English
Related papers

Related papers: Ammonia: An Approach for Deriving Project-specific…

200 papers

Static analysis plays a crucial role in software vulnerability detection, yet faces a persistent precision-scalability tradeoff. In large codebases like the Linux kernel, traditional static analysis tools often generate excessive false…

Software Engineering · Computer Science 2025-06-03 Haonan Li , Hang Zhang , Kexin Pei , Zhiyun Qian

Background: Some developer activity traditionally performed manually, such as making code commits, opening, managing, or closing issues is increasingly subject to automation in many OSS projects. Specifically, such activity is often…

Software Engineering · Computer Science 2020-03-31 Tapajit Dey , Sara Mousavi , Eduardo Ponce , Tanner Fry , Bogdan Vasilescu , Anna Filippova , Audris Mockus

Static code analysis (SCA) tools are widely used as effective ways to detect bugs and vulnerabilities in software systems. However, the reports generated by these tools often contain a large number of non-actionable findings, which can…

Software Engineering · Computer Science 2026-04-21 Tamás Aladics , Norbert Vándor , Rudolf Ferenc , Péter Hegedűs

Fault identification and testing has always been the most specific concern in the field of software development. To identify and testify the bug we should be aware of the source of the failure or any unwanted issue. In this paper, we are…

Software Engineering · Computer Science 2014-05-06 Vishal Anand , Ramani S

Refactoring is a common practice in software development, aimed at improving the internal code structure in order to make it easier to understand and modify. Consequently, it is often assumed that refactoring makes the code less prone to…

Software Engineering · Computer Science 2025-05-14 Isabella Ferreira , Lawrence Arkoh , Anderson Uchôa , Ana Carla Bibiano , Alessandro Garcia , Wesley K. G. Assunção

Developers today use significant amounts of open source code, surfacing the need for ways to automatically audit and upgrade library dependencies, and giving rise to the subfield of Software Composition Analysis (SCA). SCA products are…

Software Engineering · Computer Science 2019-10-01 Darius Foo , Jason Yeo , Hao Xiao , Asankhaya Sharma

Despite various approaches being employed to detect vulnerabilities, the number of reported vulnerabilities shows an upward trend over the years. This suggests the problems are not caught before the code is released, which could be caused…

Cryptography and Security · Computer Science 2025-02-14 Karl Tamberg , Hayretdin Bahsi

The modern software development landscape has seen a shift in focus toward mobile applications as "smart" devices near ubiquitous adoption. Due to this trend, the complexity of mobile applications has been increasing, making development and…

Software Engineering · Computer Science 2018-01-19 Kevin Moran

Static analysis tools have gained popularity among developers for finding potential bugs, but their widespread adoption is hindered by the accomnpanying high false alarm rates (up to 90%). To address this challenge, previous studies…

Software Engineering · Computer Science 2023-09-19 Zhipeng Xue , Zhipeng Gao , Xing Hu , Shanping Li

Over 70% of security vulnerabilities in critical software systems today result from memory safety violations. To address this challenge, fuzzing and static analysis are widely used automated methods to discover such vulnerabilities. Fuzzing…

Cryptography and Security · Computer Science 2026-03-31 Keno Hassler , Philipp Görz , Stephan Lipp

Modern software development relies heavily on Application Programming Interface (API) libraries. However, there are often certain constraints on using API elements in such libraries. Failing to follow such constraints (API misuse) could…

Software Engineering · Computer Science 2019-08-20 Tam The Nguyen , Phong Minh Vu , Tung Thanh Nguyen

Open-source libraries are widely used by software developers to speed up the development of products, however, they can introduce security vulnerabilities, leading to incidents like Log4Shell. With the expanding usage of open-source…

Over the years of challenges on detecting the crash consistency of non-volatile persistent memory (PM) bugs and developing new tools to identify those bugs are quite stretching due to its inconsistent behavior on the file or storage…

Software Engineering · Computer Science 2023-07-22 Jahid Hasan

We revisit the performance of template-based APR to build comprehensive knowledge about the effectiveness of fix patterns, and to highlight the importance of complementary steps such as fault localization or donor code retrieval. To that…

Software Engineering · Computer Science 2019-06-07 Kui Liu , Anil Koyuncu , Dongsun Kim , Tegawendé F. Bissyandé

Because database systems are the critical component of modern data-intensive applications, it is important to ensure that they operate correctly. To this end, developers extensively test these systems to eliminate bugs that negatively…

Databases · Computer Science 2021-09-03 Xinyu Liu , Qi Zhou , Joy Arulraj , Alessandro Orso

Test-based automated program repair has been a prolific field of research in software engineering in the last decade. Many approaches have indeed been proposed, which leverage test suites as a weak, but affordable, approximation to program…

Deep Learning methods are becoming prominent in automated software bug detection; however, they lack the global understanding of the given code. Consequently, their performance tends to degrade, especially when they are applied to large…

Software Engineering · Computer Science 2026-04-29 Srita Padmanabhuni , Bhargavi Karuturi , Jerusha Karen Indupalli , Santhan Reddy Chilla , Vivek Yelleti

Context: Logging is an important part of modern software projects; logs are used in several tasks such as debugging and testing. Due to the complex nature of logging, it remains a difficult task with several pitfalls that could have serious…

Software Engineering · Computer Science 2026-03-11 Nyyti Saarimäki , Donghwan Shin , Domenico Bianculli

Context: Static analysis captures software engineering knowledge and alerts on possibly problematic patterns. Previous work showed that they indeed have predictive power for various problems. However, the impact of removing the alerts is…

Software Engineering · Computer Science 2026-03-24 Idan Amit

The increasingly sophisticated environment in which attackers operate makes software security an even greater challenge in open-source projects, where malicious packages are prevalent. Static analysis tools, such as Malcontent, are highly…

Cryptography and Security · Computer Science 2026-01-27 Duc-Ly Vu , Thanh-Cong Nguyen , Minh-Khanh Vu , Ngoc-Thanh Nguyen , Kim-Anh Do Thi
‹ Prev 1 3 4 5 6 7 10 Next ›