English
Related papers

Related papers: Impact assessment for vulnerabilities in open-sour…

200 papers

In this paper, we study how object-oriented classes are used across thousands of software packages. We concentrate on "usage diversity'", defined as the different statically observable combinations of methods called on the same object. We…

Software Engineering · Computer Science 2018-07-06 Diego Mendez , Benoit Baudry , Martin Monperrus

The thesis advances the field of software security by providing knowledge and automation support for software vulnerability assessment using data-driven approaches. Software vulnerability assessment provides important and multifaceted…

Software Engineering · Computer Science 2023-06-21 Triet H. M. Le

Automated tests play an important role in software evolution because they can rapidly detect faults introduced during changes. In practice, code-coverage metrics are often used as criteria to evaluate the effectiveness of test suites with…

Software Engineering · Computer Science 2016-11-23 Rainer Niedermayr , Elmar Juergens , Stefan Wagner

Open Source Software (OSS) often relies on large repositories, like SourceForge, for initial incubation. The OSS repositories offer a large variety of meta-data providing interesting information about projects and their success. In this…

Software Engineering · Computer Science 2009-05-01 George Tsatsaronis , Maria Halkidi , Emmanouel A. Giakoumakis

With the increasing usage of open-source software (OSS) components, vulnerabilities embedded within them are propagated to a huge number of underlying applications. In practice, the timely application of security patches in downstream…

Cryptography and Security · Computer Science 2023-01-09 Xinda Wang , Shu Wang , Pengbin Feng , Kun Sun , Sushil Jajodia , Sanae Benchaaboun , Frank Geck

Developing automated and smart software vulnerability detection models has been receiving great attention from both research and development communities. One of the biggest challenges in this area is the lack of code samples for all…

Software Engineering · Computer Science 2023-03-14 Khadija Hanifi , Ramin F Fouladi , Basak Gencer Unsalver , Goksu Karadag

Software intensively depends on external libraries whose relevance may change during its life cycle. As a consequence, software developers must periodically reconsider the libraries they depend on, and must think about \textit{library…

Software Engineering · Computer Science 2013-06-27 Cédric Teyton , Jean-Rémy Falleri , Marc Palyart , Xavier Blanc

In spite of the growing importance of software security and the industry demand for more cyber security expertise in the workforce, the effect of security education and experience on the ability to assess complex software security problems…

Computers and Society · Computer Science 2018-08-21 Luca Allodi , Marco Cremonini , Fabio Massacci , Woohyun Shim

Many tools and libraries are readily available to build and operate distributed Web applications. While the setup of operational environments is comparatively easy, practice shows that their continuous secure operation is more difficult to…

Cryptography and Security · Computer Science 2012-07-13 Matteo Maria Casalino , Michele Mangili , Henrik Plate , Serena Elisa Ponta

Accurately assessing software vulnerabilities is essential for effective prioritization and remediation. While various scoring systems exist to support this task, their differing goals, methodologies and outputs often lead to inconsistent…

Cryptography and Security · Computer Science 2025-08-20 Viktoria Koscinski , Mark Nelson , Ahmet Okutan , Robert Falso , Mehdi Mirakhorli

The sustainability of open source software (OSS) projects hinges on contributor retention. Interpersonal challenges can inhibit a feeling of welcomeness among contributors, particularly from underrepresented groups, which impacts their…

Software Engineering · Computer Science 2024-11-05 Bianca Trinkenreich , Zixuan Feng , Rudrajit Choudhuri , Marco Gerosa , Anita Sarma , Igor Steinmacher

Reusing software libraries is a pillar of modern software engineering. In 2022, the average Java application depends on 40 third-party libraries. Relying on such libraries exposes a project to potential vulnerabilities and may put an…

Software Engineering · Computer Science 2023-01-20 Amir M. Mir , Mehdi Keshani , Sebastian Proksch

One single code change can significantly influence a wide range of software systems and their users. For example, 1) adding a new feature can spread defects in several modules, while 2) changing an API method can improve the performance of…

Software Engineering · Computer Science 2016-06-13 Daoyuan Li , Li Li , Dongsun Kim , Tegawendé F. Bissyandé , David Lo , Yves Le Traon

Software has the potential to be a key driver in fostering sustainability. Despite this potential, it is not clear if and how the software industry integrates consideration of sustainability into its common software development processes.…

Software Engineering · Computer Science 2024-07-25 Shola Oyedeji , Ruzanna Chitchyan , Mikhail Ola Adisa , Hatef Shamshiri

The rapid and widespread adoption of Java has created a demand for reliable and reusable mathematical software components to support the growing number of compute-intensive applications now under development, particularly in science and…

Mathematical Software · Computer Science 2007-05-23 Ronald F. Boisvert , Jack J. Dongarra , Roldan Pozo , Karin Remington , G. W. Stewart

Computational research and data analytics increasingly relies on complex ecosystems of open source software (OSS) "libraries" -- curated collections of reusable code that programmers import to perform a specific task. Software documentation…

Computers and Society · Computer Science 2018-06-01 R. Stuart Geiger , Nelle Varoquaux , Charlotte Mazel-Cabasse , Chris Holdgraf

With one of the largest available collection of reusable packages, the JavaScript runtime environment Node.js is one of the most popular programming application. With recent work showing evidence that known vulnerabilities are prevalent in…

Most frameworks for assessing the openness of AI systems use narrow criteria such as availability of data, model, code, documentation, and licensing terms. However, to evaluate whether the intended effects of openness - such as…

Computers and Society · Computer Science 2025-10-14 Tamara Paris , Shalaleh Rismani

Identifying which software versions are affected by a vulnerability is critical for patching, risk mitigation. Despite a growing body of tools, their real-world effectiveness remains unclear due to narrow evaluation scopes often limited to…

Software Engineering · Computer Science 2025-09-10 Xingchu Chen , Chengwei Liu , Jialun Cao , Yang Xiao , Xinyue Cai , Yeting Li , Jingyi Shi , Tianqi Sun , Haiming Chen ang Wei Huo

Motivation: Code understandability is crucial in software development, as developers spend 58% to 70% of their time reading source code. Improving it can improve productivity and reduce maintenance costs. Problem: Experimental studies often…

Software Engineering · Computer Science 2024-11-13 Delano Oliveira , Reydne Santos , Benedito de Oliveira , Martin Monperrus , Fernando Castor , Fernanda Madeiral