{"id":"https://openalex.org/W1979810153","doi":"https://doi.org/10.1145/1370905.1370913","title":"Security metrics for source code structures","display_name":"Security metrics for source code structures","publication_year":2008,"publication_date":"2008-05-15","ids":{"openalex":"https://openalex.org/W1979810153","doi":"https://doi.org/10.1145/1370905.1370913","mag":"1979810153"},"language":"en","primary_location":{"id":"doi:10.1145/1370905.1370913","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1370905.1370913","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the fourth international workshop on Software engineering for secure systems","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5008471601","display_name":"Istehad Chowdhury","orcid":null},"institutions":[{"id":"https://openalex.org/I204722609","display_name":"Queen's University","ror":"https://ror.org/02y72wh86","country_code":"CA","type":"education","lineage":["https://openalex.org/I204722609"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Istehad Chowdhury","raw_affiliation_strings":["Queen's University, Kingston, Ontario, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Queen's University, Kingston, Ontario, Canada","institution_ids":["https://openalex.org/I204722609"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5067762508","display_name":"Brian Chan","orcid":"https://orcid.org/0000-0002-0213-4737"},"institutions":[{"id":"https://openalex.org/I204722609","display_name":"Queen's University","ror":"https://ror.org/02y72wh86","country_code":"CA","type":"education","lineage":["https://openalex.org/I204722609"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Brian Chan","raw_affiliation_strings":["Queen's University, Kingston, Ontario, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Queen's University, Kingston, Ontario, Canada","institution_ids":["https://openalex.org/I204722609"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5108530929","display_name":"Mohammad Zulkernine","orcid":null},"institutions":[{"id":"https://openalex.org/I204722609","display_name":"Queen's University","ror":"https://ror.org/02y72wh86","country_code":"CA","type":"education","lineage":["https://openalex.org/I204722609"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Mohammad Zulkernine","raw_affiliation_strings":["Queen's University, Kingston, Ontario, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Queen's University, Kingston, Ontario, Canada","institution_ids":["https://openalex.org/I204722609"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":16.6384,"has_fulltext":false,"cited_by_count":77,"citation_normalized_percentile":{"value":0.98809816,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"57","last_page":"64"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10430","display_name":"Software Engineering Techniques and Practices","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7743649482727051},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.7259361743927002},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.6187390089035034},{"id":"https://openalex.org/keywords/software-metric","display_name":"Software metric","score":0.5446299314498901},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4789086580276489},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.4587050676345825},{"id":"https://openalex.org/keywords/kpi-driven-code-analysis","display_name":"KPI-driven code analysis","score":0.44065895676612854},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.38025787472724915},{"id":"https://openalex.org/keywords/static-program-analysis","display_name":"Static program analysis","score":0.37984511256217957},{"id":"https://openalex.org/keywords/software-quality","display_name":"Software quality","score":0.36541664600372314},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.3358877897262573},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2504165768623352},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.24915668368339539},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.20948830246925354},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.19242417812347412},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.07253074645996094}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7743649482727051},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.7259361743927002},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.6187390089035034},{"id":"https://openalex.org/C82214349","wikidata":"https://www.wikidata.org/wiki/Q657339","display_name":"Software metric","level":5,"score":0.5446299314498901},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4789086580276489},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.4587050676345825},{"id":"https://openalex.org/C121957198","wikidata":"https://www.wikidata.org/wiki/Q14365593","display_name":"KPI-driven code analysis","level":5,"score":0.44065895676612854},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.38025787472724915},{"id":"https://openalex.org/C137287247","wikidata":"https://www.wikidata.org/wiki/Q1329550","display_name":"Static program analysis","level":4,"score":0.37984511256217957},{"id":"https://openalex.org/C117447612","wikidata":"https://www.wikidata.org/wiki/Q1412670","display_name":"Software quality","level":4,"score":0.36541664600372314},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3358877897262573},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2504165768623352},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.24915668368339539},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.20948830246925354},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.19242417812347412},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.07253074645996094}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/1370905.1370913","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1370905.1370913","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the fourth international workshop on Software engineering for secure systems","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320334593","display_name":"Natural Sciences and Engineering Research Council of Canada","ror":"https://ror.org/01h531d29"},{"id":"https://openalex.org/F4320338335","display_name":"H2020 European Research Council","ror":"https://ror.org/0472cxd90"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":15,"referenced_works":["https://openalex.org/W1838112905","https://openalex.org/W1930147640","https://openalex.org/W1980851462","https://openalex.org/W2015004885","https://openalex.org/W2089400676","https://openalex.org/W2113693268","https://openalex.org/W2129586531","https://openalex.org/W2138339094","https://openalex.org/W2146949683","https://openalex.org/W2158864412","https://openalex.org/W3003288124","https://openalex.org/W3144627111","https://openalex.org/W4205192141","https://openalex.org/W4244110422","https://openalex.org/W6654219798"],"related_works":["https://openalex.org/W2206096527","https://openalex.org/W2810057064","https://openalex.org/W2533824332","https://openalex.org/W2064613179","https://openalex.org/W142712716","https://openalex.org/W2791928022","https://openalex.org/W2804189069","https://openalex.org/W4385489206","https://openalex.org/W2598702176","https://openalex.org/W2805617726"],"abstract_inverted_index":{"Software":[0],"security":[1,7,19,40,74,85],"metrics":[2,20,41,75,98],"are":[3],"measurements":[4],"to":[5,53,80,102,114],"assess":[6],"related":[8],"imperfections":[9],"(or":[10],"perfections)":[11],"introduced":[12],"during":[13],"software":[14,30,43],"development.":[15],"A":[16],"number":[17],"of":[18,28,84,86,118],"have":[21,32,108],"been":[22,34],"proposed.":[23],"However,":[24],"all":[25],"the":[26,62,82,116,119],"perspectives":[27],"a":[29,45,57,87],"system":[31],"not":[33],"provided":[35],"specific":[36],"attention.":[37],"While":[38],"most":[39],"evaluate":[42],"from":[44],"system-level":[46],"perspective,":[47],"it":[48],"can":[49,77,99],"also":[50,109],"be":[51,78,100],"useful":[52],"analyze":[54],"defects":[55],"at":[56,61],"lower":[58],"level,":[59],"i.e.,":[60],"source":[63,104],"code":[64,88,105],"level.":[65],"To":[66],"address":[67],"this":[68],"issue,":[69],"we":[70],"propose":[71],"some":[72],"code-level":[73],"which":[76],"used":[79,101],"suggest":[81],"level":[83],"segment.":[89],"We":[90,107],"provide":[91],"guidelines":[92],"about":[93],"where":[94],"and":[95],"how":[96],"these":[97],"improve":[103],"structures.":[106],"conducted":[110],"two":[111],"case":[112],"studies":[113],"demonstrate":[115],"applicability":[117],"proposed":[120],"metrics.":[121]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":5},{"year":2020,"cited_by_count":4},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":3},{"year":2017,"cited_by_count":15},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":2},{"year":2014,"cited_by_count":3},{"year":2013,"cited_by_count":3},{"year":2012,"cited_by_count":7}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}