Identifying the implied: Findings from three differentiated replications on the use of security requirements templates.