{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2016:6DIDAW655VFI32LMWWI4P4KAOM","short_pith_number":"pith:6DIDAW65","canonical_record":{"source":{"id":"1611.07067","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2016-11-21T21:28:21Z","cross_cats_sorted":["cs.CR"],"title_canon_sha256":"0fb14ddf4e0c4ca50b4945d708aabca9b170dbc41e575b446f8d12e8eed577dc","abstract_canon_sha256":"db597628b284c643c7319fab99c687164dcdaf116288c99d548459fd7366611c"},"schema_version":"1.0"},"canonical_sha256":"f0d0305bdded4a8de96cb591c7f14073166f7acbd740b0ac36247adf544ef3ea","source":{"kind":"arxiv","id":"1611.07067","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1611.07067","created_at":"2026-05-18T00:56:44Z"},{"alias_kind":"arxiv_version","alias_value":"1611.07067v1","created_at":"2026-05-18T00:56:44Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1611.07067","created_at":"2026-05-18T00:56:44Z"},{"alias_kind":"pith_short_12","alias_value":"6DIDAW655VFI","created_at":"2026-05-18T12:30:01Z"},{"alias_kind":"pith_short_16","alias_value":"6DIDAW655VFI32LM","created_at":"2026-05-18T12:30:01Z"},{"alias_kind":"pith_short_8","alias_value":"6DIDAW65","created_at":"2026-05-18T12:30:01Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2016:6DIDAW655VFI32LMWWI4P4KAOM","target":"record","payload":{"canonical_record":{"source":{"id":"1611.07067","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2016-11-21T21:28:21Z","cross_cats_sorted":["cs.CR"],"title_canon_sha256":"0fb14ddf4e0c4ca50b4945d708aabca9b170dbc41e575b446f8d12e8eed577dc","abstract_canon_sha256":"db597628b284c643c7319fab99c687164dcdaf116288c99d548459fd7366611c"},"schema_version":"1.0"},"canonical_sha256":"f0d0305bdded4a8de96cb591c7f14073166f7acbd740b0ac36247adf544ef3ea","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:56:44.903537Z","signature_b64":"XASgrKfVvIf2BzoQt62TuNhlo/dbWneF+4ymfu+TgUmfBOnp9KhI0Sl7oNN/Ne862vrC5axisQlXmdwBWSyoBQ==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"f0d0305bdded4a8de96cb591c7f14073166f7acbd740b0ac36247adf544ef3ea","last_reissued_at":"2026-05-18T00:56:44.903055Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:56:44.903055Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1611.07067","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:56:44Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"lAc1ikEQDY2nqQGlL3QIx/ZDz5OQAOKb1GUeb/0b6GwU5JybxMtze+dPBD5pvOnMy1B7ZgUaM82MXGKa/hWMAQ==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-01T23:01:52.582495Z"},"content_sha256":"b793a65c97e38e1871738b009cf361bf6dd04bce619eb7548e9d459aa1f1f6f2","schema_version":"1.0","event_id":"sha256:b793a65c97e38e1871738b009cf361bf6dd04bce619eb7548e9d459aa1f1f6f2"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2016:6DIDAW655VFI32LMWWI4P4KAOM","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"The Use of Application Scanners in Software Product Quality Assessment","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":["cs.CR"],"primary_cat":"cs.SE","authors_text":"Stefan Wagner","submitted_at":"2016-11-21T21:28:21Z","abstract_excerpt":"Software development needs continuous quality control for a timely detection and removal of quality problems. This includes frequent quality assessments, which need to be automated as far as possible to be feasible. One way of automation in assessing the security of software are application scanners that test an executing software for vulnerabilities. At present, common quality assessments do not integrate such scanners for giving an overall quality statement. This paper presents an integration of application scanners into a general quality assessment method based on explicit quality models an"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1611.07067","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:56:44Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"tJuXOb6qlyt7bomF58UCyoIN8xRZEa8hGetXiPnIMDgMfH7HL7e4WaBYLMqwNYcXvaO7x3bFew3wWDB/m+sHDw==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-01T23:01:52.582848Z"},"content_sha256":"63d737a6b3bee1bfd4950d7a108e36a1430f82ba76f7d3596bfc2cb0144edfa9","schema_version":"1.0","event_id":"sha256:63d737a6b3bee1bfd4950d7a108e36a1430f82ba76f7d3596bfc2cb0144edfa9"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/6DIDAW655VFI32LMWWI4P4KAOM/bundle.json","state_url":"https://pith.science/pith/6DIDAW655VFI32LMWWI4P4KAOM/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/6DIDAW655VFI32LMWWI4P4KAOM/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-06-01T23:01:52Z","links":{"resolver":"https://pith.science/pith/6DIDAW655VFI32LMWWI4P4KAOM","bundle":"https://pith.science/pith/6DIDAW655VFI32LMWWI4P4KAOM/bundle.json","state":"https://pith.science/pith/6DIDAW655VFI32LMWWI4P4KAOM/state.json","well_known_bundle":"https://pith.science/.well-known/pith/6DIDAW655VFI32LMWWI4P4KAOM/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2016:6DIDAW655VFI32LMWWI4P4KAOM","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"db597628b284c643c7319fab99c687164dcdaf116288c99d548459fd7366611c","cross_cats_sorted":["cs.CR"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2016-11-21T21:28:21Z","title_canon_sha256":"0fb14ddf4e0c4ca50b4945d708aabca9b170dbc41e575b446f8d12e8eed577dc"},"schema_version":"1.0","source":{"id":"1611.07067","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1611.07067","created_at":"2026-05-18T00:56:44Z"},{"alias_kind":"arxiv_version","alias_value":"1611.07067v1","created_at":"2026-05-18T00:56:44Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1611.07067","created_at":"2026-05-18T00:56:44Z"},{"alias_kind":"pith_short_12","alias_value":"6DIDAW655VFI","created_at":"2026-05-18T12:30:01Z"},{"alias_kind":"pith_short_16","alias_value":"6DIDAW655VFI32LM","created_at":"2026-05-18T12:30:01Z"},{"alias_kind":"pith_short_8","alias_value":"6DIDAW65","created_at":"2026-05-18T12:30:01Z"}],"graph_snapshots":[{"event_id":"sha256:63d737a6b3bee1bfd4950d7a108e36a1430f82ba76f7d3596bfc2cb0144edfa9","target":"graph","created_at":"2026-05-18T00:56:44Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Software development needs continuous quality control for a timely detection and removal of quality problems. This includes frequent quality assessments, which need to be automated as far as possible to be feasible. One way of automation in assessing the security of software are application scanners that test an executing software for vulnerabilities. At present, common quality assessments do not integrate such scanners for giving an overall quality statement. This paper presents an integration of application scanners into a general quality assessment method based on explicit quality models an","authors_text":"Stefan Wagner","cross_cats":["cs.CR"],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2016-11-21T21:28:21Z","title":"The Use of Application Scanners in Software Product Quality Assessment"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1611.07067","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:b793a65c97e38e1871738b009cf361bf6dd04bce619eb7548e9d459aa1f1f6f2","target":"record","created_at":"2026-05-18T00:56:44Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"db597628b284c643c7319fab99c687164dcdaf116288c99d548459fd7366611c","cross_cats_sorted":["cs.CR"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2016-11-21T21:28:21Z","title_canon_sha256":"0fb14ddf4e0c4ca50b4945d708aabca9b170dbc41e575b446f8d12e8eed577dc"},"schema_version":"1.0","source":{"id":"1611.07067","kind":"arxiv","version":1}},"canonical_sha256":"f0d0305bdded4a8de96cb591c7f14073166f7acbd740b0ac36247adf544ef3ea","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"f0d0305bdded4a8de96cb591c7f14073166f7acbd740b0ac36247adf544ef3ea","first_computed_at":"2026-05-18T00:56:44.903055Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T00:56:44.903055Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"XASgrKfVvIf2BzoQt62TuNhlo/dbWneF+4ymfu+TgUmfBOnp9KhI0Sl7oNN/Ne862vrC5axisQlXmdwBWSyoBQ==","signature_status":"signed_v1","signed_at":"2026-05-18T00:56:44.903537Z","signed_message":"canonical_sha256_bytes"},"source_id":"1611.07067","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:b793a65c97e38e1871738b009cf361bf6dd04bce619eb7548e9d459aa1f1f6f2","sha256:63d737a6b3bee1bfd4950d7a108e36a1430f82ba76f7d3596bfc2cb0144edfa9"],"state_sha256":"9406894a9e92919d97c292db0736cd6c61ae6c2e8d500ef67441c5e440446dbb"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"ItvGVBYDctDCIbbOBzuZxJZxC1YfHKZXLHC1A7OcTWWGB1sjDDmXX0lTbHOr+SmNEkTFpH0WwMaHHSQ4tKA3Bw==","signed_message":"bundle_sha256_bytes","signed_at":"2026-06-01T23:01:52.585013Z","bundle_sha256":"804336aaf45be860407261ece0ec36f27ec28957520e9b6ad0e793bedc54ef40"}}