{"id":"https://openalex.org/W4388937107","doi":"https://doi.org/10.1109/icccnt56998.2023.10306987","title":"Specifying Non-Functional Requirements improves Software Vulnerability","display_name":"Specifying Non-Functional Requirements improves Software Vulnerability","publication_year":2023,"publication_date":"2023-07-06","ids":{"openalex":"https://openalex.org/W4388937107","doi":"https://doi.org/10.1109/icccnt56998.2023.10306987"},"language":"en","primary_location":{"id":"doi:10.1109/icccnt56998.2023.10306987","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/icccnt56998.2023.10306987","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101599839","display_name":"Harsimran Kaur","orcid":"https://orcid.org/0000-0003-3101-6243"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Harsimran Kaur","raw_affiliation_strings":["AgBe Technologies Gurgaon"],"affiliations":[{"raw_affiliation_string":"AgBe Technologies Gurgaon","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5026322548","display_name":"Manju Aggarwal","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Manju Aggarwal","raw_affiliation_strings":["AgBe Technologies Gurgaon"],"affiliations":[{"raw_affiliation_string":"AgBe Technologies Gurgaon","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5101599839"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.26872129,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"3"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10430","display_name":"Software Engineering Techniques and Practices","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10430","display_name":"Software Engineering Techniques and Practices","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10639","display_name":"Advanced Software Engineering Methodologies","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7037572860717773},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.5742247700691223},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.5309927463531494},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.5268971920013428},{"id":"https://openalex.org/keywords/functional-requirement","display_name":"Functional requirement","score":0.4652370512485504},{"id":"https://openalex.org/keywords/security-engineering","display_name":"Security engineering","score":0.4582805037498474},{"id":"https://openalex.org/keywords/non-functional-requirement","display_name":"Non-functional requirement","score":0.4413908123970032},{"id":"https://openalex.org/keywords/agile-software-development","display_name":"Agile software development","score":0.4394938349723816},{"id":"https://openalex.org/keywords/reliability-engineering","display_name":"Reliability engineering","score":0.4238855838775635},{"id":"https://openalex.org/keywords/software-requirements","display_name":"Software requirements","score":0.414331316947937},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.39625364542007446},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.3915422558784485},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.3765331208705902},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.3380289077758789},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2988051772117615},{"id":"https://openalex.org/keywords/software-design","display_name":"Software design","score":0.28006401658058167},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.279697060585022},{"id":"https://openalex.org/keywords/software-construction","display_name":"Software construction","score":0.276572585105896},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.18241429328918457},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.17382138967514038},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.17197605967521667},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.13710027933120728},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.09684523940086365},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.07843777537345886}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7037572860717773},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.5742247700691223},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.5309927463531494},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.5268971920013428},{"id":"https://openalex.org/C62235348","wikidata":"https://www.wikidata.org/wiki/Q3264234","display_name":"Functional requirement","level":2,"score":0.4652370512485504},{"id":"https://openalex.org/C13159133","wikidata":"https://www.wikidata.org/wiki/Q365674","display_name":"Security engineering","level":5,"score":0.4582805037498474},{"id":"https://openalex.org/C199747065","wikidata":"https://www.wikidata.org/wiki/Q3254666","display_name":"Non-functional requirement","level":5,"score":0.4413908123970032},{"id":"https://openalex.org/C14185376","wikidata":"https://www.wikidata.org/wiki/Q30232","display_name":"Agile software development","level":2,"score":0.4394938349723816},{"id":"https://openalex.org/C200601418","wikidata":"https://www.wikidata.org/wiki/Q2193887","display_name":"Reliability engineering","level":1,"score":0.4238855838775635},{"id":"https://openalex.org/C54534927","wikidata":"https://www.wikidata.org/wiki/Q4462275","display_name":"Software requirements","level":5,"score":0.414331316947937},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.39625364542007446},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.3915422558784485},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3765331208705902},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.3380289077758789},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2988051772117615},{"id":"https://openalex.org/C52913732","wikidata":"https://www.wikidata.org/wiki/Q857102","display_name":"Software design","level":4,"score":0.28006401658058167},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.279697060585022},{"id":"https://openalex.org/C186846655","wikidata":"https://www.wikidata.org/wiki/Q3398377","display_name":"Software construction","level":4,"score":0.276572585105896},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.18241429328918457},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.17382138967514038},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.17197605967521667},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.13710027933120728},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.09684523940086365},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.07843777537345886},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icccnt56998.2023.10306987","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/icccnt56998.2023.10306987","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":5,"referenced_works":["https://openalex.org/W1890983348","https://openalex.org/W1943970824","https://openalex.org/W2612374120","https://openalex.org/W2736091725","https://openalex.org/W2976482932"],"related_works":["https://openalex.org/W2013238834","https://openalex.org/W1811024770","https://openalex.org/W110733897","https://openalex.org/W4230385779","https://openalex.org/W658105165","https://openalex.org/W2080885463","https://openalex.org/W4224303169","https://openalex.org/W1550223151","https://openalex.org/W3153864189","https://openalex.org/W4200131578"],"abstract_inverted_index":{"Non-Functional":[0],"Requirements":[1],"(NFRs)":[2],"focus":[3,44],"on":[4,66],"how":[5,92],"the":[6,12,25,29,93,123,130],"software":[7,18,30],"system":[8],"works":[9],"and":[10,64,77,97,113],"addresses":[11],"vital":[13],"issues":[14,73,134],"of":[15,28,95,132,139],"quality":[16],"for":[17],"system.":[19,31],"NFRs":[20,40,68,84,110],"are":[21,85],"must":[22],"to":[23,38,47,122],"construct":[24],"security":[26,76,96],"policies":[27],"Agile":[32],"Software":[33],"Methodology":[34],"(ASD)":[35],"methods":[36],"tend":[37],"neglect":[39],"as":[41],"its":[42],"main":[43],"is":[45,59,127],"mainly":[46],"deliver":[48],"functional":[49,117],"requirements.":[50],"It":[51],"has":[52],"been":[53],"considered":[54],"during":[55,75,87,111,136],"ASD":[56],"that":[57],"there":[58],"an":[60],"increase":[61],"in":[62],"budget":[63],"effort":[65],"detailing":[67],"at":[69],"architecture":[70],"level.":[71],"But":[72],"raised":[74],"penetration":[78,98],"testing":[79,99],"sometimes":[80],"cost":[81],"more":[82],"if":[83],"ignored":[86],"development.":[88],"This":[89],"paper":[90],"discusses":[91],"need":[94],"(for":[100],"identifying":[101],"Vulnerability":[102],"issues)":[103],"can":[104],"be":[105],"neutralized":[106],"by":[107],"specifying":[108,114],"critical":[109],"analysis":[112],"along":[115],"with":[116,129],"requirements":[118],"while":[119],"assigning":[120],"stories":[121],"developers.":[124],"The":[125],"approach":[126],"explained":[128],"help":[131],"vulnerability":[133],"identified":[135],"Penetration":[137],"Test":[138],"real":[140],"time":[141],"health":[142],"application.":[143]},"counts_by_year":[],"updated_date":"2025-12-23T23:11:35.936235","created_date":"2025-10-10T00:00:00"}