018,"publication_date":"2018-01-01","ids":{"openalex":"https://openalex.org/W2804537277","doi":"https://doi.org/10.1109/access.2018.2840322","mag":"2804537277"},"language":"en","primary_location":{"id":"doi:10.1109/access.2018.2840322","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2018.2840322","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1109/access.2018.2840322","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5018555070","display_name":"Yusuf Mufti","orcid":null},"institutions":[{"id":"https://openalex.org/I134085113","display_name":"King Fahd University of Petroleum and Minerals","ror":"https://ror.org/03yez3163","country_code":"SA","type":"education","lineage":["https://openalex.org/I134085113"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Yusuf Mufti","raw_affiliation_strings":["King Fahd University of Petroleum & Minerals, Dhahran, SA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"King Fahd University of Petroleum & Minerals, Dhahran, SA","institution_ids":["https://openalex.org/I134085113"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5041382184","display_name":"Mahmood Niazi","orcid":"https://orcid.org/0000-0001-7318-7644"},"institutions":[{"id":"https://openalex.org/I134085113","display_name":"King Fahd University of Petroleum and Minerals","ror":"https://ror.org/03yez3163","country_code":"SA","type":"education","lineage":["https://openalex.org/I134085113"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Mahmood Niazi","raw_affiliation_strings":["King Fahd University of Petroleum & Minerals, Dhahran, SA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"King Fahd University of Petroleum & Minerals, Dhahran, SA","institution_ids":["https://openalex.org/I134085113"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5014589730","display_name":"Mohammad Alshayeb","orcid":"https://orcid.org/0000-0001-7950-0099"},"institutions":[{"id":"https://openalex.org/I134085113","display_name":"King Fahd University of Petroleum and Minerals","ror":"https://ror.org/03yez3163","country_code":"SA","type":"education","lineage":["https://openalex.org/I134085113"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Mohammad Alshayeb","raw_affiliation_strings":["King Fahd University of Petroleum & Minerals, Dhahran, SA"],"raw_orcid":"https://orcid.org/0000-0001-7950-0099","affiliations":[{"raw_affiliation_string":"King Fahd University of Petroleum & Minerals, Dhahran, SA","institution_ids":["https://openalex.org/I134085113"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5007816848","display_name":"Sajjad Mahmood","orcid":"https://orcid.org/0000-0001-5786-5118"},"institutions":[{"id":"https://openalex.org/I134085113","display_name":"King Fahd University of Petroleum and Minerals","ror":"https://ror.org/03yez3163","country_code":"SA","type":"education","lineage":["https://openalex.org/I134085113"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Sajjad Mahmood","raw_affiliation_strings":["King Fahd University of Petroleum & Minerals, Dhahran, SA"],"raw_orcid":"https://orcid.org/0000-0001-5786-5118","affiliations":[{"raw_affiliation_string":"King Fahd University of Petroleum & Minerals, Dhahran, SA","institution_ids":["https://openalex.org/I134085113"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":6.1697,"has_fulltext":false,"cited_by_count":44,"citation_normalized_percentile":{"value":0.96608707,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":"6","issue":null,"first_page":"28611","last_page":"28631"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10430","display_name":"Software Engineering Techniques and Practices","score":0.9976999759674072,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/security-engineering","display_name":"Security engineering","score":0.6662728786468506},{"id":"https://openalex.org/keywords/requirements-engineering","display_name":"Requirements engineering","score":0.6100136041641235},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5979387760162354},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.5812425017356873},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.5313870310783386},{"id":"https://openalex.org/keywords/software-development-process","display_name":"Software development process","score":0.5019810199737549},{"id":"https://openalex.org/keywords/requirements-analysis","display_name":"Requirements analysis","score":0.4970255196094513},{"id":"https://openalex.org/keywords/social-software-engineering","display_name":"Social software engineering","score":0.4683486819267273},{"id":"https://openalex.org/keywords/software-requirements","display_name":"Software requirements","score":0.4650256633758545},{"id":"https://openalex.org/keywords/systems-development-life-cycle","display_name":"Systems development life cycle","score":0.4445134401321411},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.43249472975730896},{"id":"https://openalex.org/keywords/software-engineering-process-group","display_name":"Software Engineering Process Group","score":0.43248116970062256},{"id":"https://openalex.org/keywords/domain","display_name":"Domain (mathematical analysis)","score":0.42200398445129395},{"id":"https://openalex.org/keywords/personal-software-process","display_name":"Personal software process","score":0.41236305236816406},{"id":"https://openalex.org/keywords/engineering-management","display_name":"Engineering management","score":0.35904014110565186},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.350676953792572},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.3488110601902008},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3198705315589905},{"id":"https://openalex.org/keywords/software-construction","display_name":"Software construction","score":0.2459946572780609},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.23449566960334778},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.1988411843776703},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.15384414792060852}],"concepts":[{"id":"https://openalex.org/C13159133","wikidata":"https://www.wikidata.org/wiki/Q365674","display_name":"Security engineering","level":5,"score":0.6662728786468506},{"id":"https://openalex.org/C6604083","wikidata":"https://www.wikidata.org/wiki/Q376937","display_name":"Requirements engineering","level":3,"score":0.6100136041641235},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5979387760162354},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.5812425017356873},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.5313870310783386},{"id":"https://openalex.org/C180152950","wikidata":"https://www.wikidata.org/wiki/Q2904257","display_name":"Software development process","level":4,"score":0.5019810199737549},{"id":"https://openalex.org/C59488412","wikidata":"https://www.wikidata.org/wiki/Q187147","display_name":"Requirements analysis","level":3,"score":0.4970255196094513},{"id":"https://openalex.org/C182500959","wikidata":"https://www.wikidata.org/wiki/Q7551380","display_name":"Social software engineering","level":5,"score":0.4683486819267273},{"id":"https://openalex.org/C54534927","wikidata":"https://www.wikidata.org/wiki/Q4462275","display_name":"Software requirements","level":5,"score":0.4650256633758545},{"id":"https://openalex.org/C120617098","wikidata":"https://www.wikidata.org/wiki/Q559486","display_name":"Systems development life cycle","level":5,"score":0.4445134401321411},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.43249472975730896},{"id":"https://openalex.org/C44416564","wikidata":"https://www.wikidata.org/wiki/Q7554199","display_name":"Software Engineering Process Group","level":5,"score":0.43248116970062256},{"id":"https://openalex.org/C36503486","wikidata":"https://www.wikidata.org/wiki/Q11235244","display_name":"Domain (mathematical analysis)","level":2,"score":0.42200398445129395},{"id":"https://openalex.org/C39890963","wikidata":"https://www.wikidata.org/wiki/Q1702721","display_name":"Personal software process","level":5,"score":0.41236305236816406},{"id":"https://openalex.org/C110354214","wikidata":"https://www.wikidata.org/wiki/Q6314146","display_name":"Engineering management","level":1,"score":0.35904014110565186},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.350676953792572},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.3488110601902008},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3198705315589905},{"id":"https://openalex.org/C186846655","wikidata":"https://www.wikidata.org/wiki/Q3398377","display_name":"Software construction","level":4,"score":0.2459946572780609},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.23449566960334778},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.1988411843776703},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.15384414792060852},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2018.2840322","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2018.2840322","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:6ae23f6075004739ac9d74d117163650","is_oa":true,"landing_page_url":"https://doaj.org/article/6ae23f6075004739ac9d74d117163650","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 6, Pp 28611-28631 (2018)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2018.2840322","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2018.2840322","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Responsible consumption and production","id":"https://metadata.un.org/sdg/12","score":0.47999998927116394}],"awards":[{"id":"https://openalex.org/G3279427423","display_name":null,"funder_award_id":"IN161024","funder_id":"https://openalex.org/F4320322323","funder_display_name":"King Fahd University of Petroleum and Minerals"}],"funders":[{"id":"https://openalex.org/F4320322323","display_name":"King Fahd University of Petroleum and Minerals","ror":"https://ror.org/03yez3163"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":50,"referenced_works":["https://openalex.org/W4214443","https://openalex.org/W1510131813","https://openalex.org/W1526140543","https://openalex.org/W1592063330","https://openalex.org/W1601203870","https://openalex.org/W1870107365","https://openalex.org/W1922979104","https://openalex.org/W1988225931","https://openalex.org/W1989180756","https://openalex.org/W1993051533","https://openalex.org/W2013238834","https://openalex.org/W2013970737","https://openalex.org/W2015004885","https://openalex.org/W2022756008","https://openalex.org/W2047723056","https://openalex.org/W2052632834","https://openalex.org/W2056786770","https://openalex.org/W2062212465","https://openalex.org/W2075827835","https://openalex.org/W2078899285","https://openalex.org/W2081944711","https://openalex.org/W2085755607","https://openalex.org/W2086116693","https://openalex.org/W2095818413","https://openalex.org/W2100850651","https://openalex.org/W2119259807","https://openalex.org/W2127393411","https://openalex.org/W2135361367","https://openalex.org/W2135764524","https://openalex.org/W2150071393","https://openalex.org/W2153078420","https://openalex.org/W2210929881","https://openalex.org/W2294407885","https://openalex.org/W2342723101","https://openalex.org/W2507315740","https://openalex.org/W2510035844","https://openalex.org/W2523012251","https://openalex.org/W2543056837","https://openalex.org/W2547043776","https://openalex.org/W2759921978","https://openalex.org/W3161918289","https://openalex.org/W4205192141","https://openalex.org/W4242526644","https://openalex.org/W4251110838","https://openalex.org/W6600182073","https://openalex.org/W6636046094","https://openalex.org/W6640129242","https://openalex.org/W6672386099","https://openalex.org/W6677506591","https://openalex.org/W6812742317"],"related_works":["https://openalex.org/W1190389589","https://openalex.org/W4387124100","https://openalex.org/W2796574428","https://openalex.org/W2810677208","https://openalex.org/W2486935628","https://openalex.org/W2963218284","https://openalex.org/W1548760905","https://openalex.org/W2062964575","https://openalex.org/W3153864189","https://openalex.org/W4200131578"],"abstract_inverted_index":{"The":[0,79,207],"focus":[1],"on":[2,170],"secure":[3,33,50],"software":[4,15,27,43,51,227],"development":[5,16,28,52],"has":[6,215],"been":[7],"growing":[8],"steadily":[9],"in":[10,21,31,76,123,159,165,197,225],"all":[11],"phases":[12],"of":[13,26,36,72,81,129,173,223],"the":[14,22,37,42,70,120,124,163,171,174,185,189,201,205,213,216,220,226],"life":[17],"cycle.":[18],"Security":[19],"awareness":[20],"requirements":[23,74,89,101,143],"engineering":[24,75,90,102],"stage":[25],"is":[29,45,65,84],"important":[30],"building":[32],"software.":[34],"One":[35],"major":[38],"issues":[39],"faced":[40],"by":[41],"industry":[44],"that":[46,212],"many":[47],"organizations":[48,96],"undertake":[49,61],"initiatives":[53],"without":[54],"knowing":[55],"whether":[56],"they":[57],"are":[58],"ready":[59],"to":[60,68,85,94,97,108,118,149,161,182,199,204,218],"them.":[62],"Currently,":[63],"there":[64],"no":[66],"model":[67,92],"measure":[69],"readiness":[71,91,104,221],"security":[73,88,100,142],"an":[77],"organization.":[78],"objective":[80],"this":[82,110],"paper":[83],"develop":[86],"a":[87,112,151,166],"(SRERM)":[93],"enable":[95],"assess":[98],"their":[99],"(SRE)":[103],"levels.":[105],"In":[106],"order":[107,160,198],"achieve":[109],"goal,":[111],"systematic":[113],"mapping":[114],"study":[115,209],"was":[116,138],"conducted":[117,158,196],"identify":[119,219],"relevant":[121],"studies":[122,132,156,194],"SRE":[125,224],"domain.":[126],"A":[127],"total":[128],"104":[130],"primary":[131],"were":[133,157,180,195],"identified,":[134],"and":[135,145],"available":[136],"evidence":[137],"synthesized":[139],"into":[140],"12":[141],"categories":[144],"76":[146],"best":[147],"practices":[148],"build":[150],"SRERM.":[152,186,206],"Initially,":[153],"two":[154,175,191],"case":[155,176,193,208],"evaluate":[162,200],"SRERM":[164,214],"real-world":[167],"environment.":[168],"Based":[169],"outcomes":[172],"studies,":[177],"some":[178],"modifications":[179,202],"proposed":[181],"further":[183],"improve":[184],"After":[187],"modifying":[188],"SRERM,":[190],"more":[192],"made":[203],"results":[210],"indicate":[211],"ability":[217],"levels":[222],"industry.":[228]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":7},{"year":2023,"cited_by_count":11},{"year":2022,"cited_by_count":9},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":9},{"year":2019,"cited_by_count":3},{"year":2018,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}