English

Position: How Regulation Will Change Software Security Research

Software Engineering 2024-06-07 v1

Abstract

Software security has been an important research topic over the years. The community has proposed processes and tools for secure software development and security analysis. However, a significant number of vulnerabilities remains in real-world software-driven systems and products. To alleviate this problem, legislation is being established to oblige manufacturers, for example, to comply with essential security requirements and to establish appropriate development practices. We argue that software engineering research needs to provide better tools and support that helps industry comply with the new standards while retaining effcient processes. We argue for a stronger cooperation between legal scholars and computer scientists, and for bridging the gap between higher-level regulation and code-level engineering.

Keywords

Cite

@article{arxiv.2406.04152,
  title  = {Position: How Regulation Will Change Software Security Research},
  author = {Steven Arzt and Linda Schreiber and Dominik Appelt},
  journal= {arXiv preprint arXiv:2406.04152},
  year   = {2024}
}

Comments

5 pages, submitted to SE2023 workshop at FSE 2024

R2 v1 2026-06-28T16:56:00.917Z