[{"date_updated":"2023-02-06T10:42:29Z","_id":"41812","year":"2023","type":"conference","citation":{"apa":"Luo, L., Piskachev, G., Krishnamurthy, R., Dolby, J., Schäf, M., & Bodden, E. (2023). Model Generation For Java Frameworks. IEEE International Conference on Software Testing, Verification and Validation (ICST).","ama":"Luo L, Piskachev G, Krishnamurthy R, Dolby J, Schäf M, Bodden E. Model Generation For Java Frameworks. In: IEEE International Conference on Software Testing, Verification and Validation (ICST). ; 2023.","chicago":"Luo, Linghui, Goran Piskachev, Ranjith Krishnamurthy, Julian Dolby, Martin Schäf, and Eric Bodden. “Model Generation For Java Frameworks.” In IEEE International Conference on Software Testing, Verification and Validation (ICST), 2023.","mla":"Luo, Linghui, et al. “Model Generation For Java Frameworks.” IEEE International Conference on Software Testing, Verification and Validation (ICST), 2023.","bibtex":"@inproceedings{Luo_Piskachev_Krishnamurthy_Dolby_Schäf_Bodden_2023, title={Model Generation For Java Frameworks}, booktitle={IEEE International Conference on Software Testing, Verification and Validation (ICST)}, author={Luo, Linghui and Piskachev, Goran and Krishnamurthy, Ranjith and Dolby, Julian and Schäf, Martin and Bodden, Eric}, year={2023} }","short":"L. Luo, G. Piskachev, R. Krishnamurthy, J. Dolby, M. Schäf, E. Bodden, in: IEEE International Conference on Software Testing, Verification and Validation (ICST), 2023.","ieee":"L. Luo, G. Piskachev, R. Krishnamurthy, J. Dolby, M. Schäf, and E. Bodden, “Model Generation For Java Frameworks,” 2023."},"language":[{"iso":"eng"}],"title":"Model Generation For Java Frameworks","user_id":"15249","status":"public","date_created":"2023-02-06T10:37:23Z","author":[{"last_name":"Luo","full_name":"Luo, Linghui","first_name":"Linghui"},{"orcid":"0000-0003-4424-5838","full_name":"Piskachev, Goran","first_name":"Goran","id":"41936","last_name":"Piskachev"},{"first_name":"Ranjith","orcid":"0000-0002-0906-5463","full_name":"Krishnamurthy, Ranjith","last_name":"Krishnamurthy","id":"78060"},{"full_name":"Dolby, Julian","first_name":"Julian","last_name":"Dolby"},{"first_name":"Martin","full_name":"Schäf, Martin","last_name":"Schäf"},{"first_name":"Eric","full_name":"Bodden, Eric","orcid":"0000-0003-3470-3647","last_name":"Bodden","id":"59256"}],"department":[{"_id":"76"},{"_id":"662"}],"publication":"IEEE International Conference on Software Testing, Verification and Validation (ICST)"},{"language":[{"iso":"eng"}],"type":"conference","year":"2023","citation":{"apa":"Trentinaglia, R., Merschjohann, S., Fockel, M., & Eikerling, H. (2023). Eliciting Security Requirements – An Experience Report. REFSQ 2023: Requirements Engineering: Foundation for Software Quality. https://doi.org/10.1007/978-3-031-29786-1_25","ama":"Trentinaglia R, Merschjohann S, Fockel M, Eikerling H. Eliciting Security Requirements – An Experience Report. In: REFSQ 2023: Requirements Engineering: Foundation for Software Quality. Springer Nature Switzerland; 2023. doi:10.1007/978-3-031-29786-1_25","chicago":"Trentinaglia, Roman, Sven Merschjohann, Markus Fockel, and Hendrik Eikerling. “Eliciting Security Requirements – An Experience Report.” In REFSQ 2023: Requirements Engineering: Foundation for Software Quality. Cham: Springer Nature Switzerland, 2023. https://doi.org/10.1007/978-3-031-29786-1_25.","bibtex":"@inproceedings{Trentinaglia_Merschjohann_Fockel_Eikerling_2023, place={Cham}, title={Eliciting Security Requirements – An Experience Report}, DOI={10.1007/978-3-031-29786-1_25}, booktitle={REFSQ 2023: Requirements Engineering: Foundation for Software Quality}, publisher={Springer Nature Switzerland}, author={Trentinaglia, Roman and Merschjohann, Sven and Fockel, Markus and Eikerling, Hendrik}, year={2023} }","mla":"Trentinaglia, Roman, et al. “Eliciting Security Requirements – An Experience Report.” REFSQ 2023: Requirements Engineering: Foundation for Software Quality, Springer Nature Switzerland, 2023, doi:10.1007/978-3-031-29786-1_25.","short":"R. Trentinaglia, S. Merschjohann, M. Fockel, H. Eikerling, in: REFSQ 2023: Requirements Engineering: Foundation for Software Quality, Springer Nature Switzerland, Cham, 2023.","ieee":"R. Trentinaglia, S. Merschjohann, M. Fockel, and H. Eikerling, “Eliciting Security Requirements – An Experience Report,” 2023, doi: 10.1007/978-3-031-29786-1_25."},"_id":"43395","date_updated":"2023-04-04T12:51:41Z","doi":"10.1007/978-3-031-29786-1_25","publisher":"Springer Nature Switzerland","author":[{"first_name":"Roman","orcid":"0000-0001-9728-4991","full_name":"Trentinaglia, Roman","last_name":"Trentinaglia","id":"49934"},{"full_name":"Merschjohann, Sven","first_name":"Sven","id":"11394","last_name":"Merschjohann"},{"first_name":"Markus","orcid":"0000-0002-1269-0702","full_name":"Fockel, Markus","last_name":"Fockel","id":"8472"},{"id":"29279","last_name":"Eikerling","full_name":"Eikerling, Hendrik","first_name":"Hendrik"}],"department":[{"_id":"241"},{"_id":"662"}],"publication":"REFSQ 2023: Requirements Engineering: Foundation for Software Quality","status":"public","date_created":"2023-04-04T12:47:31Z","publication_identifier":{"isbn":["9783031297854","9783031297861"],"issn":["0302-9743","1611-3349"]},"publication_status":"published","place":"Cham","user_id":"8472","title":"Eliciting Security Requirements – An Experience Report"},{"citation":{"short":"G. Piskachev, M. Becker, E. Bodden, Empirical Software Engineering 28 (2023).","ieee":"G. Piskachev, M. Becker, and E. Bodden, “Can the configuration of static analyses make resolving security vulnerabilities more effective? - A user study,” Empirical Software Engineering, vol. 28, no. 5, Art. no. 118, 2023, doi: 10.1007/s10664-023-10354-3.","chicago":"Piskachev, Goran, Matthias Becker, and Eric Bodden. “Can the Configuration of Static Analyses Make Resolving Security Vulnerabilities More Effective? - A User Study.” Empirical Software Engineering 28, no. 5 (2023). https://doi.org/10.1007/s10664-023-10354-3.","ama":"Piskachev G, Becker M, Bodden E. Can the configuration of static analyses make resolving security vulnerabilities more effective? - A user study. Empirical Software Engineering. 2023;28(5). doi:10.1007/s10664-023-10354-3","apa":"Piskachev, G., Becker, M., & Bodden, E. (2023). Can the configuration of static analyses make resolving security vulnerabilities more effective? - A user study. Empirical Software Engineering, 28(5), Article 118. https://doi.org/10.1007/s10664-023-10354-3","mla":"Piskachev, Goran, et al. “Can the Configuration of Static Analyses Make Resolving Security Vulnerabilities More Effective? - A User Study.” Empirical Software Engineering, vol. 28, no. 5, 118, Springer Science and Business Media LLC, 2023, doi:10.1007/s10664-023-10354-3.","bibtex":"@article{Piskachev_Becker_Bodden_2023, title={Can the configuration of static analyses make resolving security vulnerabilities more effective? - A user study}, volume={28}, DOI={10.1007/s10664-023-10354-3}, number={5118}, journal={Empirical Software Engineering}, publisher={Springer Science and Business Media LLC}, author={Piskachev, Goran and Becker, Matthias and Bodden, Eric}, year={2023} }"},"type":"journal_article","year":"2023","_id":"49439","intvolume":" 28","article_number":"118","issue":"5","publisher":"Springer Science and Business Media LLC","author":[{"full_name":"Piskachev, Goran","orcid":"0000-0003-4424-5838","first_name":"Goran","id":"41936","last_name":"Piskachev"},{"id":"4870","last_name":"Becker","orcid":"https://orcid.org/0000-0003-2465-9347","full_name":"Becker, Matthias","first_name":"Matthias"},{"orcid":"0000-0003-3470-3647","full_name":"Bodden, Eric","first_name":"Eric","id":"59256","last_name":"Bodden"}],"keyword":["Software"],"publication":"Empirical Software Engineering","volume":28,"status":"public","date_created":"2023-12-04T11:14:34Z","abstract":[{"text":"AbstractThe use of static analysis security testing (SAST) tools has been increasing in recent years. However, previous studies have shown that, when shipped to end users such as development or security teams, the findings of these tools are often unsatisfying. Users report high numbers of false positives or long analysis times, making the tools unusable in the daily workflow. To address this, SAST tool creators provide a wide range of configuration options, such as customization of rules through domain-specific languages or specification of the application-specific analysis scope. In this paper, we study the configuration space of selected existing SAST tools when used within the integrated development environment (IDE). We focus on the configuration options that impact three dimensions, for which a trade-off is unavoidable, i.e., precision, recall, and analysis runtime. We perform a between-subjects user study with 40 users from multiple development and security teams - to our knowledge, the largest population for this kind of user study in the software engineering community. The results show that users who configure SAST tools are more effective in resolving security vulnerabilities detected by the tools than those using the default configuration. Based on post-study interviews, we identify common strategies that users have while configuring the SAST tools to provide further insights for tool creators. Finally, an evaluation of the configuration options of two commercial SAST tools, Fortify and CheckMarx, reveals that a quarter of the users do not understand the configuration options provided. The configuration options that are found most useful relate to the analysis scope.","lang":"eng"}],"user_id":"15249","language":[{"iso":"eng"}],"date_updated":"2023-12-04T11:29:49Z","doi":"10.1007/s10664-023-10354-3","department":[{"_id":"76"},{"_id":"662"}],"publication_identifier":{"issn":["1382-3256","1573-7616"]},"publication_status":"published","title":"Can the configuration of static analyses make resolving security vulnerabilities more effective? - A user study"},{"user_id":"49934","title":"Semi-automatic Integrated Safety and Security Analysis for Automotive Systems","publisher":"SCITEPRESS - Science and Technology Publications","author":[{"orcid":"0000-0002-1269-0702","full_name":"Fockel, Markus","first_name":"Markus","id":"8472","last_name":"Fockel"},{"last_name":"Schubert","id":"9106","first_name":"David","full_name":"Schubert, David"},{"first_name":"Roman","full_name":"Trentinaglia, Roman","orcid":"0000-0001-9728-4991","last_name":"Trentinaglia","id":"49934"},{"first_name":"Hannes","full_name":"Schulz, Hannes","last_name":"Schulz"},{"last_name":"Kirmair","full_name":"Kirmair, Wolfgang","first_name":"Wolfgang"}],"publication":"Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development","department":[{"_id":"241"},{"_id":"662"}],"status":"public","date_created":"2022-02-15T08:07:15Z","publication_status":"published","_id":"29847","date_updated":"2022-02-15T08:14:07Z","doi":"10.5220/0010778500003119","language":[{"iso":"eng"}],"type":"conference","year":"2022","citation":{"ieee":"M. Fockel, D. Schubert, R. Trentinaglia, H. Schulz, and W. Kirmair, “Semi-automatic Integrated Safety and Security Analysis for Automotive Systems,” 2022, doi: 10.5220/0010778500003119.","short":"M. Fockel, D. Schubert, R. Trentinaglia, H. Schulz, W. Kirmair, in: Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development, SCITEPRESS - Science and Technology Publications, 2022.","bibtex":"@inproceedings{Fockel_Schubert_Trentinaglia_Schulz_Kirmair_2022, title={Semi-automatic Integrated Safety and Security Analysis for Automotive Systems}, DOI={10.5220/0010778500003119}, booktitle={Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development}, publisher={SCITEPRESS - Science and Technology Publications}, author={Fockel, Markus and Schubert, David and Trentinaglia, Roman and Schulz, Hannes and Kirmair, Wolfgang}, year={2022} }","mla":"Fockel, Markus, et al. “Semi-Automatic Integrated Safety and Security Analysis for Automotive Systems.” Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development, SCITEPRESS - Science and Technology Publications, 2022, doi:10.5220/0010778500003119.","ama":"Fockel M, Schubert D, Trentinaglia R, Schulz H, Kirmair W. Semi-automatic Integrated Safety and Security Analysis for Automotive Systems. In: Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development. SCITEPRESS - Science and Technology Publications; 2022. doi:10.5220/0010778500003119","apa":"Fockel, M., Schubert, D., Trentinaglia, R., Schulz, H., & Kirmair, W. (2022). Semi-automatic Integrated Safety and Security Analysis for Automotive Systems. Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development. https://doi.org/10.5220/0010778500003119","chicago":"Fockel, Markus, David Schubert, Roman Trentinaglia, Hannes Schulz, and Wolfgang Kirmair. “Semi-Automatic Integrated Safety and Security Analysis for Automotive Systems.” In Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development. SCITEPRESS - Science and Technology Publications, 2022. https://doi.org/10.5220/0010778500003119."}},{"type":"conference","citation":{"short":"T. Koch, S. Trippel, S. Dziwok, E. Bodden, in: Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development, SCITEPRESS - Science and Technology Publications, 2022.","ieee":"T. Koch, S. Trippel, S. Dziwok, and E. Bodden, “Integrating Security Protocols in Scenario-based Requirements Specifications,” 2022, doi: 10.5220/0010783300003119.","chicago":"Koch, Thorsten, Sascha Trippel, Stefan Dziwok, and Eric Bodden. “Integrating Security Protocols in Scenario-Based Requirements Specifications.” In Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development. SCITEPRESS - Science and Technology Publications, 2022. https://doi.org/10.5220/0010783300003119.","apa":"Koch, T., Trippel, S., Dziwok, S., & Bodden, E. (2022). Integrating Security Protocols in Scenario-based Requirements Specifications. Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development. https://doi.org/10.5220/0010783300003119","ama":"Koch T, Trippel S, Dziwok S, Bodden E. Integrating Security Protocols in Scenario-based Requirements Specifications. In: Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development. SCITEPRESS - Science and Technology Publications; 2022. doi:10.5220/0010783300003119","bibtex":"@inproceedings{Koch_Trippel_Dziwok_Bodden_2022, title={Integrating Security Protocols in Scenario-based Requirements Specifications}, DOI={10.5220/0010783300003119}, booktitle={Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development}, publisher={SCITEPRESS - Science and Technology Publications}, author={Koch, Thorsten and Trippel, Sascha and Dziwok, Stefan and Bodden, Eric}, year={2022} }","mla":"Koch, Thorsten, et al. “Integrating Security Protocols in Scenario-Based Requirements Specifications.” Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development, SCITEPRESS - Science and Technology Publications, 2022, doi:10.5220/0010783300003119."},"year":"2022","language":[{"iso":"eng"}],"doi":"10.5220/0010783300003119","date_updated":"2022-02-15T07:48:53Z","_id":"29844","publication_status":"published","date_created":"2022-02-15T07:47:51Z","status":"public","department":[{"_id":"241"},{"_id":"662"}],"publication":"Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development","author":[{"last_name":"Koch","id":"13616","first_name":"Thorsten","full_name":"Koch, Thorsten"},{"full_name":"Trippel, Sascha","first_name":"Sascha","last_name":"Trippel"},{"full_name":"Dziwok, Stefan","orcid":"http://orcid.org/0000-0002-8679-6673","first_name":"Stefan","id":"3901","last_name":"Dziwok"},{"first_name":"Eric","orcid":"0000-0003-3470-3647","full_name":"Bodden, Eric","last_name":"Bodden","id":"59256"}],"publisher":"SCITEPRESS - Science and Technology Publications","title":"Integrating Security Protocols in Scenario-based Requirements Specifications","user_id":"13616"},{"user_id":"49934","title":"Deriving model-based safety and security assurance cases from design rationale of countermeasure patterns","date_created":"2022-12-09T08:50:22Z","status":"public","publication_status":"published","department":[{"_id":"241"},{"_id":"662"}],"publication":"Proceedings of the 25th International Conference on Model Driven Engineering Languages and Systems: Companion Proceedings","publisher":"ACM","author":[{"full_name":"Trentinaglia, Roman","first_name":"Roman","last_name":"Trentinaglia"}],"doi":"10.1145/3550356.3558508","date_updated":"2022-12-09T08:51:54Z","_id":"34298","year":"2022","type":"conference","citation":{"ieee":"R. Trentinaglia, “Deriving model-based safety and security assurance cases from design rationale of countermeasure patterns,” 2022, doi: 10.1145/3550356.3558508.","short":"R. Trentinaglia, in: Proceedings of the 25th International Conference on Model Driven Engineering Languages and Systems: Companion Proceedings, ACM, 2022.","mla":"Trentinaglia, Roman. “Deriving Model-Based Safety and Security Assurance Cases from Design Rationale of Countermeasure Patterns.” Proceedings of the 25th International Conference on Model Driven Engineering Languages and Systems: Companion Proceedings, ACM, 2022, doi:10.1145/3550356.3558508.","bibtex":"@inproceedings{Trentinaglia_2022, title={Deriving model-based safety and security assurance cases from design rationale of countermeasure patterns}, DOI={10.1145/3550356.3558508}, booktitle={Proceedings of the 25th International Conference on Model Driven Engineering Languages and Systems: Companion Proceedings}, publisher={ACM}, author={Trentinaglia, Roman}, year={2022} }","chicago":"Trentinaglia, Roman. “Deriving Model-Based Safety and Security Assurance Cases from Design Rationale of Countermeasure Patterns.” In Proceedings of the 25th International Conference on Model Driven Engineering Languages and Systems: Companion Proceedings. ACM, 2022. https://doi.org/10.1145/3550356.3558508.","apa":"Trentinaglia, R. (2022). Deriving model-based safety and security assurance cases from design rationale of countermeasure patterns. Proceedings of the 25th International Conference on Model Driven Engineering Languages and Systems: Companion Proceedings. https://doi.org/10.1145/3550356.3558508","ama":"Trentinaglia R. Deriving model-based safety and security assurance cases from design rationale of countermeasure patterns. In: Proceedings of the 25th International Conference on Model Driven Engineering Languages and Systems: Companion Proceedings. ACM; 2022. doi:10.1145/3550356.3558508"}},{"date_updated":"2022-05-05T14:09:41Z","_id":"31071","doi":"10.1007/s10270-022-01002-3","language":[{"iso":"eng"}],"type":"journal_article","citation":{"apa":"Holtmann, J., Deantoni, J., & Fockel, M. (2022). Early timing analysis based on scenario requirements and platform models. Software and Systems Modeling. https://doi.org/10.1007/s10270-022-01002-3","ama":"Holtmann J, Deantoni J, Fockel M. Early timing analysis based on scenario requirements and platform models. Software and Systems Modeling. Published online 2022. doi:10.1007/s10270-022-01002-3","chicago":"Holtmann, Jörg, Julien Deantoni, and Markus Fockel. “Early Timing Analysis Based on Scenario Requirements and Platform Models.” Software and Systems Modeling, 2022. https://doi.org/10.1007/s10270-022-01002-3.","mla":"Holtmann, Jörg, et al. “Early Timing Analysis Based on Scenario Requirements and Platform Models.” Software and Systems Modeling, Springer Science and Business Media LLC, 2022, doi:10.1007/s10270-022-01002-3.","bibtex":"@article{Holtmann_Deantoni_Fockel_2022, title={Early timing analysis based on scenario requirements and platform models}, DOI={10.1007/s10270-022-01002-3}, journal={Software and Systems Modeling}, publisher={Springer Science and Business Media LLC}, author={Holtmann, Jörg and Deantoni, Julien and Fockel, Markus}, year={2022} }","short":"J. Holtmann, J. Deantoni, M. Fockel, Software and Systems Modeling (2022).","ieee":"J. Holtmann, J. Deantoni, and M. Fockel, “Early timing analysis based on scenario requirements and platform models,” Software and Systems Modeling, 2022, doi: 10.1007/s10270-022-01002-3."},"year":"2022","abstract":[{"text":"Distributed, software-intensive systems (e.g., in the automotive sector) must fulfill communication requirements under hard real-time constraints. The requirements have to be documented and validated carefully using a systematic requirements engineering (RE) approach, for example, by applying scenario-based requirements notations. The resources of the execution platforms and their properties (e.g., CPU frequency or bus throughput) induce effects on the timing behavior, which may lead to violations of the real-time requirements. Nowadays, the platform properties and their induced timing effects are verified against the real-time requirements by means of timing analysis techniques mostly implemented in commercial-off-the-shelf tools. However, such timing analyses are conducted in late development phases since they rely on artifacts produced during these phases (e.g., the platform-specific code). In order to enable early timing analyses already during RE, we extend a scenario-based requirements notation with allocation means to platform models and define operational semantics for the purpose of simulation-based, platform-aware timing analyses. We illustrate and evaluate the approach with an automotive software-intensive system.","lang":"eng"}],"user_id":"8472","title":"Early timing analysis based on scenario requirements and platform models","department":[{"_id":"241"},{"_id":"662"}],"keyword":["Modeling and Simulation","Software"],"publication":"Software and Systems Modeling","publisher":"Springer Science and Business Media LLC","author":[{"first_name":"Jörg","full_name":"Holtmann, Jörg","orcid":"0000-0001-6141-4571","last_name":"Holtmann","id":"3875"},{"last_name":"Deantoni","full_name":"Deantoni, Julien","first_name":"Julien"},{"last_name":"Fockel","id":"8472","first_name":"Markus","orcid":"0000-0002-1269-0702","full_name":"Fockel, Markus"}],"date_created":"2022-05-05T14:05:32Z","status":"public","publication_identifier":{"issn":["1619-1366","1619-1374"]},"publication_status":"published"},{"title":"Fluently specifying taint-flow queries with fluentTQL","user_id":"15249","publication":"Empirical Software Engineering","department":[{"_id":"76"},{"_id":"662"}],"publisher":"Springer","author":[{"last_name":"Piskachev","id":"41936","first_name":"Goran","full_name":"Piskachev, Goran","orcid":"0000-0003-4424-5838"},{"first_name":"Johannes","full_name":"Späth, Johannes","last_name":"Späth"},{"id":"13693","last_name":"Budde","full_name":"Budde, Ingo","orcid":"https://orcid.org/0000-0003-0124-6291","first_name":"Ingo"},{"orcid":"0000-0003-3470-3647","full_name":"Bodden, Eric","first_name":"Eric","id":"59256","last_name":"Bodden"}],"volume":27,"date_created":"2022-10-20T12:34:04Z","status":"public","intvolume":" 27","_id":"33836","date_updated":"2022-10-20T12:36:23Z","issue":"5","page":"1–33","type":"journal_article","citation":{"ieee":"G. Piskachev, J. Späth, I. Budde, and E. Bodden, “Fluently specifying taint-flow queries with fluentTQL,” Empirical Software Engineering, vol. 27, no. 5, pp. 1–33, 2022.","short":"G. Piskachev, J. Späth, I. Budde, E. Bodden, Empirical Software Engineering 27 (2022) 1–33.","bibtex":"@article{Piskachev_Späth_Budde_Bodden_2022, title={Fluently specifying taint-flow queries with fluentTQL}, volume={27}, number={5}, journal={Empirical Software Engineering}, publisher={Springer}, author={Piskachev, Goran and Späth, Johannes and Budde, Ingo and Bodden, Eric}, year={2022}, pages={1–33} }","mla":"Piskachev, Goran, et al. “Fluently Specifying Taint-Flow Queries with FluentTQL.” Empirical Software Engineering, vol. 27, no. 5, Springer, 2022, pp. 1–33.","chicago":"Piskachev, Goran, Johannes Späth, Ingo Budde, and Eric Bodden. “Fluently Specifying Taint-Flow Queries with FluentTQL.” Empirical Software Engineering 27, no. 5 (2022): 1–33.","apa":"Piskachev, G., Späth, J., Budde, I., & Bodden, E. (2022). Fluently specifying taint-flow queries with fluentTQL. Empirical Software Engineering, 27(5), 1–33.","ama":"Piskachev G, Späth J, Budde I, Bodden E. Fluently specifying taint-flow queries with fluentTQL. Empirical Software Engineering. 2022;27(5):1–33."},"year":"2022","language":[{"iso":"eng"}]},{"user_id":"15249","title":"To what extent can we analyze Kotlin programs using existing Java taint analysis tools?","status":"public","date_created":"2022-10-20T12:38:09Z","author":[{"last_name":"Krishnamurthy","id":"78060","first_name":"Ranjith","orcid":"0000-0002-0906-5463","full_name":"Krishnamurthy, Ranjith"},{"last_name":"Piskachev","id":"41936","first_name":"Goran","orcid":"0000-0003-4424-5838","full_name":"Piskachev, Goran"},{"last_name":"Bodden","id":"59256","first_name":"Eric","full_name":"Bodden, Eric","orcid":"0000-0003-3470-3647"}],"department":[{"_id":"76"},{"_id":"662"}],"_id":"33838","date_updated":"2022-10-20T12:38:32Z","language":[{"iso":"eng"}],"type":"conference","citation":{"chicago":"Krishnamurthy, Ranjith, Goran Piskachev, and Eric Bodden. “To What Extent Can We Analyze Kotlin Programs Using Existing Java Taint Analysis Tools?” IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM), 2022.","ama":"Krishnamurthy R, Piskachev G, Bodden E. To what extent can we analyze Kotlin programs using existing Java taint analysis tools? Published online 2022.","apa":"Krishnamurthy, R., Piskachev, G., & Bodden, E. (2022). To what extent can we analyze Kotlin programs using existing Java taint analysis tools?","bibtex":"@article{Krishnamurthy_Piskachev_Bodden_2022, series={IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM)}, title={To what extent can we analyze Kotlin programs using existing Java taint analysis tools?}, author={Krishnamurthy, Ranjith and Piskachev, Goran and Bodden, Eric}, year={2022}, collection={IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM)} }","mla":"Krishnamurthy, Ranjith, et al. To What Extent Can We Analyze Kotlin Programs Using Existing Java Taint Analysis Tools? 2022.","short":"R. Krishnamurthy, G. Piskachev, E. Bodden, (2022).","ieee":"R. Krishnamurthy, G. Piskachev, and E. Bodden, “To what extent can we analyze Kotlin programs using existing Java taint analysis tools?” 2022."},"year":"2022","series_title":"IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM)"},{"language":[{"iso":"eng"}],"type":"conference","citation":{"ieee":"G. Piskachev, S. Dziwok, T. Koch, S. Merschjohann, and E. Bodden, “How far are German companies in improving security through static program analysis tools?” 2022.","short":"G. Piskachev, S. Dziwok, T. Koch, S. Merschjohann, E. Bodden, (2022).","bibtex":"@article{Piskachev_Dziwok_Koch_Merschjohann_Bodden_2022, series={IEEE Secure Development Conference (SecDev)}, title={How far are German companies in improving security through static program analysis tools?}, author={Piskachev, Goran and Dziwok, Stefan and Koch, Thorsten and Merschjohann, Sven and Bodden, Eric}, year={2022}, collection={IEEE Secure Development Conference (SecDev)} }","mla":"Piskachev, Goran, et al. How Far Are German Companies in Improving Security through Static Program Analysis Tools? 2022.","ama":"Piskachev G, Dziwok S, Koch T, Merschjohann S, Bodden E. How far are German companies in improving security through static program analysis tools? Published online 2022.","apa":"Piskachev, G., Dziwok, S., Koch, T., Merschjohann, S., & Bodden, E. (2022). How far are German companies in improving security through static program analysis tools?","chicago":"Piskachev, Goran, Stefan Dziwok, Thorsten Koch, Sven Merschjohann, and Eric Bodden. “How Far Are German Companies in Improving Security through Static Program Analysis Tools?” IEEE Secure Development Conference (SecDev), 2022."},"year":"2022","series_title":"IEEE Secure Development Conference (SecDev)","_id":"33837","date_updated":"2022-10-20T12:37:44Z","status":"public","date_created":"2022-10-20T12:37:14Z","author":[{"orcid":"0000-0003-4424-5838","full_name":"Piskachev, Goran","first_name":"Goran","id":"41936","last_name":"Piskachev"},{"last_name":"Dziwok","id":"3901","first_name":"Stefan","orcid":"http://orcid.org/0000-0002-8679-6673","full_name":"Dziwok, Stefan"},{"last_name":"Koch","id":"13616","first_name":"Thorsten","full_name":"Koch, Thorsten"},{"last_name":"Merschjohann","id":"11394","first_name":"Sven","full_name":"Merschjohann, Sven"},{"first_name":"Eric","full_name":"Bodden, Eric","orcid":"0000-0003-3470-3647","last_name":"Bodden","id":"59256"}],"department":[{"_id":"76"},{"_id":"662"}],"user_id":"15249","title":"How far are German companies in improving security through static program analysis tools?"}]