English
Related papers

Related papers: SAIC: Identifying Configuration Files for System C…

200 papers

Bug tracking systems store many bug reports, some of which are related to security. Identifying those security bug reports (SBRs) may help us predict some security-related bugs and solve security issues promptly so that the project can…

Cryptography and Security · Computer Science 2024-01-23 Y. Liao , T. Zhang

The availability of debug information for optimized executables can largely ease crucial tasks such as crash analysis. Source-level debuggers use this information to display program state in terms of source code, allowing users to reason on…

Programming Languages · Computer Science 2022-11-18 Cristian Assaiante , Daniele Cono D'Elia , Giuseppe Antonio Di Luna , Leonardo Querzoni

Continuous Integration and Continuous Delivery (CI/CD) is a well-established practice that automatically builds, tests, packages, and deploys software systems. To adopt CI/CD, software developers need to configure their projects using…

Software Engineering · Computer Science 2025-05-20 Taher A. Ghaleb , Osamah Abduljalil , Safwat Hassan

Software defects are a major threat to the reliability of computer systems. The literature shows that more than 30% of bug reports submitted in large software projects are misclassified (i.e., are feature requests, or mistakes made by the…

Software Engineering · Computer Science 2025-03-04 Renato Andrade , César Teixeira , Nuno Laranjeiro , Marco Vieira

Software bugs significantly contribute to software cost and increase the risk of system malfunctioning. In recent years, many automated program-repair approaches have been proposed to automatically fix undesired program behavior. Despite of…

Software Engineering · Computer Science 2021-07-19 Dirk Beyer , Lars Grunske , Thomas Lemberger , Minxing Tang

Over the past three decades, considerable effort has been devoted to the study of software architecture. A major portion of this effort has focused on the originally proposed view of four "C"s---components, connectors, configurations, and…

Software Engineering · Computer Science 2017-04-18 Arman Shahbazian , Youn Kyu Lee , Duc Le , Nenad Medvidovic

A crucial activity in software maintenance and evolution is the comprehension of the changes performed by developers, when they submit a pull request and/or perform a commit on the repository. Typically, code changes are represented in the…

Software Engineering · Computer Science 2025-02-26 Lei Chen , Michele Lanza , Shinpei Hayashi

Context: Conflicts between software requirements bring uncertainties to product development. Some great approaches have been proposed to identify these conflicts. However, they usually require the software requirements represented with…

Software Engineering · Computer Science 2021-03-04 Weize Guo , Li Zhang , Xiaoli Lian

Software repositories such as Git have become a relevant source of information for software engineer researcher. For instance, the detection of Commits that fulfill a given criterion (e.g., bugfixing commits) is one of the most frequent…

Software Engineering · Computer Science 2019-06-11 Matias Martinez , Martin Monperrus

Security misconfigurations in Container Orchestrators (COs) can pose serious threats to software systems. While Static Analysis Tools (SATs) can effectively detect these security vulnerabilities, the industry currently lacks automated…

Software Engineering · Computer Science 2025-02-05 Ziyang Ye , Triet Huynh Minh Le , M. Ali Babar

Insecure default values in software settings can be exploited by attackers to compromise the system that runs the software. As a countermeasure, there exist security-configuration guides specifying in detail which values are secure.…

Software Engineering · Computer Science 2023-08-03 Patrick Stöckle , Michael Sammereier , Bernd Grobauer , Alexander Pretschner

Statistical fault localization is an easily deployed technique for quickly determining candidates for faulty code locations. If a human programmer has to search the fault beyond the top candidate locations, though, more traditional…

Software Engineering · Computer Science 2021-01-11 Ezekiel Soremekun , Lukas Kirschner , Marcel Böhme , Andreas Zeller

Background. Developers use Automated Static Analysis Tools (ASATs) to control for potential quality issues in source code, including defects and technical debt. Tool vendors have devised quite a number of tools, which makes it harder for…

Software Engineering · Computer Science 2021-01-25 Valentina Lenarduzzi , Savanna Lujan , Nyyti Saarimaki , Fabio Palomba

Software composition analysis (SCA) denotes the process of identifying open-source software components in an input software application. SCA has been extensively developed and adopted by academia and industry. However, we notice that the…

Software Engineering · Computer Science 2024-12-03 Huaijin Wang , Zhibo Liu , Yanbo Dai , Shuai Wang , Qiyi Tang , Sen Nie , Shi Wu

Developers use logging statements to track software runtime behaviors and system status. Yet, unclear or misleading logs can hide true execution patterns and hinder software maintenance. Current research on logging statement issues is…

Software Engineering · Computer Science 2025-04-23 Renyi Zhong , Yichen Li , Jinxi Kuang , Wenwei Gu , Yintong Huo , Michael R. Lyu

A critical part of creating code suggestion systems is the pre-training of Large Language Models on vast amounts of source code and natural language text, often of questionable origin or quality. This may contribute to the presence of bugs…

Software Engineering · Computer Science 2025-06-23 Mahmoud Jahanshahi , Audris Mockus

The article proposes a model for the configuration management of open systems. The model aims at validation of configurations against given specifications. An extension of decision graphs is proposed to express specifications. The proposed…

Software Engineering · Computer Science 2010-11-25 Roberto Barbuti , Giovanni A. Cignoni , Paolo Milazzo

Diagnostic data such as logs and memory dumps from production systems are often shared with development teams to do root cause analysis of system crashes. Invariably such diagnostic data contains sensitive information and sharing it can…

Cryptography and Security · Computer Science 2021-09-09 Akshar Kaul , Manish Kesarwani , Hong Min , Qi Zhang

[Context] The use of defect prediction models, such as classifiers, can support testing resource allocations by using data of the previous releases of the same project for predicting which software components are likely to be defective. A…

Software Engineering · Computer Science 2020-08-03 Davide Falessi , Jacky Huang , Likhita Narayana , Jennifer Fong Thai , Burak Turhan

Safety-critical system's failure or malfunction can cause loss of human lives or damage to the physical environment; therefore, continuous safety assessment is crucial for such systems. In many domains this includes the use of Safety…

Software Engineering · Computer Science 2023-07-17 Ankit Agrawal , Jane Cleland-Huang