{"id":"https://openalex.org/W2897344898","doi":"https://doi.org/10.1145/3278122.3278126","title":"Model-based security analysis of feature-oriented software product lines","display_name":"Model-based security analysis of feature-oriented software product lines","publication_year":2018,"publication_date":"2018-10-24","ids":{"openalex":"https://openalex.org/W2897344898","doi":"https://doi.org/10.1145/3278122.3278126","mag":"2897344898"},"language":"en","primary_location":{"id":"doi:10.1145/3278122.3278126","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3278122.3278126","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 17th ACM SIGPLAN International Conference on Generative Programming: Concepts and Experiences","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5070179477","display_name":"Sven Peldszus","orcid":"https://orcid.org/0000-0002-2604-0487"},"institutions":[{"id":"https://openalex.org/I4387153937","display_name":"Universit\u00e4t Koblenz","ror":"https://ror.org/0433e6t24","country_code":null,"type":"education","lineage":["https://openalex.org/I4387153937"]},{"id":"https://openalex.org/I2802076133","display_name":"University of Koblenz and Landau","ror":"https://ror.org/01j9f6752","country_code":"DE","type":"education","lineage":["https://openalex.org/I2802076133"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Sven Peldszus","raw_affiliation_strings":["University of Koblenz-Landau, Germany"],"affiliations":[{"raw_affiliation_string":"University of Koblenz-Landau, Germany","institution_ids":["https://openalex.org/I2802076133","https://openalex.org/I4387153937"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000688587","display_name":"Daniel Str\u00fcber","orcid":"https://orcid.org/0000-0002-5969-3521"},"institutions":[{"id":"https://openalex.org/I2802076133","display_name":"University of Koblenz and Landau","ror":"https://ror.org/01j9f6752","country_code":"DE","type":"education","lineage":["https://openalex.org/I2802076133"]},{"id":"https://openalex.org/I4387153937","display_name":"Universit\u00e4t Koblenz","ror":"https://ror.org/0433e6t24","country_code":null,"type":"education","lineage":["https://openalex.org/I4387153937"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Daniel Str\u00fcber","raw_affiliation_strings":["University of Koblenz-Landau, Germany"],"affiliations":[{"raw_affiliation_string":"University of Koblenz-Landau, Germany","institution_ids":["https://openalex.org/I2802076133","https://openalex.org/I4387153937"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5029120753","display_name":"Jan J\u00fcrjens","orcid":"https://orcid.org/0000-0002-8938-0470"},"institutions":[{"id":"https://openalex.org/I2802076133","display_name":"University of Koblenz and Landau","ror":"https://ror.org/01j9f6752","country_code":"DE","type":"education","lineage":["https://openalex.org/I2802076133"]},{"id":"https://openalex.org/I4387153937","display_name":"Universit\u00e4t Koblenz","ror":"https://ror.org/0433e6t24","country_code":null,"type":"education","lineage":["https://openalex.org/I4387153937"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Jan J\u00fcrjens","raw_affiliation_strings":["University of Koblenz-Landau, Germany"],"affiliations":[{"raw_affiliation_string":"University of Koblenz-Landau, Germany","institution_ids":["https://openalex.org/I2802076133","https://openalex.org/I4387153937"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5070179477"],"corresponding_institution_ids":["https://openalex.org/I2802076133","https://openalex.org/I4387153937"],"apc_list":null,"apc_paid":null,"fwci":1.1401,"has_fulltext":false,"cited_by_count":19,"citation_normalized_percentile":{"value":0.84019668,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"93","last_page":"106"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10639","display_name":"Advanced Software Engineering Methodologies","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10639","display_name":"Advanced Software Engineering Methodologies","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9839000105857849,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11450","display_name":"Model-Driven Software Engineering Techniques","score":0.9797000288963318,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7923139333724976},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.7115477323532104},{"id":"https://openalex.org/keywords/software-product-line","display_name":"Software product line","score":0.6480783820152283},{"id":"https://openalex.org/keywords/usability","display_name":"Usability","score":0.5715246796607971},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.562862753868103},{"id":"https://openalex.org/keywords/computer-security-model","display_name":"Computer security model","score":0.5493419766426086},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.48713967204093933},{"id":"https://openalex.org/keywords/security-analysis","display_name":"Security analysis","score":0.463795006275177},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4457915425300598},{"id":"https://openalex.org/keywords/feature-model","display_name":"Feature model","score":0.44251134991645813},{"id":"https://openalex.org/keywords/product","display_name":"Product (mathematics)","score":0.43896839022636414},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.28390488028526306},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.28049802780151367},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.275296151638031},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.2720211446285248},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.24070942401885986},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.21991810202598572},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.19455572962760925},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.15227138996124268},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.0717659592628479}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7923139333724976},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.7115477323532104},{"id":"https://openalex.org/C2778177629","wikidata":"https://www.wikidata.org/wiki/Q2111823","display_name":"Software product line","level":4,"score":0.6480783820152283},{"id":"https://openalex.org/C170130773","wikidata":"https://www.wikidata.org/wiki/Q216378","display_name":"Usability","level":2,"score":0.5715246796607971},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.562862753868103},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.5493419766426086},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.48713967204093933},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.463795006275177},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4457915425300598},{"id":"https://openalex.org/C101814296","wikidata":"https://www.wikidata.org/wiki/Q5439685","display_name":"Feature model","level":3,"score":0.44251134991645813},{"id":"https://openalex.org/C90673727","wikidata":"https://www.wikidata.org/wiki/Q901718","display_name":"Product (mathematics)","level":2,"score":0.43896839022636414},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.28390488028526306},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.28049802780151367},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.275296151638031},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.2720211446285248},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.24070942401885986},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.21991810202598572},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.19455572962760925},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.15227138996124268},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0717659592628479},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/3278122.3278126","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3278122.3278126","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 17th ACM SIGPLAN International Conference on Generative Programming: Concepts and Experiences","raw_type":"proceedings-article"},{"id":"pmh:oai:fraunhofer.de:N-575113","is_oa":false,"landing_page_url":"http://publica.fraunhofer.de/documents/N-575113.html","pdf_url":null,"source":{"id":"https://openalex.org/S4306400801","display_name":"Publikationsdatenbank der Fraunhofer-Gesellschaft (Fraunhofer-Gesellschaft)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4923324","host_organization_name":"Fraunhofer-Gesellschaft","host_organization_lineage":["https://openalex.org/I4923324"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Fraunhofer ISST","raw_type":"Conference Paper"},{"id":"pmh:oai:publica.fraunhofer.de:publica/406620","is_oa":false,"landing_page_url":"https://publica.fraunhofer.de/handle/publica/406620","pdf_url":null,"source":{"id":"https://openalex.org/S4306400318","display_name":"Fraunhofer-Publica (Fraunhofer-Gesellschaft)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4923324","host_organization_name":"Fraunhofer-Gesellschaft","host_organization_lineage":["https://openalex.org/I4923324"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"conference paper"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.49000000953674316,"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure"}],"awards":[{"id":"https://openalex.org/G4031803412","display_name":null,"funder_award_id":"221328183","funder_id":"https://openalex.org/F4320320879","funder_display_name":"Deutsche Forschungsgemeinschaft"}],"funders":[{"id":"https://openalex.org/F4320320879","display_name":"Deutsche Forschungsgemeinschaft","ror":"https://ror.org/018mejw64"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":61,"referenced_works":["https://openalex.org/W8370799","https://openalex.org/W37416347","https://openalex.org/W105332871","https://openalex.org/W1490011260","https://openalex.org/W1503093502","https://openalex.org/W1524147119","https://openalex.org/W1549449731","https://openalex.org/W1552525409","https://openalex.org/W1845451745","https://openalex.org/W1971320885","https://openalex.org/W1979306994","https://openalex.org/W1979578377","https://openalex.org/W1987903230","https://openalex.org/W2000037545","https://openalex.org/W2001822577","https://openalex.org/W2001991954","https://openalex.org/W2009093319","https://openalex.org/W2032518699","https://openalex.org/W2034920586","https://openalex.org/W2048064553","https://openalex.org/W2053016913","https://openalex.org/W2070929035","https://openalex.org/W2075325775","https://openalex.org/W2075827835","https://openalex.org/W2094810043","https://openalex.org/W2098019984","https://openalex.org/W2098634112","https://openalex.org/W2099213660","https://openalex.org/W2101773893","https://openalex.org/W2112000202","https://openalex.org/W2120119918","https://openalex.org/W2121771606","https://openalex.org/W2122185633","https://openalex.org/W2126313201","https://openalex.org/W2133281166","https://openalex.org/W2144642244","https://openalex.org/W2171002355","https://openalex.org/W2176465394","https://openalex.org/W2261238734","https://openalex.org/W2276012683","https://openalex.org/W2405944926","https://openalex.org/W2479011624","https://openalex.org/W2495617574","https://openalex.org/W2514084604","https://openalex.org/W2525293855","https://openalex.org/W2575005709","https://openalex.org/W2577993255","https://openalex.org/W2621647739","https://openalex.org/W2740709355","https://openalex.org/W2755868726","https://openalex.org/W2769171049","https://openalex.org/W2941904308","https://openalex.org/W4205736829","https://openalex.org/W4230619493","https://openalex.org/W4242704521","https://openalex.org/W4250303984","https://openalex.org/W4255692322","https://openalex.org/W6650896445","https://openalex.org/W6659127805","https://openalex.org/W6678294734","https://openalex.org/W6694350293"],"related_works":["https://openalex.org/W2903450681","https://openalex.org/W2005449645","https://openalex.org/W1939438916","https://openalex.org/W2612841534","https://openalex.org/W2260634139","https://openalex.org/W2158471572","https://openalex.org/W2414525409","https://openalex.org/W4255726044","https://openalex.org/W1512360405","https://openalex.org/W90855943"],"abstract_inverted_index":{"Today's":[0],"software":[1,58,84],"systems":[2,19],"are":[3],"too":[4],"complex":[5],"to":[6,15,90],"ensure":[7],"security":[8,13,37,63,81,100,111,117],"after":[9],"the":[10,31,55,62,92,104,125,136,144],"fact":[11],"\u2013":[12],"has":[14],"be":[16],"built":[17],"into":[18],"by":[20,39],"design.":[21],"To":[22,102],"this":[23,72,122],"end,":[24],"model-based":[25],"techniques":[26],"such":[27],"as":[28],"UMLsec":[29],"support":[30],"design-time":[32],"specification":[33],"and":[34,44,99],"analysis":[35,123],"of":[36,51,57,64,128,138,146],"requirements":[38],"providing":[40],"custom":[41],"model":[42,95],"annotations":[43],"checks.":[45],"Yet,":[46],"a":[47,77,83,115,139],"particularly":[48],"challenging":[49],"type":[50],"complexity":[52],"arises":[53],"from":[54],"variability":[56,98],"product":[59,85],"lines.":[60],"Analyzing":[61],"all":[65,130],"products":[66,131],"separately":[67],"is":[68],"generally":[69],"infeasible.":[70],"In":[71,119],"work,":[73],"we":[74,134],"propose":[75],"SecPL,":[76],"methodology":[78],"for":[79],"ensuring":[80],"in":[82],"line.":[86],"SecPL":[87,113],"allows":[88],"developers":[89],"annotate":[91],"system":[93],"design":[94],"with":[96],"product-line":[97],"requirements.":[101],"keep":[103],"exponentially":[105],"large":[106],"configuration":[107],"space":[108],"tractable":[109],"during":[110],"checks,":[112],"provides":[114],"family-based":[116],"analysis.":[118],"our":[120,147],"experiments,":[121],"outperforms":[124],"naive":[126],"strategy":[127],"checking":[129],"individually.":[132],"Finally,":[133],"present":[135],"results":[137],"user":[140],"study":[141],"that":[142],"indicates":[143],"usability":[145],"overall":[148],"methodology.":[149]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}