{"id":"https://openalex.org/W4307601327","doi":"https://doi.org/10.3390/software1040019","title":"Security Requirements Prioritization Techniques: A Survey and Classification Framework","display_name":"Security Requirements Prioritization Techniques: A Survey and Classification Framework","publication_year":2022,"publication_date":"2022-10-28","ids":{"openalex":"https://openalex.org/W4307601327","doi":"https://doi.org/10.3390/software1040019"},"language":"en","primary_location":{"id":"doi:10.3390/software1040019","is_oa":true,"landing_page_url":"https://doi.org/10.3390/software1040019","pdf_url":"https://www.mdpi.com/2674-113X/1/4/19/pdf?version=1666949640","source":{"id":"https://openalex.org/S4210183365","display_name":"Software","issn_l":"2674-113X","issn":["2674-113X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Software","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://www.mdpi.com/2674-113X/1/4/19/pdf?version=1666949640","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5049066555","display_name":"Shada Khanneh","orcid":null},"institutions":[{"id":"https://openalex.org/I166088655","display_name":"Montclair State University","ror":"https://ror.org/01nxc2t48","country_code":"US","type":"education","lineage":["https://openalex.org/I166088655"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Shada Khanneh","raw_affiliation_strings":["Department of Computer Science, Montclair State University, Montclair, NJ 07043, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Montclair State University, Montclair, NJ 07043, USA","institution_ids":["https://openalex.org/I166088655"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5043640255","display_name":"Vaibhav Anu","orcid":"https://orcid.org/0000-0001-8104-4942"},"institutions":[{"id":"https://openalex.org/I166088655","display_name":"Montclair State University","ror":"https://ror.org/01nxc2t48","country_code":"US","type":"education","lineage":["https://openalex.org/I166088655"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Vaibhav Anu","raw_affiliation_strings":["Department of Computer Science, Montclair State University, Montclair, NJ 07043, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Montclair State University, Montclair, NJ 07043, USA","institution_ids":["https://openalex.org/I166088655"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5043640255"],"corresponding_institution_ids":["https://openalex.org/I166088655"],"apc_list":null,"apc_paid":null,"fwci":2.2268,"has_fulltext":true,"cited_by_count":9,"citation_normalized_percentile":{"value":0.90458723,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":"1","issue":"4","first_page":"450","last_page":"472"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10430","display_name":"Software Engineering Techniques and Practices","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10430","display_name":"Software Engineering Techniques and Practices","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.7405133843421936},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.7072226405143738},{"id":"https://openalex.org/keywords/requirement-prioritization","display_name":"Requirement prioritization","score":0.6953927874565125},{"id":"https://openalex.org/keywords/security-engineering","display_name":"Security engineering","score":0.6452196836471558},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6386224627494812},{"id":"https://openalex.org/keywords/prioritization","display_name":"Prioritization","score":0.5422717928886414},{"id":"https://openalex.org/keywords/requirements-engineering","display_name":"Requirements engineering","score":0.539883553981781},{"id":"https://openalex.org/keywords/requirements-analysis","display_name":"Requirements analysis","score":0.5228279829025269},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.5146056413650513},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.46623536944389343},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.44850224256515503},{"id":"https://openalex.org/keywords/requirements-management","display_name":"Requirements management","score":0.39385008811950684},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.38448506593704224},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.33407115936279297},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.2937421202659607},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.25969579815864563},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.24514997005462646},{"id":"https://openalex.org/keywords/management-science","display_name":"Management science","score":0.14862465858459473},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.09212988615036011}],"concepts":[{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.7405133843421936},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.7072226405143738},{"id":"https://openalex.org/C130505052","wikidata":"https://www.wikidata.org/wiki/Q7314872","display_name":"Requirement prioritization","level":5,"score":0.6953927874565125},{"id":"https://openalex.org/C13159133","wikidata":"https://www.wikidata.org/wiki/Q365674","display_name":"Security engineering","level":5,"score":0.6452196836471558},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6386224627494812},{"id":"https://openalex.org/C2777615720","wikidata":"https://www.wikidata.org/wiki/Q11888847","display_name":"Prioritization","level":2,"score":0.5422717928886414},{"id":"https://openalex.org/C6604083","wikidata":"https://www.wikidata.org/wiki/Q376937","display_name":"Requirements engineering","level":3,"score":0.539883553981781},{"id":"https://openalex.org/C59488412","wikidata":"https://www.wikidata.org/wiki/Q187147","display_name":"Requirements analysis","level":3,"score":0.5228279829025269},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.5146056413650513},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.46623536944389343},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.44850224256515503},{"id":"https://openalex.org/C173577280","wikidata":"https://www.wikidata.org/wiki/Q530038","display_name":"Requirements management","level":4,"score":0.39385008811950684},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.38448506593704224},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.33407115936279297},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.2937421202659607},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.25969579815864563},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.24514997005462646},{"id":"https://openalex.org/C539667460","wikidata":"https://www.wikidata.org/wiki/Q2414942","display_name":"Management science","level":1,"score":0.14862465858459473},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.09212988615036011},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.3390/software1040019","is_oa":true,"landing_page_url":"https://doi.org/10.3390/software1040019","pdf_url":"https://www.mdpi.com/2674-113X/1/4/19/pdf?version=1666949640","source":{"id":"https://openalex.org/S4210183365","display_name":"Software","issn_l":"2674-113X","issn":["2674-113X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Software","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.3390/software1040019","is_oa":true,"landing_page_url":"https://doi.org/10.3390/software1040019","pdf_url":"https://www.mdpi.com/2674-113X/1/4/19/pdf?version=1666949640","source":{"id":"https://openalex.org/S4210183365","display_name":"Software","issn_l":"2674-113X","issn":["2674-113X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Software","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.4099999964237213,"display_name":"Partnerships for the goals","id":"https://metadata.un.org/sdg/17"}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4307601327.pdf","grobid_xml":"https://content.openalex.org/works/W4307601327.grobid-xml"},"referenced_works_count":45,"referenced_works":["https://openalex.org/W14257781","https://openalex.org/W1987337764","https://openalex.org/W1988225931","https://openalex.org/W2015297508","https://openalex.org/W2021767672","https://openalex.org/W2044039410","https://openalex.org/W2057828925","https://openalex.org/W2057864103","https://openalex.org/W2081944711","https://openalex.org/W2082303393","https://openalex.org/W2124405605","https://openalex.org/W2141726502","https://openalex.org/W2146863076","https://openalex.org/W2147733013","https://openalex.org/W2150685319","https://openalex.org/W2156221105","https://openalex.org/W2159690275","https://openalex.org/W2163022780","https://openalex.org/W2321248485","https://openalex.org/W2735703771","https://openalex.org/W2758682319","https://openalex.org/W2778938115","https://openalex.org/W2806436836","https://openalex.org/W2904558120","https://openalex.org/W2943147133","https://openalex.org/W2945132367","https://openalex.org/W2956202527","https://openalex.org/W2965480889","https://openalex.org/W2992524878","https://openalex.org/W3013954076","https://openalex.org/W3021111031","https://openalex.org/W3034406731","https://openalex.org/W3087076224","https://openalex.org/W3091821587","https://openalex.org/W3146848664","https://openalex.org/W3198625359","https://openalex.org/W3203035974","https://openalex.org/W4280493844","https://openalex.org/W4290466125","https://openalex.org/W6671055450","https://openalex.org/W6683752210","https://openalex.org/W6700326709","https://openalex.org/W6740991363","https://openalex.org/W6756934535","https://openalex.org/W6783629463"],"related_works":["https://openalex.org/W4235994067","https://openalex.org/W2793964963","https://openalex.org/W4388819159","https://openalex.org/W3130741515","https://openalex.org/W2188932686","https://openalex.org/W4287214133","https://openalex.org/W2363165856","https://openalex.org/W4224303169","https://openalex.org/W3153864189","https://openalex.org/W4200131578"],"abstract_inverted_index":{"Security":[0,61],"requirements":[1,44,62,90,119,163,193],"Engineering":[2],"(SRE)":[3],"is":[4,58],"an":[5,93],"activity":[6],"conducted":[7],"during":[8],"the":[9,13,35,74,86,97,137,168,198],"early":[10],"stage":[11],"of":[12,88,99,121,136,149],"SDLC.":[14],"SRE":[15,24],"involves":[16],"eliciting,":[17],"analyzing,":[18],"and":[19,69,83,101,146,188],"documenting":[20],"security":[21,43,50,89,118,131,162,182,192],"requirements.":[22,183],"Thorough":[23],"can":[25,172],"help":[26],"software":[27,110],"engineers":[28,111],"incorporate":[29],"countermeasures":[30],"against":[31,54],"malicious":[32],"attacks":[33],"into":[34],"software\u2019s":[36,80],"source":[37],"code":[38],"itself.":[39],"Even":[40,124],"though":[41,125],"all":[42,49],"are":[45,120],"considered":[46],"relevant,":[47],"implementing":[48],"mechanisms":[51],"that":[52,171],"protect":[53],"every":[55],"possible":[56],"threat":[57],"not":[59,65],"feasible.":[60],"must":[63],"compete":[64],"only":[66],"with":[67,73],"time":[68],"budget,":[70],"but":[71],"also":[72],"constraints":[75],"they":[76],"inflect":[77],"on":[78,116],"a":[79,143,155,177],"availability,":[81],"features,":[82],"functionalities.":[84],"Thus,":[85],"process":[87],"prioritization":[91,105,133,179,194],"becomes":[92],"integral":[94],"task":[95],"in":[96,197],"discipline":[98],"risk-analysis":[100],"trade-off-analysis.":[102],"A":[103],"sound":[104],"technique":[106],"provides":[107],"guidance":[108],"for":[109,181],"to":[112,159,175],"make":[113],"educated":[114],"decisions":[115],"which":[117],"topmost":[122],"importance.":[123],"previous":[126],"research":[127,139],"has":[128],"proposed":[129,196],"various":[130],"requirement":[132],"techniques,":[134],"none":[135],"existing":[138,150],"efforts":[140],"have":[141],"provided":[142],"detailed":[144],"survey":[145,157,185],"comparative":[147],"analysis":[148],"techniques.":[151],"This":[152],"paper":[153],"uses":[154],"literature":[156],"approach":[158],"first":[160],"define":[161],"engineering.":[164],"Next,":[165],"we":[166],"identify":[167],"state-of-the-art":[169],"techniques":[170],"be":[173],"adopted":[174],"impose":[176],"well-established":[178],"criterion":[180],"Our":[184],"identified,":[186],"summarized,":[187],"compared":[189],"seven":[190],"(7)":[191],"approaches":[195],"literature.":[199]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2}],"updated_date":"2026-03-27T14:29:43.386196","created_date":"2025-10-10T00:00:00"}