{"id":"https://openalex.org/W4285214171","doi":"https://doi.org/10.1109/access.2022.3179822","title":"Analyzing and Evaluating Critical Cyber Security Challenges Faced by Vendor Organizations in Software Development: SLR Based Approach","display_name":"Analyzing and Evaluating Critical Cyber Security Challenges Faced by Vendor Organizations in Software Development: SLR Based Approach","publication_year":2022,"publication_date":"2022-01-01","ids":{"openalex":"https://openalex.org/W4285214171","doi":"https://doi.org/10.1109/access.2022.3179822"},"language":"en","primary_location":{"id":"doi:10.1109/access.2022.3179822","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2022.3179822","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/09786760.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/09786760.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5047683277","display_name":"Abdul Wahid Khan","orcid":"https://orcid.org/0000-0003-0415-099X"},"institutions":[{"id":"https://openalex.org/I4210154218","display_name":"University of Science and Technology Bannu","ror":"https://ror.org/04be2dn15","country_code":"PK","type":"education","lineage":["https://openalex.org/I4210154218"]}],"countries":["PK"],"is_corresponding":true,"raw_author_name":"Abdul Wahid Khan","raw_affiliation_strings":["Department of Computer Science, University of Science and Technology Bannu, Khyber Pakhtunkhwa, Pakistan","Technology Bannu, KP, Pakistan"],"raw_orcid":"https://orcid.org/0000-0003-0415-099X","affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Science and Technology Bannu, Khyber Pakhtunkhwa, Pakistan","institution_ids":["https://openalex.org/I4210154218"]},{"raw_affiliation_string":"Technology Bannu, KP, Pakistan","institution_ids":["https://openalex.org/I4210154218"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5021338963","display_name":"Shah Zaib","orcid":null},"institutions":[{"id":"https://openalex.org/I4210154218","display_name":"University of Science and Technology Bannu","ror":"https://ror.org/04be2dn15","country_code":"PK","type":"education","lineage":["https://openalex.org/I4210154218"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Shah Zaib","raw_affiliation_strings":["Department of Computer Science, University of Science and Technology Bannu, Khyber Pakhtunkhwa, Pakistan","Technology Bannu, KP, Pakistan"],"raw_orcid":"https://orcid.org/0000-0003-0443-2428","affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Science and Technology Bannu, Khyber Pakhtunkhwa, Pakistan","institution_ids":["https://openalex.org/I4210154218"]},{"raw_affiliation_string":"Technology Bannu, KP, Pakistan","institution_ids":["https://openalex.org/I4210154218"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5071662846","display_name":"Faheem Khan","orcid":"https://orcid.org/0000-0001-6220-0225"},"institutions":[{"id":"https://openalex.org/I12832649","display_name":"Gachon University","ror":"https://ror.org/03ryywt80","country_code":"KR","type":"education","lineage":["https://openalex.org/I12832649"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Faheem Khan","raw_affiliation_strings":["Department of Computer Engineering, Gachon University, Seongnam, South Korea","Department of Computer Engineering, Gachon University, Seongnam, 13120, South Korea"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Engineering, Gachon University, Seongnam, South Korea","institution_ids":["https://openalex.org/I12832649"]},{"raw_affiliation_string":"Department of Computer Engineering, Gachon University, Seongnam, 13120, South Korea","institution_ids":["https://openalex.org/I12832649"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5032303385","display_name":"\u0130lhan Tar\u0131mer","orcid":"https://orcid.org/0000-0002-7274-5680"},"institutions":[{"id":"https://openalex.org/I79946792","display_name":"Mu\u011fla University","ror":"https://ror.org/05n2cz176","country_code":"TR","type":"education","lineage":["https://openalex.org/I79946792"]}],"countries":["TR"],"is_corresponding":false,"raw_author_name":"Ilhan Tarimer","raw_affiliation_strings":["Department of Information Systems Engineering, Mugla Sitki Kocman University, Mugla, Turkey"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Information Systems Engineering, Mugla Sitki Kocman University, Mugla, Turkey","institution_ids":["https://openalex.org/I79946792"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5051250672","display_name":"Jung Taek Seo","orcid":"https://orcid.org/0000-0003-0971-8548"},"institutions":[{"id":"https://openalex.org/I12832649","display_name":"Gachon University","ror":"https://ror.org/03ryywt80","country_code":"KR","type":"education","lineage":["https://openalex.org/I12832649"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Jung Taek Seo","raw_affiliation_strings":["Department of Computer Engineering, Gachon University, Seongnam, South Korea","Department of Computer Engineering, Gachon University, Seongnam, 13120, South Korea"],"raw_orcid":"https://orcid.org/0000-0003-0971-8548","affiliations":[{"raw_affiliation_string":"Department of Computer Engineering, Gachon University, Seongnam, South Korea","institution_ids":["https://openalex.org/I12832649"]},{"raw_affiliation_string":"Department of Computer Engineering, Gachon University, Seongnam, 13120, South Korea","institution_ids":["https://openalex.org/I12832649"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5055766787","display_name":"Jiho Shin","orcid":"https://orcid.org/0000-0002-2697-8221"},"institutions":[{"id":"https://openalex.org/I323440827","display_name":"Korean National Police University","ror":"https://ror.org/02s89kd69","country_code":"KR","type":"education","lineage":["https://openalex.org/I323440827"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Jiho Shin","raw_affiliation_strings":["Police Science Institute, Korea National Police University, Asan, South Korea","Police Science Institute, Korea National Police University, Asan, 31539, South Korea"],"raw_orcid":"https://orcid.org/0000-0002-2697-8221","affiliations":[{"raw_affiliation_string":"Police Science Institute, Korea National Police University, Asan, South Korea","institution_ids":["https://openalex.org/I323440827"]},{"raw_affiliation_string":"Police Science Institute, Korea National Police University, Asan, 31539, South Korea","institution_ids":["https://openalex.org/I323440827"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5047683277"],"corresponding_institution_ids":["https://openalex.org/I4210154218"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":9.5632,"has_fulltext":true,"cited_by_count":33,"citation_normalized_percentile":{"value":0.98024335,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":"10","issue":null,"first_page":"65044","last_page":"65054"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10430","display_name":"Software Engineering Techniques and Practices","score":0.9825999736785889,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9746000170707703,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/vendor","display_name":"Vendor","score":0.8175429105758667},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6061886548995972},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.48361340165138245},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4489278197288513},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.3686493933200836},{"id":"https://openalex.org/keywords/engineering-management","display_name":"Engineering management","score":0.3626481890678406},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.212169349193573},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.1478653848171234},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.07683724164962769}],"concepts":[{"id":"https://openalex.org/C2777338717","wikidata":"https://www.wikidata.org/wiki/Q1762621","display_name":"Vendor","level":2,"score":0.8175429105758667},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6061886548995972},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.48361340165138245},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4489278197288513},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.3686493933200836},{"id":"https://openalex.org/C110354214","wikidata":"https://www.wikidata.org/wiki/Q6314146","display_name":"Engineering management","level":1,"score":0.3626481890678406},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.212169349193573},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.1478653848171234},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.07683724164962769},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2022.3179822","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2022.3179822","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/09786760.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:8e43e010f88541c3843bd1adcde9f761","is_oa":true,"landing_page_url":"https://doaj.org/article/8e43e010f88541c3843bd1adcde9f761","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 10, Pp 65044-65054 (2022)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2022.3179822","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2022.3179822","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/09786760.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Climate action","score":0.49000000953674316,"id":"https://metadata.un.org/sdg/13"}],"awards":[{"id":"https://openalex.org/G1600267181","display_name":null,"funder_award_id":"2101058","funder_id":"https://openalex.org/F4320322037","funder_display_name":"Nuclear Safety and Security Commission"},{"id":"https://openalex.org/G2429850211","display_name":null,"funder_award_id":"2021-0-00493","funder_id":"https://openalex.org/F4320328359","funder_display_name":"Ministry of Science and ICT, South Korea"},{"id":"https://openalex.org/G3700732605","display_name":null,"funder_award_id":"2021-0-00493","funder_id":"https://openalex.org/F4320335489","funder_display_name":"Institute for Information and Communications Technology Promotion"},{"id":"https://openalex.org/G5438429304","display_name":null,"funder_award_id":"2021-0-00493","funder_id":"https://openalex.org/F4320335839","funder_display_name":"National Institute of Information and Communications Technology"}],"funders":[{"id":"https://openalex.org/F4320322037","display_name":"Nuclear Safety and Security Commission","ror":"https://ror.org/05qk3ge34"},{"id":"https://openalex.org/F4320328359","display_name":"Ministry of Science and ICT, South Korea","ror":"https://ror.org/01wpjm123"},{"id":"https://openalex.org/F4320335489","display_name":"Institute for Information and Communications Technology Promotion","ror":"https://ror.org/01g0hqq23"},{"id":"https://openalex.org/F4320335839","display_name":"National Institute of Information and Communications Technology","ror":"https://ror.org/016bgq349"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4285214171.pdf","grobid_xml":"https://content.openalex.org/works/W4285214171.grobid-xml"},"referenced_works_count":47,"referenced_works":["https://openalex.org/W101424076","https://openalex.org/W1589332044","https://openalex.org/W1742813727","https://openalex.org/W1925725102","https://openalex.org/W1966578162","https://openalex.org/W1966741850","https://openalex.org/W1969518293","https://openalex.org/W1987059498","https://openalex.org/W2002356434","https://openalex.org/W2048759110","https://openalex.org/W2052496023","https://openalex.org/W2069875512","https://openalex.org/W2083972350","https://openalex.org/W2088068315","https://openalex.org/W2093504720","https://openalex.org/W2128531654","https://openalex.org/W2158894011","https://openalex.org/W2164317000","https://openalex.org/W2185273653","https://openalex.org/W2195555736","https://openalex.org/W2367953190","https://openalex.org/W2396824417","https://openalex.org/W2415249954","https://openalex.org/W2416671302","https://openalex.org/W2486979789","https://openalex.org/W2491381822","https://openalex.org/W2626034984","https://openalex.org/W2792015048","https://openalex.org/W2801931897","https://openalex.org/W2884960840","https://openalex.org/W2894616207","https://openalex.org/W2936932759","https://openalex.org/W2955176466","https://openalex.org/W3015317224","https://openalex.org/W4205425119","https://openalex.org/W4205648909","https://openalex.org/W4206927988","https://openalex.org/W4211084182","https://openalex.org/W4245723868","https://openalex.org/W4391201374","https://openalex.org/W6635153445","https://openalex.org/W6660430047","https://openalex.org/W6686607781","https://openalex.org/W6686925038","https://openalex.org/W6711951602","https://openalex.org/W6714052884","https://openalex.org/W6742430978"],"related_works":["https://openalex.org/W2748952813","https://openalex.org/W2478661203","https://openalex.org/W2004830053","https://openalex.org/W3008115697","https://openalex.org/W2349167760","https://openalex.org/W2145175947","https://openalex.org/W3124949371","https://openalex.org/W4287864641","https://openalex.org/W2120643196","https://openalex.org/W1567555513"],"abstract_inverted_index":{"Security":[0,72,233],"is":[1,58,68,106,142],"the":[2,14,59,88,123,170,179,196,270,275],"protection":[3],"from":[4],"various":[5],"kinds":[6,48],"of":[7,16,49,84,90,154,178,186,195,219,222,227,236,241,247,250,258,265],"threats":[8],"and":[9,36,132,190,204,238,256,261,272,285],"most":[10,60],"organizations":[11,53,80],"engage":[12],"in":[13,51,63,92,130,181,274,279],"challenge":[15],"security":[17,29,43,86,99,211],"especially":[18],"cyber-attacks.":[19],"The":[20,263],"attacks":[21],"are":[22,46,213],"increasing":[23],"rapidly,":[24],"due":[25],"to":[26,81,144],"which":[27,40,57,215],"cyber":[28,55,85,98,210],"does":[30],"not":[31,134],"now":[32],"change":[33],"on":[34,108,119],"supervised":[35],"pattern-based":[37],"detection":[38],"algorithms":[39],"assure":[41],"continuous":[42],"observing.":[44],"There":[45],"many":[47],"problems":[50],"vendor":[52,94],"like":[54],"theft,":[56],"common":[61],"attack":[62],"cyberspace.":[64],"This":[65,149],"research":[66,111,120,126,147],"study":[67,268],"developing":[69,114],"a":[70,93,101,115,191],"Cyber":[71],"Challenges":[73],"Model":[74],"(CSCM)":[75],"that":[76],"will":[77],"facilitate":[78],"vendors’":[79],"identify":[82],"challenges":[83,212,278],"during":[87,254],"development":[89],"software":[91],"organization.":[95],"To":[96],"find":[97],"issues/challenges,":[100],"Systematic":[102],"Literature":[103],"Review":[104],"(SLR)":[105],"conducted":[107],"44":[109],"relevant":[110,146,150],"publications":[112,127],"by":[113],"search":[116],"string":[117],"based":[118],"questions.":[121],"As":[122],"final":[124],"selected":[125],"were":[128],"less":[129],"number":[131],"did":[133],"complete":[135],"our":[136,266],"aim,":[137],"therefore,":[138],"snow":[139],"bowling":[140],"technique":[141],"applied":[143],"67":[145],"publications.":[148],"data":[151,199,201,205],"was":[152],"comprised":[153],"different":[155,280],"databases/sources":[156],"e.g.,":[157],"Google":[158],"Scholar,":[159],"IEEE":[160],"Explore,":[161],"SpringerLink,":[162],"ACM":[163],"Digital":[164],"Library,":[165],"anFffid":[166],"ScienceDirect.":[167],"Furthermore,":[168],"for":[169,183],"distinctive":[171],"literature":[172],"review,":[173],"we’ve":[174],"carried":[175],"out":[176],"all":[177],"steps":[180],"SLR,":[182],"example,":[184],"improvement":[185],"SLR":[187],"protocol,":[188],"initials,":[189],"very":[192],"last":[193],"collection":[194],"applicable":[197],"information,":[198],"extraction,":[200],"quality":[202],"assessment,":[203],"synthesis.":[206],"Thirteen":[207],"(13)":[208],"critical":[209],"identified":[214],"are;":[216],"“Security":[217],"issues/Access":[218],"Cyberattacks”,":[220],"“Lack":[221,226,235,240,246,249,257],"Right":[223],"Knowledge”,":[224],"“Framework”,":[225],"Technical":[228],"Support”,":[229],"“Disaster":[230],"Issues”,":[231],"“Cost":[232],"issues”,":[234,245],"Confidentiality":[237],"Trust”,":[239],"Management”,":[242],"“Unauthorized":[243],"Access":[244],"Resources”,":[248],"Metrics”,":[251],"“Administrative":[252],"Mistakes":[253],"Development”":[255],"Quality,":[259],"Liability,":[260],"Reliability”.":[262],"findings":[264],"analysis":[267],"signify":[269],"similarities":[271],"dissimilarities":[273],"recognized":[276],"cybersecurity":[277],"decades,":[281],"companies/firms,":[282],"continents,":[283],"databases,":[284],"methodologies.":[286]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":8},{"year":2024,"cited_by_count":8},{"year":2023,"cited_by_count":11},{"year":2022,"cited_by_count":3}],"updated_date":"2026-05-19T08:33:51.333923","created_date":"2025-10-10T00:00:00"}