{"id":"https://openalex.org/W2135301854","doi":"https://doi.org/10.1109/msecp.2004.1281240","title":"Susceptibility matrix: a new aid to software auditing","display_name":"Susceptibility matrix: a new aid to software auditing","publication_year":2004,"publication_date":"2004-03-01","ids":{"openalex":"https://openalex.org/W2135301854","doi":"https://doi.org/10.1109/msecp.2004.1281240","mag":"2135301854"},"language":"en","primary_location":{"id":"doi:10.1109/msecp.2004.1281240","is_oa":false,"landing_page_url":"https://doi.org/10.1109/msecp.2004.1281240","pdf_url":null,"source":{"id":"https://openalex.org/S61906035","display_name":"IEEE Security & Privacy","issn_l":"1540-7993","issn":["1540-7993","1558-4046"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Security &amp; Privacy Magazine","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5012069802","display_name":"K. Jiwnani","orcid":null},"institutions":[{"id":"https://openalex.org/I66946132","display_name":"University of Maryland, College Park","ror":"https://ror.org/047s2c258","country_code":"US","type":"education","lineage":["https://openalex.org/I66946132"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"K. Jiwnani","raw_affiliation_strings":["University of Maryland, USA","Maryland Univ., College Park, MD, USA#TAB#"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Maryland, USA","institution_ids":["https://openalex.org/I66946132"]},{"raw_affiliation_string":"Maryland Univ., College Park, MD, USA#TAB#","institution_ids":["https://openalex.org/I66946132"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5111493253","display_name":"Marvin V. Zelkowitz","orcid":null},"institutions":[{"id":"https://openalex.org/I66946132","display_name":"University of Maryland, College Park","ror":"https://ror.org/047s2c258","country_code":"US","type":"education","lineage":["https://openalex.org/I66946132"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"M. Zelkowitz","raw_affiliation_strings":["University of Maryland, USA","Maryland Univ., College Park, MD, USA#TAB#"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Maryland, USA","institution_ids":["https://openalex.org/I66946132"]},{"raw_affiliation_string":"Maryland Univ., College Park, MD, USA#TAB#","institution_ids":["https://openalex.org/I66946132"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5012069802"],"corresponding_institution_ids":["https://openalex.org/I66946132"],"apc_list":null,"apc_paid":null,"fwci":0.5734,"has_fulltext":false,"cited_by_count":19,"citation_normalized_percentile":{"value":0.68859145,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":"2","issue":"2","first_page":"16","last_page":"21"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/audit","display_name":"Audit","score":0.6342520117759705},{"id":"https://openalex.org/keywords/security-bug","display_name":"Security bug","score":0.5827333927154541},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5760382413864136},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5569825172424316},{"id":"https://openalex.org/keywords/taxonomy","display_name":"Taxonomy (biology)","score":0.5503763556480408},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.48789331316947937},{"id":"https://openalex.org/keywords/information-security-audit","display_name":"Information security audit","score":0.4736165702342987},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.45635986328125},{"id":"https://openalex.org/keywords/test","display_name":"Test (biology)","score":0.44514015316963196},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.44231724739074707},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.4416579604148865},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.2741067409515381},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.21511536836624146},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.149023175239563},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.1435283124446869},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.1313418745994568},{"id":"https://openalex.org/keywords/accounting","display_name":"Accounting","score":0.12994250655174255},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.09128567576408386},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.0726327896118164},{"id":"https://openalex.org/keywords/biology","display_name":"Biology","score":0.06578752398490906},{"id":"https://openalex.org/keywords/ecology","display_name":"Ecology","score":0.05885636806488037}],"concepts":[{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.6342520117759705},{"id":"https://openalex.org/C131275738","wikidata":"https://www.wikidata.org/wiki/Q7445023","display_name":"Security bug","level":5,"score":0.5827333927154541},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5760382413864136},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5569825172424316},{"id":"https://openalex.org/C58642233","wikidata":"https://www.wikidata.org/wiki/Q8269924","display_name":"Taxonomy (biology)","level":2,"score":0.5503763556480408},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.48789331316947937},{"id":"https://openalex.org/C39358052","wikidata":"https://www.wikidata.org/wiki/Q2578632","display_name":"Information security audit","level":5,"score":0.4736165702342987},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.45635986328125},{"id":"https://openalex.org/C2777267654","wikidata":"https://www.wikidata.org/wiki/Q3519023","display_name":"Test (biology)","level":2,"score":0.44514015316963196},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.44231724739074707},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.4416579604148865},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.2741067409515381},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.21511536836624146},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.149023175239563},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.1435283124446869},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.1313418745994568},{"id":"https://openalex.org/C121955636","wikidata":"https://www.wikidata.org/wiki/Q4116214","display_name":"Accounting","level":1,"score":0.12994250655174255},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.09128567576408386},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0726327896118164},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.06578752398490906},{"id":"https://openalex.org/C18903297","wikidata":"https://www.wikidata.org/wiki/Q7150","display_name":"Ecology","level":1,"score":0.05885636806488037},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/msecp.2004.1281240","is_oa":false,"landing_page_url":"https://doi.org/10.1109/msecp.2004.1281240","pdf_url":null,"source":{"id":"https://openalex.org/S61906035","display_name":"IEEE Security & Privacy","issn_l":"1540-7993","issn":["1540-7993","1558-4046"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Security &amp; Privacy Magazine","raw_type":"journal-article"},{"id":"pmh:oai:fraunhofer.de:N-68017","is_oa":false,"landing_page_url":"http://publica.fraunhofer.de/documents/N-68017.html","pdf_url":null,"source":{"id":"https://openalex.org/S4306400801","display_name":"Publikationsdatenbank der Fraunhofer-Gesellschaft (Fraunhofer-Gesellschaft)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4923324","host_organization_name":"Fraunhofer-Gesellschaft","host_organization_lineage":["https://openalex.org/I4923324"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Fraunhofer IESE","raw_type":"Journal Article"},{"id":"pmh:oai:publica.fraunhofer.de:publica/207427","is_oa":false,"landing_page_url":"https://publica.fraunhofer.de/handle/publica/207427","pdf_url":null,"source":{"id":"https://openalex.org/S4306400318","display_name":"Fraunhofer-Publica (Fraunhofer-Gesellschaft)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4923324","host_organization_name":"Fraunhofer-Gesellschaft","host_organization_lineage":["https://openalex.org/I4923324"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"journal article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":9,"referenced_works":["https://openalex.org/W120838261","https://openalex.org/W126572551","https://openalex.org/W171601550","https://openalex.org/W1503609498","https://openalex.org/W1531064568","https://openalex.org/W2063058836","https://openalex.org/W2109540106","https://openalex.org/W2142141201","https://openalex.org/W2155353733"],"related_works":["https://openalex.org/W2155353733","https://openalex.org/W2062583373","https://openalex.org/W1566131087","https://openalex.org/W2126513753","https://openalex.org/W2018644264","https://openalex.org/W4240401768","https://openalex.org/W2910962125","https://openalex.org/W4313307479","https://openalex.org/W658105165","https://openalex.org/W2796056969"],"abstract_inverted_index":{"Testing":[0],"for":[1],"security":[2,20],"is":[3,22],"lengthy,":[4],"complex,":[5],"and":[6],"costly,":[7],"so":[8],"focusing":[9],"test":[10],"efforts":[11],"in":[12,39],"areas":[13],"that":[14,30],"have":[15],"the":[16,35],"greatest":[17],"number":[18],"of":[19,37],"vulnerabilities":[21,38],"essential.":[23],"This":[24],"article":[25],"describes":[26],"a":[27,40],"taxonomy-based":[28],"approach":[29],"gives":[31],"an":[32],"insight":[33],"into":[34],"distribution":[36],"system.":[41]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":2},{"year":2015,"cited_by_count":2},{"year":2014,"cited_by_count":1},{"year":2013,"cited_by_count":3},{"year":2012,"cited_by_count":1}],"updated_date":"2026-05-03T08:25:01.440150","created_date":"2025-10-10T00:00:00"}