{"id":"https://openalex.org/W3016408099","doi":"https://doi.org/10.37190/e-inf200103","title":"SIoT Framework: Towards an Approach for Early Identification of Security Requirements for Internet-of-things Applications","display_name":"SIoT Framework: Towards an Approach for Early Identification of Security Requirements for Internet-of-things Applications","publication_year":2020,"publication_date":"2020-01-01","ids":{"openalex":"https://openalex.org/W3016408099","doi":"https://doi.org/10.37190/e-inf200103","mag":"3016408099"},"language":"en","primary_location":{"id":"doi:10.37190/e-inf200103","is_oa":true,"landing_page_url":"https://doi.org/10.37190/e-inf200103","pdf_url":"https://doi.org/10.37190/e-inf200103","source":{"id":"https://openalex.org/S2738831096","display_name":"e-Informatica Software Engineering Journal","issn_l":"1897-7979","issn":["1897-7979","2084-4840"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310317492","host_organization_name":"Wroc\u0142aw University of Science and Technology","host_organization_lineage":["https://openalex.org/P4310317492"],"host_organization_lineage_names":["Wroc\u0142aw University of Science and Technology"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"e-Informatica Software Engineering Journal","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://doi.org/10.37190/e-inf200103","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5008019756","display_name":"Ronald Jabangwe","orcid":"https://orcid.org/0000-0002-2305-6352"},"institutions":[{"id":"https://openalex.org/I2801380234","display_name":"University of South-Eastern Norway","ror":"https://ror.org/05ecg5h20","country_code":"NO","type":"education","lineage":["https://openalex.org/I2801380234"]}],"countries":["NO"],"is_corresponding":true,"raw_author_name":"Ronald Jabangwe","raw_affiliation_strings":["School of Business, University of South Eastern Norway, Norway, Department of Business and IT","The Maersk Mc-Kinney Moller Institute, University of Southern Denmark, Software Engineering, Denmark / Software Improvement Group, SIG Nordics"],"affiliations":[{"raw_affiliation_string":"School of Business, University of South Eastern Norway, Norway, Department of Business and IT","institution_ids":["https://openalex.org/I2801380234"]},{"raw_affiliation_string":"The Maersk Mc-Kinney Moller Institute, University of Southern Denmark, Software Engineering, Denmark / Software Improvement Group, SIG Nordics","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5011404590","display_name":"Anh Nguyen\u2010Duc","orcid":"https://orcid.org/0000-0002-7063-9200"},"institutions":[{"id":"https://openalex.org/I2801380234","display_name":"University of South-Eastern Norway","ror":"https://ror.org/05ecg5h20","country_code":"NO","type":"education","lineage":["https://openalex.org/I2801380234"]}],"countries":["NO"],"is_corresponding":false,"raw_author_name":"Anh Nguyen-Duc","raw_affiliation_strings":["School of Business, University of South Eastern Norway, Norway, Department of Business and IT","The Maersk Mc-Kinney Moller Institute, University of Southern Denmark, Software Engineering, Denmark / Software Improvement Group, SIG Nordics"],"affiliations":[{"raw_affiliation_string":"School of Business, University of South Eastern Norway, Norway, Department of Business and IT","institution_ids":["https://openalex.org/I2801380234"]},{"raw_affiliation_string":"The Maersk Mc-Kinney Moller Institute, University of Southern Denmark, Software Engineering, Denmark / Software Improvement Group, SIG Nordics","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5008019756"],"corresponding_institution_ids":["https://openalex.org/I2801380234"],"apc_list":null,"apc_paid":null,"fwci":1.1127,"has_fulltext":true,"cited_by_count":6,"citation_normalized_percentile":{"value":0.83744358,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":"14","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6684061288833618},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5379318594932556},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.47851502895355225},{"id":"https://openalex.org/keywords/security-engineering","display_name":"Security engineering","score":0.46850043535232544},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.42677927017211914},{"id":"https://openalex.org/keywords/panacea","display_name":"Panacea (medicine)","score":0.41463959217071533},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.36106154322624207},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.238073468208313},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.21362364292144775},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.1777234673500061},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.17697256803512573},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.16568931937217712}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6684061288833618},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5379318594932556},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.47851502895355225},{"id":"https://openalex.org/C13159133","wikidata":"https://www.wikidata.org/wiki/Q365674","display_name":"Security engineering","level":5,"score":0.46850043535232544},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.42677927017211914},{"id":"https://openalex.org/C26993612","wikidata":"https://www.wikidata.org/wiki/Q910154","display_name":"Panacea (medicine)","level":3,"score":0.41463959217071533},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.36106154322624207},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.238073468208313},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.21362364292144775},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.1777234673500061},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.17697256803512573},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.16568931937217712},{"id":"https://openalex.org/C204787440","wikidata":"https://www.wikidata.org/wiki/Q188504","display_name":"Alternative medicine","level":2,"score":0.0},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0}],"mesh":[],"locations_count":6,"locations":[{"id":"doi:10.37190/e-inf200103","is_oa":true,"landing_page_url":"https://doi.org/10.37190/e-inf200103","pdf_url":"https://doi.org/10.37190/e-inf200103","source":{"id":"https://openalex.org/S2738831096","display_name":"e-Informatica Software Engineering Journal","issn_l":"1897-7979","issn":["1897-7979","2084-4840"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310317492","host_organization_name":"Wroc\u0142aw University of Science and Technology","host_organization_lineage":["https://openalex.org/P4310317492"],"host_organization_lineage_names":["Wroc\u0142aw University of Science and Technology"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"e-Informatica Software Engineering Journal","raw_type":"journal-article"},{"id":"pmh:oai:sdu.dk:openaire/5d6eff1e-15bc-4ed1-9c87-4c388e185cb4","is_oa":true,"landing_page_url":"https://portal.findresearcher.sdu.dk/da/publications/5d6eff1e-15bc-4ed1-9c87-4c388e185cb4","pdf_url":null,"source":{"id":"https://openalex.org/S4306400423","display_name":"University of Southern Denmark Research Portal (University of Southern Denmark)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I177969490","host_organization_name":"University of Southern Denmark","host_organization_lineage":["https://openalex.org/I177969490"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Jabangwe, R & Nguyen-Duc, A 2020, 'SIoT framework : Towards an approach for early identification of security requirements for internet-of-things applications', e-Informatica Software Engineering Journal, vol. 14, no. 1, pp. 77-95. https://doi.org/10.37190/e-Inf200103","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:dbc.wroc.pl:109930","is_oa":true,"landing_page_url":"https://dbc.wroc.pl/dlibra/publication/152237/edition/109930/content","pdf_url":null,"source":{"id":"https://openalex.org/S4210167977","display_name":"Prace Naukowe Uniwersytetu Ekonomicznego we Wroc\u0142awiu","issn_l":"1899-3192","issn":["1899-3192","2392-0041"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":"https://openalex.org/P4322697539","host_organization_name":"Wroclaw University of Economics","host_organization_lineage":["https://openalex.org/P4322697539"],"host_organization_lineage_names":["Wroclaw University of Economics"],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Politechnika Wroc\u0142awska","raw_type":"artyku\u0142"},{"id":"pmh:oai:doaj.org/article:867f3f05eb9d4b728365ee71cce1bd73","is_oa":true,"landing_page_url":"https://doaj.org/article/867f3f05eb9d4b728365ee71cce1bd73","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"e-Informatica Software Engineering Journal, Vol 14, Iss 1, Pp 77-95 (2020)","raw_type":"article"},{"id":"pmh:oai:openarchive.usn.no:11250/2736634","is_oa":true,"landing_page_url":"https://hdl.handle.net/11250/2736634","pdf_url":null,"source":{"id":"https://openalex.org/S4306401716","display_name":"Duo Research Archive (University of Oslo)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I184942183","host_organization_name":"University of Oslo","host_organization_lineage":["https://openalex.org/I184942183"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"77-95","raw_type":"info:eu-repo/semantics/other"},{"id":"pmh:oai:sdu.dk:publications/5d6eff1e-15bc-4ed1-9c87-4c388e185cb4","is_oa":true,"landing_page_url":"https://www.e-informatyka.pl/index.php/einformatica/volumes/volume-2020/","pdf_url":null,"source":{"id":"https://openalex.org/S4306400423","display_name":"University of Southern Denmark Research Portal (University of Southern Denmark)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I177969490","host_organization_name":"University of Southern Denmark","host_organization_lineage":["https://openalex.org/I177969490"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Jabangwe, R & Nguyen-Duc, A 2020, 'SIoT framework : Towards an approach for early identification of security requirements for internet-of-things applications', e-Informatica Software Engineering Journal, vol. 14, no. 1, pp. 77-95. https://doi.org/10.37190/e-Inf200103","raw_type":"info:eu-repo/semantics/publishedVersion"}],"best_oa_location":{"id":"doi:10.37190/e-inf200103","is_oa":true,"landing_page_url":"https://doi.org/10.37190/e-inf200103","pdf_url":"https://doi.org/10.37190/e-inf200103","source":{"id":"https://openalex.org/S2738831096","display_name":"e-Informatica Software Engineering Journal","issn_l":"1897-7979","issn":["1897-7979","2084-4840"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310317492","host_organization_name":"Wroc\u0142aw University of Science and Technology","host_organization_lineage":["https://openalex.org/P4310317492"],"host_organization_lineage_names":["Wroc\u0142aw University of Science and Technology"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"e-Informatica Software Engineering Journal","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320323799","display_name":"Syddansk Universitet","ror":"https://ror.org/03yrrjy16"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3016408099.pdf","grobid_xml":"https://content.openalex.org/works/W3016408099.grobid-xml"},"referenced_works_count":56,"referenced_works":["https://openalex.org/W82878097","https://openalex.org/W118785588","https://openalex.org/W291729657","https://openalex.org/W572872720","https://openalex.org/W1204994919","https://openalex.org/W1514648770","https://openalex.org/W1525753916","https://openalex.org/W1530181845","https://openalex.org/W1690148500","https://openalex.org/W1800478330","https://openalex.org/W1981331664","https://openalex.org/W1988225931","https://openalex.org/W1988543748","https://openalex.org/W2011534633","https://openalex.org/W2029758586","https://openalex.org/W2036569531","https://openalex.org/W2097154968","https://openalex.org/W2097209811","https://openalex.org/W2113778324","https://openalex.org/W2114759907","https://openalex.org/W2116175419","https://openalex.org/W2116286374","https://openalex.org/W2153177282","https://openalex.org/W2275530856","https://openalex.org/W2505202630","https://openalex.org/W2532081031","https://openalex.org/W2546539006","https://openalex.org/W2560711165","https://openalex.org/W2572411793","https://openalex.org/W2575895509","https://openalex.org/W2589125316","https://openalex.org/W2618490554","https://openalex.org/W2620576447","https://openalex.org/W2751296996","https://openalex.org/W2768152971","https://openalex.org/W2793013392","https://openalex.org/W2885041370","https://openalex.org/W2938773348","https://openalex.org/W2954967166","https://openalex.org/W3127844521","https://openalex.org/W3161918289","https://openalex.org/W4229680087","https://openalex.org/W4242182825","https://openalex.org/W4246036459","https://openalex.org/W4289685492","https://openalex.org/W4302557251","https://openalex.org/W6604790822","https://openalex.org/W6637497809","https://openalex.org/W6647396529","https://openalex.org/W6659840547","https://openalex.org/W6677126535","https://openalex.org/W6677177875","https://openalex.org/W6731774204","https://openalex.org/W6738461903","https://openalex.org/W6742361111","https://openalex.org/W6745706219"],"related_works":["https://openalex.org/W2791057018","https://openalex.org/W2100901739","https://openalex.org/W2073210364","https://openalex.org/W4242593755","https://openalex.org/W2123548032","https://openalex.org/W2564831469","https://openalex.org/W2002441522","https://openalex.org/W2073363395","https://openalex.org/W2980038767","https://openalex.org/W2889483553"],"abstract_inverted_index":{"Background:":[0],"Security":[1],"has":[2],"become":[3],"more":[4],"of":[5,12,18,152],"a":[6,41,92,104,127,147,162],"concern":[7],"with":[8,46],"the":[9,24,52,97,116,123,153,159,176],"wide":[10],"deployment":[11],"Internet-of-things":[13],"(IoT)":[14],"devices.":[15],"The":[16,68,119,168],"importance":[17],"addressing":[19,107],"security":[20,48,73,109,136,145,166],"risks":[21],"early":[22,50,114],"in":[23,51,115,175],"development":[25,54,117],"lifecycle":[26,55],"before":[27],"pushing":[28],"to":[29,44,61,164,172,179,183],"market":[30],"cannot":[31],"be":[32,126,131,173],"over":[33],"emphasized.":[34],"Aim:":[35],"To":[36],"this":[37],"end,":[38],"we":[39,59],"propose":[40],"conceptual":[42],"framework":[43,69,98,124,155,160,169],"help":[45],"identifying":[47],"concerns":[49,110],"product":[53],"for":[56,65,106,111,140],"Internet-of-things,":[57],"that":[58,129],"refer":[60],"as":[62,103,133,161],"SIoT":[63,154],"(Security":[64],"Internet-of-Things).":[66],"Method:":[67],"adopts":[70],"well":[71],"known":[72],"engineering":[74,138],"approaches":[75],"and":[76,79,99],"best":[77],"practices,":[78],"systematically":[80],"builds":[81],"on":[82,86],"existing":[83],"research":[84],"work":[85],"IoT":[87,112,141,186],"architecture.":[88],"Results:":[89],"Practitioners":[90],"at":[91],"Norwegian":[93],"start-up":[94],"company":[95],"evaluated":[96],"found":[100],"it":[101],"useful":[102],"foundation":[105],"critical":[108],"applications":[113],"lifecycle.":[118],"output":[120],"from":[121],"using":[122],"can":[125,130],"checklist":[128],"used":[132],"input":[134],"during":[135],"requirements":[137],"activities":[139],"applications.":[142],"Conclusions:":[143],"However,":[144],"is":[146],"multi-faced":[148],"concept;":[149],"therefore,":[150],"users":[151],"should":[156],"not":[157],"view":[158],"panacea":[163],"all":[165],"threats.":[167],"may":[170],"need":[171],"refined":[174],"future,":[177],"particularly":[178],"improve":[180],"its":[181],"completeness":[182],"cover":[184],"various":[185],"contexts.":[187]},"counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":3},{"year":2021,"cited_by_count":1}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}