{"id":"https://openalex.org/W4389306488","doi":"https://doi.org/10.1145/3631204.3631862","title":"Evaluation of Free and Open Source Tools for Automated Software Composition Analysis","display_name":"Evaluation of Free and Open Source Tools for Automated Software Composition Analysis","publication_year":2023,"publication_date":"2023-12-04","ids":{"openalex":"https://openalex.org/W4389306488","doi":"https://doi.org/10.1145/3631204.3631862"},"language":"en","primary_location":{"id":"doi:10.1145/3631204.3631862","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3631204.3631862","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 7th ACM Computer Science in Cars Symposium","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5093413965","display_name":"Laura Bottner","orcid":"https://orcid.org/0000-0001-5921-5055"},"institutions":[{"id":"https://openalex.org/I4210091388","display_name":"Mercedes-Benz Research and Development North America (United States)","ror":"https://ror.org/00b4ram58","country_code":"US","type":"company","lineage":["https://openalex.org/I1332474105","https://openalex.org/I4210091388"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Laura Bottner","raw_affiliation_strings":["Mercedes-Benz Tech Innovation GmbH, DE"],"affiliations":[{"raw_affiliation_string":"Mercedes-Benz Tech Innovation GmbH, DE","institution_ids":["https://openalex.org/I4210091388"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5071810146","display_name":"Artur Hermann","orcid":"https://orcid.org/0009-0004-3406-267X"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Artur Hermann","raw_affiliation_strings":["Ulm University, DE"],"affiliations":[{"raw_affiliation_string":"Ulm University, DE","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5024151714","display_name":"Jeremias Eppler","orcid":"https://orcid.org/0000-0002-5856-7654"},"institutions":[{"id":"https://openalex.org/I4210091388","display_name":"Mercedes-Benz Research and Development North America (United States)","ror":"https://ror.org/00b4ram58","country_code":"US","type":"company","lineage":["https://openalex.org/I1332474105","https://openalex.org/I4210091388"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jeremias Eppler","raw_affiliation_strings":["Mercedes-Benz Tech Innovation GmbH, DE"],"affiliations":[{"raw_affiliation_string":"Mercedes-Benz Tech Innovation GmbH, DE","institution_ids":["https://openalex.org/I4210091388"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022934464","display_name":"Thomas Th\u00fcm","orcid":"https://orcid.org/0000-0001-8069-9584"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Thomas Th\u00fcm","raw_affiliation_strings":["Ulm University, DE"],"affiliations":[{"raw_affiliation_string":"Ulm University, DE","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5050897976","display_name":"Frank Kargl","orcid":"https://orcid.org/0000-0003-3800-8369"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Frank Kargl","raw_affiliation_strings":["Ulm University, Germany"],"affiliations":[{"raw_affiliation_string":"Ulm University, Germany","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5093413965"],"corresponding_institution_ids":["https://openalex.org/I4210091388"],"apc_list":null,"apc_paid":null,"fwci":0.217,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.62699285,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"11"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9966999888420105,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9966999888420105,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9962000250816345,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9919999837875366,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7092344760894775},{"id":"https://openalex.org/keywords/open-source-software","display_name":"Open source software","score":0.5997223258018494},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5921800136566162},{"id":"https://openalex.org/keywords/composition","display_name":"Composition (language)","score":0.5570966601371765},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.512139081954956},{"id":"https://openalex.org/keywords/transitive-relation","display_name":"Transitive relation","score":0.5102443695068359},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.4670039415359497},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.42823269963264465},{"id":"https://openalex.org/keywords/open-source","display_name":"Open source","score":0.4278126657009125},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.4203437566757202},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.19885149598121643},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.14526361227035522}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7092344760894775},{"id":"https://openalex.org/C2988343187","wikidata":"https://www.wikidata.org/wiki/Q1130645","display_name":"Open source software","level":3,"score":0.5997223258018494},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5921800136566162},{"id":"https://openalex.org/C40231798","wikidata":"https://www.wikidata.org/wiki/Q1333743","display_name":"Composition (language)","level":2,"score":0.5570966601371765},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.512139081954956},{"id":"https://openalex.org/C191399111","wikidata":"https://www.wikidata.org/wiki/Q64861","display_name":"Transitive relation","level":2,"score":0.5102443695068359},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.4670039415359497},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.42823269963264465},{"id":"https://openalex.org/C3018397939","wikidata":"https://www.wikidata.org/wiki/Q3644502","display_name":"Open source","level":3,"score":0.4278126657009125},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.4203437566757202},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.19885149598121643},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.14526361227035522},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C114614502","wikidata":"https://www.wikidata.org/wiki/Q76592","display_name":"Combinatorics","level":1,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3631204.3631862","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3631204.3631862","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 7th ACM Computer Science in Cars Symposium","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":12,"referenced_works":["https://openalex.org/W2055256057","https://openalex.org/W2060337373","https://openalex.org/W2168901792","https://openalex.org/W2621104980","https://openalex.org/W2889097348","https://openalex.org/W2908658481","https://openalex.org/W2963926786","https://openalex.org/W3040158574","https://openalex.org/W3099225556","https://openalex.org/W3159300567","https://openalex.org/W3198845576","https://openalex.org/W4311165832"],"related_works":["https://openalex.org/W4376877853","https://openalex.org/W2141388993","https://openalex.org/W1978034799","https://openalex.org/W1493891899","https://openalex.org/W4250928611","https://openalex.org/W166480398","https://openalex.org/W2999607548","https://openalex.org/W1612808768","https://openalex.org/W167327709","https://openalex.org/W1977393088"],"abstract_inverted_index":{"Vulnerable":[0],"or":[1],"malicious":[2],"third-party":[3],"components":[4],"introduce":[5],"vulnerabilities":[6],"into":[7],"the":[8],"software":[9,26],"supply":[10],"chain.":[11],"Software":[12],"Composition":[13],"Analysis":[14],"(SCA)":[15],"is":[16],"a":[17],"method":[18],"to":[19],"identify":[20],"direct":[21],"and":[22,28,33],"transitive":[23],"dependencies":[24],"in":[25],"projects":[27],"assess":[29],"their":[30],"security":[31],"risks":[32],"vulnerabilities.":[34]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}