{"id":"https://openalex.org/W2155353733","doi":"https://doi.org/10.1109/icsm.2002.1167766","title":"Maintaining software with a security perspective","display_name":"Maintaining software with a security perspective","publication_year":2002,"publication_date":"2002-01-01","ids":{"openalex":"https://openalex.org/W2155353733","doi":"https://doi.org/10.1109/icsm.2002.1167766","mag":"2155353733"},"language":"en","primary_location":{"id":"doi:10.1109/icsm.2002.1167766","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icsm.2002.1167766","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Conference on Software Maintenance, 2002. Proceedings.","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5012069802","display_name":"K. Jiwnani","orcid":null},"institutions":[{"id":"https://openalex.org/I66946132","display_name":"University of Maryland, College Park","ror":"https://ror.org/047s2c258","country_code":"US","type":"education","lineage":["https://openalex.org/I66946132"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"K. Jiwnani","raw_affiliation_strings":["Dept. of Comput. Sci., Maryland Univ., College Park, MD, USA","Department of Computer Science, University of Maryland, College Park, MD, USA"],"affiliations":[{"raw_affiliation_string":"Dept. of Comput. Sci., Maryland Univ., College Park, MD, USA","institution_ids":["https://openalex.org/I66946132"]},{"raw_affiliation_string":"Department of Computer Science, University of Maryland, College Park, MD, USA","institution_ids":["https://openalex.org/I66946132"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5111493253","display_name":"Marvin V. Zelkowitz","orcid":null},"institutions":[{"id":"https://openalex.org/I4210162509","display_name":"Fraunhofer USA Center Mid-Atlantic CMA","ror":"https://ror.org/05sz9gw20","country_code":"US","type":"facility","lineage":["https://openalex.org/I4210161623","https://openalex.org/I4210162509","https://openalex.org/I4923324"]},{"id":"https://openalex.org/I66946132","display_name":"University of Maryland, College Park","ror":"https://ror.org/047s2c258","country_code":"US","type":"education","lineage":["https://openalex.org/I66946132"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"M. Zelkowitz","raw_affiliation_strings":["Dept. of Comput. Sci., Maryland Univ., College Park, MD, USA","Department of Computer Science, University of Maryland and Fraunhofer Center of Experimental Software Engineering, College Park, MD, USA"],"affiliations":[{"raw_affiliation_string":"Dept. of Comput. Sci., Maryland Univ., College Park, MD, USA","institution_ids":["https://openalex.org/I66946132"]},{"raw_affiliation_string":"Department of Computer Science, University of Maryland and Fraunhofer Center of Experimental Software Engineering, College Park, MD, USA","institution_ids":["https://openalex.org/I66946132","https://openalex.org/I4210162509"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5012069802"],"corresponding_institution_ids":["https://openalex.org/I66946132"],"apc_list":null,"apc_paid":null,"fwci":2.2281,"has_fulltext":false,"cited_by_count":36,"citation_normalized_percentile":{"value":0.87254902,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"194","last_page":"203"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.8563530445098877},{"id":"https://openalex.org/keywords/security-bug","display_name":"Security bug","score":0.8439162969589233},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.7964246869087219},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7582879662513733},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.7430416345596313},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6040031909942627},{"id":"https://openalex.org/keywords/computer-security-model","display_name":"Computer security model","score":0.48315542936325073},{"id":"https://openalex.org/keywords/security-through-obscurity","display_name":"Security through obscurity","score":0.44695860147476196},{"id":"https://openalex.org/keywords/application-security","display_name":"Application security","score":0.4325907230377197},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.4203242063522339},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.38645613193511963},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.30219340324401855},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.26226314902305603},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.09039139747619629}],"concepts":[{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.8563530445098877},{"id":"https://openalex.org/C131275738","wikidata":"https://www.wikidata.org/wiki/Q7445023","display_name":"Security bug","level":5,"score":0.8439162969589233},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.7964246869087219},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7582879662513733},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.7430416345596313},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6040031909942627},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.48315542936325073},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.44695860147476196},{"id":"https://openalex.org/C77109596","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Application security","level":5,"score":0.4325907230377197},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.4203242063522339},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.38645613193511963},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.30219340324401855},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.26226314902305603},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.09039139747619629},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/icsm.2002.1167766","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icsm.2002.1167766","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Conference on Software Maintenance, 2002. Proceedings.","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.12.5361","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.12.5361","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.umd.edu/users/mvz/pub/icsm02.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.44999998807907104,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":25,"referenced_works":["https://openalex.org/W120838261","https://openalex.org/W126572551","https://openalex.org/W127224647","https://openalex.org/W162098268","https://openalex.org/W167697677","https://openalex.org/W1503609498","https://openalex.org/W1531208765","https://openalex.org/W1569995930","https://openalex.org/W1910771831","https://openalex.org/W1993508696","https://openalex.org/W2036757496","https://openalex.org/W2042439382","https://openalex.org/W2075982735","https://openalex.org/W2109540106","https://openalex.org/W2121077396","https://openalex.org/W2157657084","https://openalex.org/W2360499384","https://openalex.org/W4285719527","https://openalex.org/W6604980244","https://openalex.org/W6605158522","https://openalex.org/W6606581011","https://openalex.org/W6630212538","https://openalex.org/W6631687817","https://openalex.org/W6634340961","https://openalex.org/W6639699737"],"related_works":["https://openalex.org/W2155353733","https://openalex.org/W125279808","https://openalex.org/W4240401768","https://openalex.org/W2146455667","https://openalex.org/W896362041","https://openalex.org/W2018644264","https://openalex.org/W3015499098","https://openalex.org/W3189065608","https://openalex.org/W2796056969","https://openalex.org/W2135191468"],"abstract_inverted_index":{"Testing":[0],"for":[1,122],"software":[2,56,156],"security":[3,12,23,51,97,123],"is":[4,14,37,115],"a":[5,47,67,72,86,130,152],"lengthy,":[6],"complex":[7],"and":[8,19,30,62,79,89,99,125,149],"costly":[9],"process.":[10],"Currently,":[11],"testing":[13,41,68,88,102],"done":[15],"using":[16,129],"penetration":[17],"analysis":[18,138],"formal":[20],"verification":[21],"of":[22,50,74,96,132,155],"kernels.":[24],"These":[25],"methods":[26],"are":[27,31],"not":[28],"complete":[29],"difficult":[32],"to":[33,39,53,76,92,105,142],"use.":[34],"Hence":[35],"it":[36,128],"essential":[38],"focus":[40],"effort":[42,103],"in":[43,145],"areas":[44,148],"that":[45],"have":[46,110],"greater":[48],"number":[49,154],"vulnerabilities":[52,75,98,109,140],"develop":[54,77],"secure":[55,78],"as":[57,59],"well":[58],"meet":[60],"budget":[61],"time":[63],"constraints.":[64],"We":[65],"propose":[66],"strategy":[69],"based":[70,116],"on":[71,111,117],"classification":[73,120],"stable":[80],"systems.":[81],"This":[82,114,137],"taxonomy":[83],"will":[84],"enable":[85],"system":[87,135],"maintenance":[90],"group":[91],"understand":[93],"the":[94,106,108,112],"distribution":[95],"prioritize":[100],"their":[101],"according":[104],"impact":[107],"system.":[113],"Landwehr's":[118],"(1994)":[119],"scheme":[121],"flaws":[124],"we":[126],"evaluated":[127],"database":[131],"1360":[133],"operating":[134],"vulnerabilities.":[136],"indicates":[139],"tend":[141],"be":[143],"focused":[144],"relatively":[146],"few":[147],"associated":[150],"with":[151],"small":[153],"engineering":[157],"issues.":[158]},"counts_by_year":[{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":3},{"year":2013,"cited_by_count":3},{"year":2012,"cited_by_count":1}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}