{"id":"https://openalex.org/W1969785126","doi":"https://doi.org/10.1145/2786805.2786816","title":"Quantifying developers' adoption of security tools","display_name":"Quantifying developers' adoption of security tools","publication_year":2015,"publication_date":"2015-08-26","ids":{"openalex":"https://openalex.org/W1969785126","doi":"https://doi.org/10.1145/2786805.2786816","mag":"1969785126"},"language":"en","primary_location":{"id":"doi:10.1145/2786805.2786816","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2786805.2786816","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5075465070","display_name":"Jim Witschey","orcid":null},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Jim Witschey","raw_affiliation_strings":["North Carolina State University, USA"],"affiliations":[{"raw_affiliation_string":"North Carolina State University, USA","institution_ids":["https://openalex.org/I137902535"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5009863794","display_name":"Olga A. Zielinska","orcid":"https://orcid.org/0000-0002-3532-4166"},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Olga Zielinska","raw_affiliation_strings":["North Carolina State University, USA"],"affiliations":[{"raw_affiliation_string":"North Carolina State University, USA","institution_ids":["https://openalex.org/I137902535"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5070446143","display_name":"Allaire K. Welk","orcid":null},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Allaire Welk","raw_affiliation_strings":["North Carolina State University, USA"],"affiliations":[{"raw_affiliation_string":"North Carolina State University, USA","institution_ids":["https://openalex.org/I137902535"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052426710","display_name":"Emerson Murphy-Hill","orcid":"https://orcid.org/0000-0003-3921-9416"},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Emerson Murphy-Hill","raw_affiliation_strings":["North Carolina State University, USA"],"affiliations":[{"raw_affiliation_string":"North Carolina State University, USA","institution_ids":["https://openalex.org/I137902535"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5003413075","display_name":"Christopher B. Mayhorn","orcid":"https://orcid.org/0000-0003-2587-9042"},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Chris Mayhorn","raw_affiliation_strings":["North Carolina State University, USA"],"affiliations":[{"raw_affiliation_string":"North Carolina State University, USA","institution_ids":["https://openalex.org/I137902535"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5061605447","display_name":"Thomas Zimmermann","orcid":"https://orcid.org/0000-0003-4905-1469"},"institutions":[{"id":"https://openalex.org/I1290206253","display_name":"Microsoft (United States)","ror":"https://ror.org/00d0nc645","country_code":"US","type":"company","lineage":["https://openalex.org/I1290206253"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Thomas Zimmermann","raw_affiliation_strings":["Microsoft Research, USA"],"affiliations":[{"raw_affiliation_string":"Microsoft Research, USA","institution_ids":["https://openalex.org/I1290206253"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5075465070"],"corresponding_institution_ids":["https://openalex.org/I137902535"],"apc_list":null,"apc_paid":null,"fwci":20.5868,"has_fulltext":false,"cited_by_count":76,"citation_normalized_percentile":{"value":0.99172775,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"260","last_page":"271"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9937000274658203,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/security-through-obscurity","display_name":"Security through obscurity","score":0.5640414953231812},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5547048449516296},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5477144718170166},{"id":"https://openalex.org/keywords/security-bug","display_name":"Security bug","score":0.5416486859321594},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.5364959836006165},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.4852325916290283},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.4639456272125244},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.44687822461128235},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.44454216957092285},{"id":"https://openalex.org/keywords/computer-security-model","display_name":"Computer security model","score":0.4178900718688965},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.35879284143447876},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.3369143605232239},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.0801762044429779}],"concepts":[{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.5640414953231812},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5547048449516296},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5477144718170166},{"id":"https://openalex.org/C131275738","wikidata":"https://www.wikidata.org/wiki/Q7445023","display_name":"Security bug","level":5,"score":0.5416486859321594},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.5364959836006165},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.4852325916290283},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.4639456272125244},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.44687822461128235},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.44454216957092285},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.4178900718688965},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.35879284143447876},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3369143605232239},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0801762044429779},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/2786805.2786816","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2786805.2786816","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.725.7903","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.725.7903","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://thomas-zimmermann.com/publications/files/witschey-esecfse-2015.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.5699999928474426}],"awards":[{"id":"https://openalex.org/G7705816992","display_name":null,"funder_award_id":"1318323","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320311089","display_name":"National Security Agency","ror":"https://ror.org/0047bvr32"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":44,"referenced_works":["https://openalex.org/W92486268","https://openalex.org/W184123393","https://openalex.org/W1518016665","https://openalex.org/W1567323348","https://openalex.org/W1571167924","https://openalex.org/W1791587663","https://openalex.org/W1979370357","https://openalex.org/W1985408088","https://openalex.org/W1986453394","https://openalex.org/W1990513740","https://openalex.org/W1995399522","https://openalex.org/W2008626182","https://openalex.org/W2010962925","https://openalex.org/W2014542527","https://openalex.org/W2019490403","https://openalex.org/W2033019352","https://openalex.org/W2040023921","https://openalex.org/W2044758663","https://openalex.org/W2057366964","https://openalex.org/W2060234492","https://openalex.org/W2066045860","https://openalex.org/W2078393527","https://openalex.org/W2084050405","https://openalex.org/W2085630429","https://openalex.org/W2087527532","https://openalex.org/W2099334948","https://openalex.org/W2100408980","https://openalex.org/W2107031757","https://openalex.org/W2110065044","https://openalex.org/W2115643540","https://openalex.org/W2117592084","https://openalex.org/W2123804192","https://openalex.org/W2126762719","https://openalex.org/W2156858199","https://openalex.org/W2294407885","https://openalex.org/W2480680997","https://openalex.org/W2800782238","https://openalex.org/W3122710626","https://openalex.org/W4237775487","https://openalex.org/W4239035626","https://openalex.org/W4299627282","https://openalex.org/W4301892172","https://openalex.org/W4402756823","https://openalex.org/W6603835122"],"related_works":["https://openalex.org/W1978034799","https://openalex.org/W2141388993","https://openalex.org/W2155353733","https://openalex.org/W4384518368","https://openalex.org/W3117252235","https://openalex.org/W658105165","https://openalex.org/W2293678011","https://openalex.org/W2018644264","https://openalex.org/W4248500578","https://openalex.org/W3201294019"],"abstract_inverted_index":{"Security":[0],"tools":[1,10,63],"could":[2],"help":[3],"developers":[4,50],"find":[5],"critical":[6],"vulnera-bilities,":[7],"yet":[8],"such":[9],"remain":[11],"underused.":[12],"We":[13],"surveyed":[14],"de-velopers":[15],"from":[16],"14":[17],"companies":[18],"and":[19,28,44],"5":[20],"mailing":[21],"lists":[22],"about":[23],"their":[24,88],"reasons":[25],"for":[26],"using":[27,30,90],"not":[29,72],"security":[31,38,53,62,77,91],"tools.":[32,92],"The":[33],"resulting":[34],"thirty-nine":[35],"predictors":[36],"of":[37,76],"tool":[39,78],"use":[40,61],"provide":[41],"both":[42],"ex-pected":[43],"unexpected":[45],"insights.":[46],"As":[47],"we":[48],"expected,":[49],"who":[51,66],"perceive":[52],"to":[54,60,86],"be":[55],"important":[56],"are":[57],"more":[58],"likely":[59],"than":[64],"those":[65],"do":[67],"not.":[68],"But":[69],"that":[70],"was":[71,81],"the":[73],"strongest":[74],"predictor":[75],"use,":[79],"it":[80],"instead":[82],"devel-opers":[83],"\u2019":[84],"ability":[85],"observe":[87],"peers":[89]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":8},{"year":2023,"cited_by_count":10},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":10},{"year":2020,"cited_by_count":8},{"year":2019,"cited_by_count":7},{"year":2018,"cited_by_count":13},{"year":2017,"cited_by_count":8},{"year":2016,"cited_by_count":2},{"year":2015,"cited_by_count":2}],"updated_date":"2026-04-14T08:04:32.555800","created_date":"2025-10-10T00:00:00"}