{"id":"https://openalex.org/W1987061089","doi":"https://doi.org/10.1145/2799979.2799998","title":"Synthesis of secure software development controls","display_name":"Synthesis of secure software development controls","publication_year":2015,"publication_date":"2015-09-08","ids":{"openalex":"https://openalex.org/W1987061089","doi":"https://doi.org/10.1145/2799979.2799998","mag":"1987061089"},"language":"en","primary_location":{"id":"doi:10.1145/2799979.2799998","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2799979.2799998","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 8th International Conference on Security of Information and Networks","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5007175264","display_name":"Alexander Barabanov","orcid":"https://orcid.org/0000-0003-4061-6611"},"institutions":[{"id":"https://openalex.org/I87289247","display_name":"Murmansk State Technical University","ror":"https://ror.org/04sw18p91","country_code":"RU","type":"education","lineage":["https://openalex.org/I87289247"]},{"id":"https://openalex.org/I177537411","display_name":"Bauman Moscow State Technical University","ror":"https://ror.org/00pb8h375","country_code":"RU","type":"education","lineage":["https://openalex.org/I177537411"]}],"countries":["RU"],"is_corresponding":true,"raw_author_name":"Alexander Barabanov","raw_affiliation_strings":["Bauman MSTU, Moscow, Russia","[Bauman MSTU, Moscow, Russia]"],"affiliations":[{"raw_affiliation_string":"Bauman MSTU, Moscow, Russia","institution_ids":["https://openalex.org/I87289247","https://openalex.org/I177537411"]},{"raw_affiliation_string":"[Bauman MSTU, Moscow, Russia]","institution_ids":["https://openalex.org/I87289247"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5018459605","display_name":"Alexey Markov","orcid":"https://orcid.org/0000-0003-0111-7377"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Alexey Markov","raw_affiliation_strings":["NPO Echelon, Moscow, Russia"],"affiliations":[{"raw_affiliation_string":"NPO Echelon, Moscow, Russia","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5085844370","display_name":"Andrey Fadin","orcid":null},"institutions":[{"id":"https://openalex.org/I177537411","display_name":"Bauman Moscow State Technical University","ror":"https://ror.org/00pb8h375","country_code":"RU","type":"education","lineage":["https://openalex.org/I177537411"]},{"id":"https://openalex.org/I87289247","display_name":"Murmansk State Technical University","ror":"https://ror.org/04sw18p91","country_code":"RU","type":"education","lineage":["https://openalex.org/I87289247"]}],"countries":["RU"],"is_corresponding":false,"raw_author_name":"Andrey Fadin","raw_affiliation_strings":["Bauman MSTU, Moscow, Russia","[Bauman MSTU, Moscow, Russia]"],"affiliations":[{"raw_affiliation_string":"Bauman MSTU, Moscow, Russia","institution_ids":["https://openalex.org/I87289247","https://openalex.org/I177537411"]},{"raw_affiliation_string":"[Bauman MSTU, Moscow, Russia]","institution_ids":["https://openalex.org/I87289247"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045813852","display_name":"Valentin Tsirlov","orcid":"https://orcid.org/0000-0003-2657-4179"},"institutions":[{"id":"https://openalex.org/I87289247","display_name":"Murmansk State Technical University","ror":"https://ror.org/04sw18p91","country_code":"RU","type":"education","lineage":["https://openalex.org/I87289247"]},{"id":"https://openalex.org/I177537411","display_name":"Bauman Moscow State Technical University","ror":"https://ror.org/00pb8h375","country_code":"RU","type":"education","lineage":["https://openalex.org/I177537411"]}],"countries":["RU"],"is_corresponding":false,"raw_author_name":"Valentin Tsirlov","raw_affiliation_strings":["Bauman MSTU, Moscow, Russia","[Bauman MSTU, Moscow, Russia]"],"affiliations":[{"raw_affiliation_string":"Bauman MSTU, Moscow, Russia","institution_ids":["https://openalex.org/I87289247","https://openalex.org/I177537411"]},{"raw_affiliation_string":"[Bauman MSTU, Moscow, Russia]","institution_ids":["https://openalex.org/I87289247"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5059855342","display_name":"Igor Shakhalov","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Igor Shakhalov","raw_affiliation_strings":["NPO Echelon, Moscow, Russia"],"affiliations":[{"raw_affiliation_string":"NPO Echelon, Moscow, Russia","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5007175264"],"corresponding_institution_ids":["https://openalex.org/I177537411","https://openalex.org/I87289247"],"apc_list":null,"apc_paid":null,"fwci":6.3568,"has_fulltext":false,"cited_by_count":18,"citation_normalized_percentile":{"value":0.96275146,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"93","last_page":"97"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9919000267982483,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9919000267982483,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T14306","display_name":"Technology Assessment and Management","score":0.954800009727478,"subfield":{"id":"https://openalex.org/subfields/2213","display_name":"Safety, Risk, Reliability and Quality"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9526000022888184,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6892424821853638},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.684190034866333},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.5978089570999146},{"id":"https://openalex.org/keywords/package-development-process","display_name":"Package development process","score":0.5767400860786438},{"id":"https://openalex.org/keywords/software-construction","display_name":"Software construction","score":0.5466837882995605},{"id":"https://openalex.org/keywords/software-peer-review","display_name":"Software peer review","score":0.48074793815612793},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4717482030391693},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.4519793391227722},{"id":"https://openalex.org/keywords/software-development-process","display_name":"Software development process","score":0.45113664865493774},{"id":"https://openalex.org/keywords/verification-and-validation","display_name":"Verification and validation","score":0.4342508912086487},{"id":"https://openalex.org/keywords/personal-software-process","display_name":"Personal software process","score":0.4151901304721832},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.41499122977256775},{"id":"https://openalex.org/keywords/social-software-engineering","display_name":"Social software engineering","score":0.41018304228782654},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.26802945137023926},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.15313288569450378},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.12205174565315247},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.10597163438796997}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6892424821853638},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.684190034866333},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.5978089570999146},{"id":"https://openalex.org/C123551368","wikidata":"https://www.wikidata.org/wiki/Q7122888","display_name":"Package development process","level":5,"score":0.5767400860786438},{"id":"https://openalex.org/C186846655","wikidata":"https://www.wikidata.org/wiki/Q3398377","display_name":"Software construction","level":4,"score":0.5466837882995605},{"id":"https://openalex.org/C74579156","wikidata":"https://www.wikidata.org/wiki/Q7554342","display_name":"Software peer review","level":5,"score":0.48074793815612793},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4717482030391693},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.4519793391227722},{"id":"https://openalex.org/C180152950","wikidata":"https://www.wikidata.org/wiki/Q2904257","display_name":"Software development process","level":4,"score":0.45113664865493774},{"id":"https://openalex.org/C48002344","wikidata":"https://www.wikidata.org/wiki/Q2919644","display_name":"Verification and validation","level":2,"score":0.4342508912086487},{"id":"https://openalex.org/C39890963","wikidata":"https://www.wikidata.org/wiki/Q1702721","display_name":"Personal software process","level":5,"score":0.4151901304721832},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.41499122977256775},{"id":"https://openalex.org/C182500959","wikidata":"https://www.wikidata.org/wiki/Q7551380","display_name":"Social software engineering","level":5,"score":0.41018304228782654},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.26802945137023926},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.15313288569450378},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.12205174565315247},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.10597163438796997},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.0},{"id":"https://openalex.org/C21547014","wikidata":"https://www.wikidata.org/wiki/Q1423657","display_name":"Operations management","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2799979.2799998","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2799979.2799998","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 8th International Conference on Security of Information and Networks","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/17","display_name":"Partnerships for the goals","score":0.4399999976158142}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":13,"referenced_works":["https://openalex.org/W171601550","https://openalex.org/W641490396","https://openalex.org/W1531064568","https://openalex.org/W1587555362","https://openalex.org/W2000037545","https://openalex.org/W2008681738","https://openalex.org/W2113864365","https://openalex.org/W2126762719","https://openalex.org/W2314111863","https://openalex.org/W2334246934","https://openalex.org/W2762249988","https://openalex.org/W6702761579","https://openalex.org/W6744559565"],"related_works":["https://openalex.org/W2186532739","https://openalex.org/W2134109003","https://openalex.org/W3186869374","https://openalex.org/W1570015765","https://openalex.org/W1505612340","https://openalex.org/W2183585111","https://openalex.org/W2167133781","https://openalex.org/W2371460401","https://openalex.org/W3111400545","https://openalex.org/W1497754905"],"abstract_inverted_index":{"A":[0],"study":[1],"of":[2,34,41,72],"the":[3,11,18,27,32,52],"available":[4],"approaches":[5],"aimed":[6],"at":[7],"mitigating":[8],"vulnerabilities":[9],"in":[10],"software":[12,19,53,60,76,80],"development,":[13,77],"and":[14,29,70],"their":[15],"applicability":[16],"during":[17],"compliance":[20,57],"evaluation":[21],"was":[22],"carried":[23],"out.":[24],"Having":[25],"systematized":[26],"standards":[28],"guidelines":[30],"on":[31],"development":[33,54],"secure":[35,59,75,88],"software,":[36],"we":[37],"made":[38],"a":[39],"list":[40],"basic":[42],"requirements":[43],"that":[44],"enables":[45],"us,":[46],"among":[47],"other":[48],"things,":[49],"to":[50,82],"assess":[51],"processes":[55],"for":[56,68,74,86],"with":[58],"requirements.":[61],"We":[62],"present":[63],"an":[64],"original":[65],"conceptual":[66],"model":[67],"analysis":[69],"synthesis":[71],"controls":[73,85],"which":[78],"allows":[79],"developers":[81],"select":[83],"reasonable":[84],"developing":[87],"software.":[89]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":3},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":3},{"year":2016,"cited_by_count":3},{"year":2015,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}