{"id":"https://openalex.org/W2126847279","doi":"https://doi.org/10.1109/enabl.2003.1231415","title":"Software security checklist for the software life cycle","display_name":"Software security checklist for the software life cycle","publication_year":2004,"publication_date":"2004-01-23","ids":{"openalex":"https://openalex.org/W2126847279","doi":"https://doi.org/10.1109/enabl.2003.1231415","mag":"2126847279"},"language":"en","primary_location":{"id":"doi:10.1109/enabl.2003.1231415","is_oa":false,"landing_page_url":"https://doi.org/10.1109/enabl.2003.1231415","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"WET ICE 2003. Proceedings. Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003.","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5032561534","display_name":"David P. Gilliam","orcid":null},"institutions":[{"id":"https://openalex.org/I1334627681","display_name":"Jet Propulsion Laboratory","ror":"https://ror.org/027k65916","country_code":"US","type":"facility","lineage":["https://openalex.org/I122411786","https://openalex.org/I1334627681","https://openalex.org/I4210124779"]},{"id":"https://openalex.org/I122411786","display_name":"California Institute of Technology","ror":"https://ror.org/05dxps055","country_code":"US","type":"education","lineage":["https://openalex.org/I122411786"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"D.P. Gilliam","raw_affiliation_strings":["Jet Propulsion Laboratory, California Institute of Technology, USA","Jet Propulsion Lab., California Inst. of Technol., CA, USA"],"affiliations":[{"raw_affiliation_string":"Jet Propulsion Laboratory, California Institute of Technology, USA","institution_ids":["https://openalex.org/I1334627681"]},{"raw_affiliation_string":"Jet Propulsion Lab., California Inst. of Technol., CA, USA","institution_ids":["https://openalex.org/I122411786"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033702243","display_name":"T. Wolfe","orcid":null},"institutions":[{"id":"https://openalex.org/I122411786","display_name":"California Institute of Technology","ror":"https://ror.org/05dxps055","country_code":"US","type":"education","lineage":["https://openalex.org/I122411786"]},{"id":"https://openalex.org/I1334627681","display_name":"Jet Propulsion Laboratory","ror":"https://ror.org/027k65916","country_code":"US","type":"facility","lineage":["https://openalex.org/I122411786","https://openalex.org/I1334627681","https://openalex.org/I4210124779"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"T.L. Wolfe","raw_affiliation_strings":["Jet Propulsion Laboratory, California Institute of Technology, USA","Jet Propulsion Lab., California Inst. of Technol., CA, USA"],"affiliations":[{"raw_affiliation_string":"Jet Propulsion Laboratory, California Institute of Technology, USA","institution_ids":["https://openalex.org/I1334627681"]},{"raw_affiliation_string":"Jet Propulsion Lab., California Inst. of Technol., CA, USA","institution_ids":["https://openalex.org/I122411786"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5114255198","display_name":"J. S. Sherif","orcid":null},"institutions":[{"id":"https://openalex.org/I122411786","display_name":"California Institute of Technology","ror":"https://ror.org/05dxps055","country_code":"US","type":"education","lineage":["https://openalex.org/I122411786"]},{"id":"https://openalex.org/I1334627681","display_name":"Jet Propulsion Laboratory","ror":"https://ror.org/027k65916","country_code":"US","type":"facility","lineage":["https://openalex.org/I122411786","https://openalex.org/I1334627681","https://openalex.org/I4210124779"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"J.S. Sherif","raw_affiliation_strings":["Jet Propulsion Laboratory, California Institute of Technology, USA","Jet Propulsion Lab., California Inst. of Technol., CA, USA"],"affiliations":[{"raw_affiliation_string":"Jet Propulsion Laboratory, California Institute of Technology, USA","institution_ids":["https://openalex.org/I1334627681"]},{"raw_affiliation_string":"Jet Propulsion Lab., California Inst. of Technol., CA, USA","institution_ids":["https://openalex.org/I122411786"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5053448222","display_name":"Matt Bishop","orcid":null},"institutions":[{"id":"https://openalex.org/I84218800","display_name":"University of California, Davis","ror":"https://ror.org/05rrcem69","country_code":"US","type":"education","lineage":["https://openalex.org/I84218800"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"M. Bishop","raw_affiliation_strings":["University of California, Davis","University of California at Davis"],"affiliations":[{"raw_affiliation_string":"University of California, Davis","institution_ids":["https://openalex.org/I84218800"]},{"raw_affiliation_string":"University of California at Davis","institution_ids":["https://openalex.org/I84218800"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5032561534"],"corresponding_institution_ids":["https://openalex.org/I122411786","https://openalex.org/I1334627681"],"apc_list":null,"apc_paid":null,"fwci":5.3472,"has_fulltext":false,"cited_by_count":66,"citation_normalized_percentile":{"value":0.95465612,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"q4","issue":null,"first_page":"243","last_page":"248"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9936000108718872,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9936000108718872,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9775999784469604,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.96670001745224,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.7412571907043457},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.570898175239563},{"id":"https://openalex.org/keywords/software-development-process","display_name":"Software development process","score":0.5597702264785767},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.5545465350151062},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.535020112991333},{"id":"https://openalex.org/keywords/systems-development-life-cycle","display_name":"Systems development life cycle","score":0.524319052696228},{"id":"https://openalex.org/keywords/software-construction","display_name":"Software construction","score":0.5206589102745056},{"id":"https://openalex.org/keywords/verification-and-validation","display_name":"Verification and validation","score":0.47720465064048767},{"id":"https://openalex.org/keywords/checklist","display_name":"Checklist","score":0.4527277946472168},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3065534234046936},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.30089181661605835},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.2563573718070984},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.18255272507667542},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.15807011723518372},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.10236251354217529},{"id":"https://openalex.org/keywords/operations-management","display_name":"Operations management","score":0.0582905113697052}],"concepts":[{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.7412571907043457},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.570898175239563},{"id":"https://openalex.org/C180152950","wikidata":"https://www.wikidata.org/wiki/Q2904257","display_name":"Software development process","level":4,"score":0.5597702264785767},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.5545465350151062},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.535020112991333},{"id":"https://openalex.org/C120617098","wikidata":"https://www.wikidata.org/wiki/Q559486","display_name":"Systems development life cycle","level":5,"score":0.524319052696228},{"id":"https://openalex.org/C186846655","wikidata":"https://www.wikidata.org/wiki/Q3398377","display_name":"Software construction","level":4,"score":0.5206589102745056},{"id":"https://openalex.org/C48002344","wikidata":"https://www.wikidata.org/wiki/Q2919644","display_name":"Verification and validation","level":2,"score":0.47720465064048767},{"id":"https://openalex.org/C2779356329","wikidata":"https://www.wikidata.org/wiki/Q922625","display_name":"Checklist","level":2,"score":0.4527277946472168},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3065534234046936},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.30089181661605835},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.2563573718070984},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.18255272507667542},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.15807011723518372},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.10236251354217529},{"id":"https://openalex.org/C21547014","wikidata":"https://www.wikidata.org/wiki/Q1423657","display_name":"Operations management","level":1,"score":0.0582905113697052},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C180747234","wikidata":"https://www.wikidata.org/wiki/Q23373","display_name":"Cognitive psychology","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/enabl.2003.1231415","is_oa":false,"landing_page_url":"https://doi.org/10.1109/enabl.2003.1231415","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"WET ICE 2003. Proceedings. Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003.","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.135.1389","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.135.1389","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://nob.cs.ucdavis.edu/~bishop/papers/2003-wetice/checklist.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.201.5617","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.201.5617","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://nob.cs.ucdavis.edu/~bishop/papers/2003-checklist/2003-checklist.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6100000143051147,"display_name":"Responsible consumption and production","id":"https://metadata.un.org/sdg/12"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320332375","display_name":"Jet Propulsion Laboratory","ror":"https://ror.org/027k65916"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":13,"referenced_works":["https://openalex.org/W171601550","https://openalex.org/W1480385994","https://openalex.org/W1531064568","https://openalex.org/W1535267902","https://openalex.org/W1559155956","https://openalex.org/W1848595280","https://openalex.org/W2031279105","https://openalex.org/W2125664852","https://openalex.org/W2139419048","https://openalex.org/W6628879857","https://openalex.org/W6631877940","https://openalex.org/W6633401185","https://openalex.org/W6638623310"],"related_works":["https://openalex.org/W3105511281","https://openalex.org/W3118244000","https://openalex.org/W2016656063","https://openalex.org/W2984668418","https://openalex.org/W2114329470","https://openalex.org/W1510328675","https://openalex.org/W2953772132","https://openalex.org/W3215010129","https://openalex.org/W2057348437","https://openalex.org/W3091675045"],"abstract_inverted_index":{"A":[0],"formal":[1,55],"approach":[2,56],"to":[3,12,22,38,46],"security":[4,30,49,65],"in":[5,57],"the":[6,58,89,102,111,116],"software":[7,26,29,59,64,133],"life":[8,60,75,112],"cycle":[9,40,76],"is":[10],"essential":[11],"protect":[13],"corporate":[14],"resources.":[15],"However,":[16],"little":[17],"thought":[18],"has":[19,31],"been":[20,32],"given":[21],"this":[23,74],"aspect":[24],"of":[25,41,85,91,104,119,132],"development.":[27],"Traditionally,":[28],"treated":[33],"as":[34,53],"an":[35],"afterthought":[36],"leading":[37],"a":[39,54,63,92,105],"'penetrate":[42],"and":[43,67,122,125,128,130,134],"patch.'":[44],"Due":[45],"its":[47],"criticality,":[48],"should":[50,70],"be":[51,71],"integrated":[52],"cycle.":[61,113],"Both":[62],"checklist":[66],"assessment":[68],"tools":[69],"incorporated":[72],"into":[73],"process.":[77],"The":[78],"current":[79],"research":[80],"at":[81],"JPL":[82],"addresses":[83],"both":[84],"these":[86],"areas":[87,118],"through":[88],"development":[90,103],"Software":[93,106],"Security":[94,107],"Assessment":[95],"Instrument":[96],"(SSAI).":[97],"This":[98],"paper":[99],"focuses":[100],"on":[101],"Checklist":[108],"(SSC)":[109],"for":[110],"It":[114],"includes":[115],"critical":[117],"requirements":[120],"gathering":[121],"specification,":[123],"design":[124],"code":[126],"issues,":[127],"maintenance":[129],"decommissioning":[131],"systems.":[135]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":3},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":3},{"year":2016,"cited_by_count":2},{"year":2015,"cited_by_count":1},{"year":2014,"cited_by_count":4},{"year":2013,"cited_by_count":5},{"year":2012,"cited_by_count":2}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}