{"id":"https://openalex.org/W2141927586","doi":"https://doi.org/10.1145/1137627.1137630","title":"Towards a structured unified process for software security","display_name":"Towards a structured unified process for software security","publication_year":2006,"publication_date":"2006-05-20","ids":{"openalex":"https://openalex.org/W2141927586","doi":"https://doi.org/10.1145/1137627.1137630","mag":"2141927586"},"language":"en","primary_location":{"id":"doi:10.1145/1137627.1137630","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1137627.1137630","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2006 international workshop on Software engineering for secure systems","raw_type":"proceedings-article"},"type":"conference-paper","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5088702404","display_name":"Shanai Ardi","orcid":null},"institutions":[{"id":"https://openalex.org/I102134673","display_name":"Link\u00f6ping University","ror":"https://ror.org/05ynxx418","country_code":"SE","type":"education","lineage":["https://openalex.org/I102134673"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Shanai Ardi","raw_affiliation_strings":["Link\u00f6pings Universitet, Link\u00f6ping, Sweden"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Link\u00f6pings Universitet, Link\u00f6ping, Sweden","institution_ids":["https://openalex.org/I102134673"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029022720","display_name":"David Byers","orcid":null},"institutions":[{"id":"https://openalex.org/I102134673","display_name":"Link\u00f6ping University","ror":"https://ror.org/05ynxx418","country_code":"SE","type":"education","lineage":["https://openalex.org/I102134673"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"David Byers","raw_affiliation_strings":["Link\u00f6pings Universitet, Link\u00f6ping, Sweden"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Link\u00f6pings Universitet, Link\u00f6ping, Sweden","institution_ids":["https://openalex.org/I102134673"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5048152442","display_name":"Nahid Shahmehri","orcid":"https://orcid.org/0000-0002-0920-2157"},"institutions":[{"id":"https://openalex.org/I102134673","display_name":"Link\u00f6ping University","ror":"https://ror.org/05ynxx418","country_code":"SE","type":"education","lineage":["https://openalex.org/I102134673"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Nahid Shahmehri","raw_affiliation_strings":["Link\u00f6pings Universitet, Link\u00f6ping, Sweden"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Link\u00f6pings Universitet, Link\u00f6ping, Sweden","institution_ids":["https://openalex.org/I102134673"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I102134673"],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":46,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"3","last_page":"10"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10430","display_name":"Software Engineering Techniques and Practices","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7364422082901001},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5464609265327454},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.4619062542915344},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.435866117477417},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.28707873821258545},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.20361456274986267},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.18884176015853882},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.07930967211723328}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7364422082901001},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5464609265327454},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.4619062542915344},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.435866117477417},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.28707873821258545},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.20361456274986267},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.18884176015853882},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.07930967211723328}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/1137627.1137630","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1137627.1137630","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2006 international workshop on Software engineering for secure systems","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":20,"referenced_works":["https://openalex.org/W1480385994","https://openalex.org/W1485658078","https://openalex.org/W1493688518","https://openalex.org/W1543344803","https://openalex.org/W1546502429","https://openalex.org/W1566733061","https://openalex.org/W1604658196","https://openalex.org/W1955533808","https://openalex.org/W1978353289","https://openalex.org/W1988915836","https://openalex.org/W1989449504","https://openalex.org/W2090826457","https://openalex.org/W2109540106","https://openalex.org/W2113848838","https://openalex.org/W2294407885","https://openalex.org/W6628879857","https://openalex.org/W6629026940","https://openalex.org/W6629538277","https://openalex.org/W6632439937","https://openalex.org/W6633964848"],"related_works":["https://openalex.org/W2012842278","https://openalex.org/W2338700700","https://openalex.org/W2104185553","https://openalex.org/W1564589480","https://openalex.org/W2114329470","https://openalex.org/W2975191072","https://openalex.org/W4206807899","https://openalex.org/W2056387670","https://openalex.org/W1999784982","https://openalex.org/W3142482686"],"abstract_inverted_index":{"Security":[0],"is":[1,9],"often":[2,10],"an":[3],"afterthought":[4],"when":[5],"developing":[6],"software,":[7],"and":[8,31,50,65,78,107],"bolted":[11],"on":[12,74],"late":[13],"in":[14,43],"development":[15,127],"or":[16,20],"even":[17],"during":[18],"deployment":[19],"maintenance,":[21],"through":[22],"activities":[23,53,81],"such":[24],"as":[25],"penetration":[26],"testing,":[27],"add-on":[28],"security":[29,38,52,108,115],"software":[30,46,60,126,135],"penetrate-and":[32],"patch":[33],"maintenance.":[34],"We":[35,117],"believe":[36],"that":[37,51,133],"needs":[39],"to":[40,44,55,83,124,131],"be":[41,122],"built":[42],"the":[45,48,59,93],"from":[47],"beginning,":[49],"need":[54],"take":[56],"place":[57],"throughout":[58],"lifecycle.":[61],"Accomplishing":[62],"this":[63,86],"effectively":[64],"efficiently":[66],"requires":[67],"structured":[68],"approach":[69,94],"combining":[70],"a":[71],"detailed":[72],"understanding":[73],"what":[75],"causes":[76],"vulnerabilities,":[77],"how":[79,119],"specific":[80],"combine":[82],"prevent":[84],"them.In":[85],"paper":[87],"we":[88,95],"introduce":[89],"key":[90],"elements":[91],"of":[92],"are":[96],"taking:":[97],"vulnerability":[98,105],"cause":[99],"graphs,":[100,110],"which":[101,111],"encode":[102,112],"information":[103,113],"about":[104,114],"causes,":[106],"activity":[109],"activities.":[116],"discuss":[118],"these":[120],"can":[121],"applied":[123],"design":[125],"processes":[128],"(or":[129],"changes":[130],"processes)":[132],"eliminate":[134],"vulnerabilities.":[136]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":4},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":2},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":1},{"year":2014,"cited_by_count":3},{"year":2013,"cited_by_count":1},{"year":2012,"cited_by_count":2}],"updated_date":"2026-07-14T23:27:15.235271","created_date":"2025-10-10T00:00:00"}
