English
Related papers

Related papers: Finding Security Threats That Matter: An Industria…

200 papers

In recent years, the number of cyber attacks has grown rapidly. An effective way to reduce the attack surface and protect software is adoption of methodologies that apply security at each step of the software development lifecycle. While…

Cryptography and Security · Computer Science 2023-07-06 Arina Kudriavtseva , Olga Gadyatskaya

Reviewing source code from a security perspective has proven to be a difficult task. Indeed, previous research has shown that developers often miss even popular and easy-to-detect vulnerabilities during code review. Initial evidence…

Software Engineering · Computer Science 2022-02-15 Larissa Braz , Christian Aeberhard , Gül Çalikli , Alberto Bacchelli

Human error research on overconfidence supports the benefits of early visibility of defects and disciplined development. If risk to the enterprise is to be reduced, individuals need to become aware of the reality of the quality of their…

Human-Computer Interaction · Computer Science 2008-03-25 Patrick O'Beirne

When writing software code, developers typically prioritise functionality over security, either consciously or unconsciously through biases and heuristics. This is often attributed to tangible pressures such as client requirements, but…

Software Engineering · Computer Science 2022-05-10 Matthew Ivory

Security patterns are a means to encapsulate and communicate proven security solutions. They are well-established approaches for introducing security into the software development process. Our objective is to explore the research efforts on…

Software Engineering · Computer Science 2018-12-03 Abbas Javan Jafari , Abbas Rasoolzadegan

Advances in machine learning (ML) in recent years have enabled a dizzying array of applications such as data analytics, autonomous systems, and security diagnostics. ML is now pervasive---new systems and models are being deployed in every…

Cryptography and Security · Computer Science 2016-11-14 Nicolas Papernot , Patrick McDaniel , Arunesh Sinha , Michael Wellman

Frontier AI systems are being adopted across Africa, yet most AI safety evaluations are designed and validated in Western environments. In this paper, we argue that the portability gap can leave Africa-centric pathways to severe harm…

Considering the ever-evolving threat landscape and rapid changes in software development, we propose a risk assessment framework called SAFER (Software Analysis Framework for Evaluating Risk). This framework is based on the necessity of a…

Software Engineering · Computer Science 2024-12-25 Sarah Ali Siddiqui , Chandra Thapa , Rayne Holland , Wei Shao , Seyit Camtepe

Software vulnerabilities remain a significant risk factor in achieving security objectives within software development organizations. This is especially true where either proprietary or open-source software (OSS) is included in the…

Software Engineering · Computer Science 2025-09-23 James J. Cusick

In recent years, there has been a growing concern with software integrity, that is, the assurance that software has not been tampered with on the path between developers and users. This path is represented by a software development pipeline…

Cryptography and Security · Computer Science 2022-11-14 B. M. Reichert , R. R. Obelheiro

Managing project risk is a key part of the successful implementation of any large project and is widely recognized as a best practice for public agencies to deliver infrastructures. The conventional method of identifying and evaluating…

Software Engineering · Computer Science 2023-11-27 Abdolmajid Erfani

Uncertainty is prevalent in engineering design, data-driven problems, and decision making broadly. Due to inherent risk-averseness and ambiguity about assumptions, it is common to address uncertainty by formulating and solving conservative…

Optimization and Control · Mathematics 2024-04-05 Johannes O. Royset

Safety critical systems are typically subjected to hazard analysis before commissioning to identify and analyse potentially hazardous system states that may arise during operation. Currently, hazard analysis is mainly based on human…

Computer security has been a concern for decades and artificial intelligence techniques have been applied to the area for nearly as long. Most of the techniques are being applied to the detection of attacks to running systems, but recent…

Cryptography and Security · Computer Science 2019-12-17 Steve Kommrusch

Based on interviews with 28 organizations, we found that industry practitioners are not equipped with tactical and strategic tools to protect, detect and respond to attacks on their Machine Learning (ML) systems. We leverage the insights…

Computers and Society · Computer Science 2021-03-22 Ram Shankar Siva Kumar , Magnus Nyström , John Lambert , Andrew Marshall , Mario Goertzel , Andi Comissoneru , Matt Swann , Sharon Xia

The advent of Large Language Models (LLMs) has revolutionized various applications by providing advanced natural language processing capabilities. However, this innovation introduces new cybersecurity challenges. This paper explores the…

Cryptography and Security · Computer Science 2024-06-18 Stephen Burabari Tete

It is challenging to verify that the planned security mechanisms are actually implemented in the software. In the context of model-based development, the implemented security mechanisms must capture all intended security properties that…

Software Engineering · Computer Science 2022-03-21 Katja Tuma , Sven Peldszus , Daniel Strüber , Riccardo Scandariato , Jan Jürjens

Software development projects management is a complex endeavor because it requires dealing with numerous unforeseen events that constantly arise along the way and that go against the expectations that had been established at the beginning.…

Software Engineering · Computer Science 2022-09-27 Fernando Pinciroli

Background: Due to their diversity, complexity, and above all importance, safety-critical and dependable systems must be developed with special diligence. Criticality increases as these systems likely contain artificial intelligence (AI)…

Software Engineering · Computer Science 2025-06-03 Amra Ramic , Stefan Kugele

Context: DevOps has become one of the fastest-growing software development paradigms in the industry. However, this trend has presented the challenge of ensuring secure software delivery while maintaining the agility of DevOps. The efforts…

Software Engineering · Computer Science 2023-05-02 Roshan N. Rajapakse , Mansooreh Zahedi , M. Ali Babar , Haifeng Shen