English
Related papers

Related papers: Finding Security Threats That Matter: An Industria…

200 papers

Secure software engineering is a fundamental activity in modern software development. However, while the field of security research has been advancing quite fast, in practice, there is still a vast knowledge gap between the security experts…

Software Engineering · Computer Science 2021-04-09 Vivek Arora , Enrique Larios Vargas , Maurício Aniche , Arie van Deursen

In order to optimize the usage of testing efforts and to assess risks of software-based systems, risk-based testing uses risk (re-)assessments to steer all phases in a test process. Several risk-based testing approaches have been proposed…

Software Engineering · Computer Science 2018-01-23 Michael Felderer , Juergen Grossmann , Ina Schieferdecker

Machine learning (ML) components are increasingly integrated into software products, yet their complexity and inherent uncertainty often lead to unintended and hazardous consequences, both for individuals and society at large. Despite these…

Software Engineering · Computer Science 2025-09-15 Yining Hong , Christopher S. Timperley , Christian Kästner

Although agile software development methods have caught the attention of software engineers and researchers worldwide, scientific research still remains quite scarce. The aim of this study is to order and make sense of the different agile…

Software Engineering · Computer Science 2019-03-27 Pekka Abrahamsson , Nilay Oza , Mikko T. Siponen

Searching for clues, gathering evidence, and reviewing case files are all techniques used by criminal investigators to draw sound conclusions and avoid wrongful convictions. Similarly, in software engineering (SE) research, we can develop…

Software Engineering · Computer Science 2023-09-19 Marvin Muñoz Barón , Marvin Wyrich , Daniel Graziotin , Stefan Wagner

Background: Organizations are experiencing an increasing demand for security-by-design activities (e.g., STRIDE analyses) which require a high manual effort. This situation is worsened by the current lack of diverse (and sufficient)…

Software Engineering · Computer Science 2022-08-03 Katja Tuma , Winnie Mbaka

Experimentation is an essential method for causal inference in any empirical discipline. Crossover-design experiments are common in Software Engineering (SE) research. In these, subjects apply more than one treatment in different orders.…

Software Engineering · Computer Science 2025-01-08 Julian Frattini , Davide Fucci , Sira Vegas

Hazard and impact analysis is an indispensable task during the specification and development of safety-critical technical systems, and particularly of their software-intensive control parts. There is a lack of methods supporting an…

Software Engineering · Computer Science 2015-12-10 Sonila Dobi , Mario Gleirscher , Maria Spichkova , Peter Struss

Industrial Internet of Things (IIoT) application provide a whole new set of possibilities to drive efficiency of industrial production forward. However, with the higher degree of integration among systems, comes a plethora of newthreats to…

Cryptography and Security · Computer Science 2019-11-18 Stefan Marksteiner , Rudolf Ramler , Hannes Sochor

Context: Safety analysis is a predominant activity in developing safety-critical systems. It is a highly cooperative task among multiple functional departments due to increasingly sophisticated safety-critical systems and close-knit…

Software Engineering · Computer Science 2019-04-12 Yang Wang , Daniel Graziotin , Stefan Kriso , Stefan Wagner

There is a growing body of research indicating the potential of machine learning to tackle complex software testing challenges. One such challenge pertains to continuous integration testing, which is highly time-constrained, and generates a…

Software Engineering · Computer Science 2022-04-26 Dusica Marijan

For computer software, our security models, policies, mechanisms, and means of assurance were primarily conceived and developed before the end of the 1970's. However, since that time, software has changed radically: it is thousands of times…

Cryptography and Security · Computer Science 2016-11-15 Úlfar Erlingsson

Research in information security has generally focused on providing a comprehensive interpretation of threats, vulnerabilities, and attacks, in particular to evaluate their danger and prioritize responses accordingly. Most of the current…

Cryptography and Security · Computer Science 2014-11-04 Gustavo Gonzalez-Granadillo , Christophe Ponchel , Gregory Blanc , Hervé Debar

Provenance-based Intrusion Detection Systems (PIDSes) have been widely used to detect Advanced Persistent Threats (APTs). Although many studies achieve high performance in the evaluations of their original papers, their performance in…

Cryptography and Security · Computer Science 2026-03-25 Yue Xiao , Ling Jiang , Sen Nie , Ding Li , Shi Wu , Ke Xu , Qi Li

In the last decades, agile methods had a huge impact on how software is developed. In many cases, this has led to significant benefits, such as quality and speed of software deliveries to customers. However, safety-critical systems have…

Software Engineering · Computer Science 2018-08-06 Rashidah Kasauli , Eric Knauss , Benjamin Kanagwa , Agneta Nilsson , Gul Calikli

Reports and press releases highlight that security incidents continue to plague organizations. While researchers and practitioners' alike endeavor to identify and implement realistic security solutions to prevent incidents from occurring,…

Cryptography and Security · Computer Science 2017-06-22 George Grispos , William Bradley Glisson , David Bourrie , Tim Storer , Stacy Miller

Agile methodologies have gained significant traction in the software development industry, promising increased flexibility and responsiveness to changing requirements. However, their applicability to safety-critical systems, particularly in…

Software Engineering · Computer Science 2024-09-20 Mehrnoosh Askarpour , Sahar Kokaly , Ramesh S

Reliability prediction is crucial for ensuring the safety and security of software systems, especially in the context of industry practices. While various metrics and measurements are employed to assess software reliability, the complexity…

Software Engineering · Computer Science 2025-07-29 Dapeng Yan , Wenjie Yang , Kui Liu , Zhiming Liu , Zhikuang Cai

Defects in requirements specifications can have severe consequences during the software development lifecycle. Some of them may result in poor product quality and/or time and budget overruns due to incorrect or missing quality…

Software Engineering · Computer Science 2020-09-09 Hugo Villamizar , Marcos Kalinowski , Alessandro Garcia , Daniel Mendez Fernández

Background: Static Application Security Testing (SAST) tools purport to assist developers in detecting security issues in source code. These tools typically use rule-based approaches to scan source code for security vulnerabilities.…

Software Engineering · Computer Science 2021-07-19 Roland Croft , Dominic Newlands , Ziyu Chen , M. Ali Babar