Works (6)
Updated: July 5th, 2023 15:40
2016 journal article
Identifying the implied: Findings from three differentiated replications on the use of security requirements templates
EMPIRICAL SOFTWARE ENGINEERING, 22(4), 2127–2178.
author keywords: Security requirements; Controlled experiment; Replication; Requirements engineering; Templates; Patterns; Automation
TL;DR:
Qualitative findings indicate that participants may be able to differentiate between relevant and extraneous templates suggestions and be more inclined to fill in the templates with additional support, supporting the findings of the original study.
(via Semantic Scholar)
Sources: Web Of Science, NC State University Libraries, ORCID
Added: August 6, 2018
2016 journal article
To log, or not to log: using heuristics to identify mandatory log events - a controlled experiment
EMPIRICAL SOFTWARE ENGINEERING, 22(5), 2684–2717.
author keywords: Logging; User activity logs; Security; Controlled experiment; User study; Mandatory log events
TL;DR:
The results indicate additional training and enforcement may be necessary to ensure subjects understand and consistently apply the assigned methods for identifying MLEs, as well as support security analysts in performing forensic analysis by evaluating the use of a heuristics-driven method for identifying mandatory log events.
(via Semantic Scholar)
Sources: Web Of Science, NC State University Libraries, ORCID
Added: August 6, 2018
2016 conference paper
systematically developing prevention, detection, and response patterns for security requirements
2016 IEEE 24th International Requirements Engineering Conference Workshops (REW), 62–67.
Source: NC State University Libraries
Added: August 6, 2018
2015 journal article
How have we evaluated software pattern application? A systematic mapping study of research design practices
INFORMATION AND SOFTWARE TECHNOLOGY, 65, 14–38.
author keywords: Software pattern; Mapping study; Systematic review; Empirical evaluation; Empirical design
TL;DR:
Establishing baselines for participants’ experience level, providing appropriate training, standardizing problem sets, and employing commonly used measures to evaluate performance can support replication and comparison of results across studies.
(via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018
2014 conference paper
Hidden in plain sight: Automatically identifying security requirements from natural language artifacts
2014 ieee 22nd international requirements engineering conference (re), 183–192.
TL;DR:
A tool-assisted process that automatically identifies security-relevant sentences in natural language requirements artifacts and classifies them according to the security objectives, either explicitly stated or implied by the sentences.
(via Semantic Scholar)
Sources: NC State University Libraries, NC State University Libraries, ORCID
Added: August 6, 2018
2014 conference paper
Towards a framework to measure security expertise in requirements analysis
2014 IEEE 1st Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE), 13–18.
TL;DR:
Preliminary results of analyzing two interviews reveal possible decision-making patterns that could characterize how analysts perceive, comprehend and project future threats which leads them to decide upon requirements and their specifications, in addition to how experts use assumptions to overcome ambiguity in specifications.
(via Semantic Scholar)
open access via zenodo.org (repository)
UN Sustainable Development Goal Categories
16. Peace, Justice and Strong Institutions
(OpenAlex)
Source: NC State University Libraries
Added: August 6, 2018
Citation Index includes data from a number of different sources. If you have questions about the sources of data in the Citation Index or need a set of data which is free to re-distribute, please contact us.
Certain data included herein are derived from the Web of Science© and InCites© (2024) of Clarivate Analytics. All rights reserved. You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.