{"id":"https://openalex.org/W2885424819","doi":"https://doi.org/10.1145/3230833.3233274","title":"Surveying Secure Software Development Practices in Finland","display_name":"Surveying Secure Software Development Practices in Finland","publication_year":2018,"publication_date":"2018-08-13","ids":{"openalex":"https://openalex.org/W2885424819","doi":"https://doi.org/10.1145/3230833.3233274","mag":"2885424819"},"language":"en","primary_location":{"id":"doi:10.1145/3230833.3233274","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3230833.3233274","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 13th International Conference on Availability, Reliability and Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5029221788","display_name":"Kalle Rindell","orcid":"https://orcid.org/0000-0003-3349-5823"},"institutions":[{"id":"https://openalex.org/I155660961","display_name":"University of Turku","ror":"https://ror.org/05vghhr25","country_code":"FI","type":"education","lineage":["https://openalex.org/I155660961"]}],"countries":["FI"],"is_corresponding":true,"raw_author_name":"Kalle Rindell","raw_affiliation_strings":["University of Turku, Turku, Finland"],"affiliations":[{"raw_affiliation_string":"University of Turku, Turku, Finland","institution_ids":["https://openalex.org/I155660961"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045061250","display_name":"Jukka Ruohonen","orcid":"https://orcid.org/0000-0001-5147-3084"},"institutions":[{"id":"https://openalex.org/I155660961","display_name":"University of Turku","ror":"https://ror.org/05vghhr25","country_code":"FI","type":"education","lineage":["https://openalex.org/I155660961"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Jukka Ruohonen","raw_affiliation_strings":["University of Turku, Turku, Finland"],"affiliations":[{"raw_affiliation_string":"University of Turku, Turku, Finland","institution_ids":["https://openalex.org/I155660961"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5006523717","display_name":"Sami Hyrynsalmi","orcid":"https://orcid.org/0000-0002-5073-3750"},"institutions":[{"id":"https://openalex.org/I4210133110","display_name":"Tampere University","ror":null,"country_code":"FI","type":null,"lineage":["https://openalex.org/I4210133110"]},{"id":"https://openalex.org/I166825849","display_name":"Tampere University","ror":"https://ror.org/033003e23","country_code":"FI","type":"education","lineage":["https://openalex.org/I166825849"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Sami Hyrynsalmi","raw_affiliation_strings":["Tampere University of Technology, Pori, Finland"],"affiliations":[{"raw_affiliation_string":"Tampere University of Technology, Pori, Finland","institution_ids":["https://openalex.org/I166825849","https://openalex.org/I4210133110"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5029221788"],"corresponding_institution_ids":["https://openalex.org/I155660961"],"apc_list":null,"apc_paid":null,"fwci":1.1781,"has_fulltext":false,"cited_by_count":18,"citation_normalized_percentile":{"value":0.85123456,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"7"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10430","display_name":"Software Engineering Techniques and Practices","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.717992901802063},{"id":"https://openalex.org/keywords/asset","display_name":"Asset (computer security)","score":0.6938715577125549},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.6441188454627991},{"id":"https://openalex.org/keywords/social-software-engineering","display_name":"Social software engineering","score":0.6219237446784973},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5754510164260864},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.473084032535553},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.45545855164527893},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.45124053955078125},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.4400051236152649},{"id":"https://openalex.org/keywords/security-bug","display_name":"Security bug","score":0.4312078058719635},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.4269621968269348},{"id":"https://openalex.org/keywords/package-development-process","display_name":"Package development process","score":0.4250362515449524},{"id":"https://openalex.org/keywords/software-development-process","display_name":"Software development process","score":0.42076995968818665},{"id":"https://openalex.org/keywords/personal-software-process","display_name":"Personal software process","score":0.42038092017173767},{"id":"https://openalex.org/keywords/software-construction","display_name":"Software construction","score":0.4106051027774811},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.3544347882270813},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.24710652232170105},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.06811732053756714}],"concepts":[{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.717992901802063},{"id":"https://openalex.org/C76178495","wikidata":"https://www.wikidata.org/wiki/Q4808784","display_name":"Asset (computer security)","level":2,"score":0.6938715577125549},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.6441188454627991},{"id":"https://openalex.org/C182500959","wikidata":"https://www.wikidata.org/wiki/Q7551380","display_name":"Social software engineering","level":5,"score":0.6219237446784973},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5754510164260864},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.473084032535553},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.45545855164527893},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.45124053955078125},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.4400051236152649},{"id":"https://openalex.org/C131275738","wikidata":"https://www.wikidata.org/wiki/Q7445023","display_name":"Security bug","level":5,"score":0.4312078058719635},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.4269621968269348},{"id":"https://openalex.org/C123551368","wikidata":"https://www.wikidata.org/wiki/Q7122888","display_name":"Package development process","level":5,"score":0.4250362515449524},{"id":"https://openalex.org/C180152950","wikidata":"https://www.wikidata.org/wiki/Q2904257","display_name":"Software development process","level":4,"score":0.42076995968818665},{"id":"https://openalex.org/C39890963","wikidata":"https://www.wikidata.org/wiki/Q1702721","display_name":"Personal software process","level":5,"score":0.42038092017173767},{"id":"https://openalex.org/C186846655","wikidata":"https://www.wikidata.org/wiki/Q3398377","display_name":"Software construction","level":4,"score":0.4106051027774811},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.3544347882270813},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.24710652232170105},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.06811732053756714}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3230833.3233274","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3230833.3233274","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 13th International Conference on Availability, Reliability and Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","score":0.4099999964237213,"id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":18,"referenced_works":["https://openalex.org/W171601550","https://openalex.org/W1531064568","https://openalex.org/W1558527408","https://openalex.org/W1559498407","https://openalex.org/W1604599558","https://openalex.org/W1759083992","https://openalex.org/W1995717826","https://openalex.org/W2015004885","https://openalex.org/W2113848838","https://openalex.org/W2115467956","https://openalex.org/W2126762719","https://openalex.org/W2337987222","https://openalex.org/W2396262230","https://openalex.org/W2591804303","https://openalex.org/W2598106848","https://openalex.org/W2750633462","https://openalex.org/W4205192141","https://openalex.org/W4256309811"],"related_works":["https://openalex.org/W1978034799","https://openalex.org/W4384518368","https://openalex.org/W2141388993","https://openalex.org/W2155353733","https://openalex.org/W2504659933","https://openalex.org/W2039943835","https://openalex.org/W2293245356","https://openalex.org/W2560421591","https://openalex.org/W60029630","https://openalex.org/W2362955522"],"abstract_inverted_index":{"Combining":[0],"security":[1,18,50,68,81],"engineering":[2,5],"and":[3,12,34,48,67],"software":[4,9,29,33,37,60],"is":[6,39],"shaping":[7],"the":[8,14,20,24,28,56,80],"development":[10,38],"processes":[11],"shifting":[13],"emphasis":[15],"of":[16,45,63,79],"information":[17,26],"from":[19],"operation":[21],"environment":[22],"into":[23],"main":[25],"asset:":[27],"itself.":[30],"To":[31,52],"protect":[32],"data":[35],"assets,":[36],"subjected":[40],"to":[41,70],"an":[42],"increasing":[43],"amount":[44],"external":[46],"regulation":[47],"organizational":[49],"requirements.":[51],"fulfill":[53],"these":[54],"requirements,":[55],"practitioners":[57],"producing":[58],"secure":[59],"have":[61],"plenty":[62],"models,":[64],"guidelines,":[65],"standards":[66],"instructions":[69],"follow,":[71],"but":[72],"very":[73],"little":[74],"scientific":[75],"knowledge":[76],"about":[77],"effectiveness":[78],"they":[82],"take.":[83]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":6},{"year":2022,"cited_by_count":3},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}