{"id":"W2030015318","doi":"10.1007/s00766-009-0090-z","title":"A vulnerability-centric requirements engineering framework: analyzing security attacks, countermeasures, and requirements based on vulnerabilities","year":2009,"lang":"en","type":"article","venue":"Requirements Engineering","topic":"Information and Cyber Security","field":"Computer Science","cited_by":101,"is_retracted":false,"has_abstract":false,"ca_institutions":"University of Toronto","funders":"","keywords":"Exploit; Vulnerability (computing); Computer security; Vulnerability management; Threat model; Computer science; Secure coding; Vulnerability assessment; Risk analysis (engineering); Security engineering; Security testing; Compromise; Software security assurance; Security information and event management; Security service; Information security; Cloud computing security; Business","routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false,"invisible_to_affiliation_only":false},"retraction":null,"screen":null,"direct_labels":[],"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":["metaepi_narrow"],"consensus_categories":[],"category_scores_codex":[0.001527453,0.0006453392,0.0005431149,0.0006309953,0.0003449227,0.0005989085,0.0009660306,0.0002219973,0.00004066362],"category_scores_gemma":[0.000538038,0.0006847852,0.0001700228,0.0008811649,0.00004115557,0.002008397,0.0002235116,0.0006857924,0.00002399278],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.0006044169,"about_ca_system_score_gemma":0.00008820432,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.00001741099,"about_ca_topic_score_gemma":0.000001911483,"domain_scores_codex":[0.9956683,0.0001030324,0.0009868116,0.0008732898,0.001264085,0.001104503],"domain_scores_gemma":[0.9977816,0.0001852883,0.0002366926,0.001218556,0.0001887985,0.0003890683],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"theoretical_or_conceptual","study_design_gemma":"simulation_or_modeling","study_design_scores_codex":[0.0004295422,0.003669558,0.03027861,0.00348637,0.001029178,0.0003050971,0.01808177,0.3721677,0.0131405,0.4738872,0.002505565,0.08101893],"study_design_scores_gemma":[0.001589693,0.000363688,0.009380614,0.0007549065,0.0000363058,0.00001194463,0.0000386439,0.9788424,0.002177901,0.001203751,0.004536304,0.001063816],"study_design_candidate":"simulation_or_modeling","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.2167196,0.0005879156,0.775465,0.0009392429,0.001696297,0.001177516,0.00002689088,0.001442636,0.00194488],"genre_scores_gemma":[0.9845541,0.00004805326,0.01427487,0.0008529086,0.0001483841,0.00004236443,0.00002194221,0.00003501158,0.0000223382],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.7678345,"threshold_uncertainty_score":0.9995604,"prediction_status":"machine_predicted_unvalidated"},"machine_scores":{"provisional":true,"baseline":true,"maturity_gate_passed":false,"score_opus":0.01926743977762655,"score_gpt":0.2668236870226438,"score_spread":0.2475562472450172,"validation_status":"score_only:v0-immature-baseline","note":"Baseline scores from an immature model (maturity gate not passed). Scores rank; they never assert a category."}}