English
Related papers

Related papers: Vulnerability Coverage as an Adequacy Testing Crit…

200 papers

Context: Scientific open-source software (SciOSS) plays a foundational role in research and engineering, yet its long-term sustainability has often been overlooked and remains a significant concern. Objective: This study investigates the…

Software Engineering · Computer Science 2026-05-06 Sheikh Md. Mushfiqur Rahman , Gregory R. Watson , Nasir U. Eisty

Cybersecurity software tool evaluation is difficult due to the inherently adversarial nature of the field. A penetration testing (or offensive) tool must be tested against a viable defensive adversary and a defensive tool must, similarly,…

Cryptography and Security · Computer Science 2024-09-17 Jeremy Straub

Context: Software testability is the degree to which a software system or a unit under test supports its own testing. To predict and improve software testability, a large number of techniques and metrics have been proposed by both…

Software Engineering · Computer Science 2018-12-07 Vahid Garousi , Michael Felderer , Feyza Nur Kilicaslan

In software, a vulnerability is a defect in a program that attackers might utilize to acquire unauthorized access, alter system functions, and acquire information. These vulnerabilities arise from programming faults, design flaws, incorrect…

Software Engineering · Computer Science 2024-11-28 Md. Fahim Sultan , Tasmin Karim , Md. Shazzad Hossain Shaon , Mohammad Wardat , Mst Shapna Akter

Code coverage is a popular and widespread test adequacy metric that measures the percentage of program codes executed by a test suite. Despite its popularity, code coverage has several limitations. One of the major limitations is that it…

Software Engineering · Computer Science 2023-02-16 Soneya Binta Hossain , Matthew B. Dwyer

Automated tests play an important role in software evolution because they can rapidly detect faults introduced during changes. In practice, code-coverage metrics are often used as criteria to evaluate the effectiveness of test suites with…

Software Engineering · Computer Science 2016-11-23 Rainer Niedermayr , Elmar Juergens , Stefan Wagner

Many tools and libraries are readily available to build and operate distributed Web applications. While the setup of operational environments is comparatively easy, practice shows that their continuous secure operation is more difficult to…

Cryptography and Security · Computer Science 2012-07-13 Matteo Maria Casalino , Michele Mangili , Henrik Plate , Serena Elisa Ponta

Vulnerability discovery and exploits detection are two wide areas of study in software engineering. This preliminary work tries to combine existing methods with machine learning techniques to define a metric classification of vulnerable…

Software Engineering · Computer Science 2014-07-23 Gabriele Modena

Software testing is a critical element of software quality assurance and represents the ultimate review of specification, design and coding. Software testing is the process of testing the functionality and correctness of software by running…

Software Engineering · Computer Science 2010-01-26 S. S. Riaz Ahamed

This report presents a taxonomy of vulnerabilities created as a part of an effort to develop a framework for deriving verification and validation strategies to assess software security. This taxonomy is grounded in a theoretical model of…

Cryptography and Security · Computer Science 2007-05-23 Anil Bazaz , James D. Arthur

One of the most significant challenges in the field of software code auditing is the presence of vulnerabilities in software source code. Every year, more and more software flaws are discovered, either internally in proprietary code or…

Cryptography and Security · Computer Science 2023-06-16 Mst Shapna Akter , Hossain Shahriar , Juan Rodriguez Cardenas , Sheikh Iqbal Ahamed , Alfredo Cuzzocrea

Security metrics are not standardized, but inter-national proposals such as the Common Vulnerability ScoringSystem (CVSS) for quantifying the severity of known vulnerabil-ities are widely used. Many CVSS aggregation mechanisms havebeen…

Cryptography and Security · Computer Science 2023-10-04 Angel Longueira-Romero , Jose Luis Flores , Rosa Iglesias , Iñaki Garitano

Despite various approaches being employed to detect vulnerabilities, the number of reported vulnerabilities shows an upward trend over the years. This suggests the problems are not caught before the code is released, which could be caused…

Cryptography and Security · Computer Science 2025-02-14 Karl Tamberg , Hayretdin Bahsi

Software vulnerabilities in source code pose serious cybersecurity risks, prompting a shift from traditional detection methods (e.g., static analysis, rule-based matching) to AI-driven approaches. This study presents a systematic review of…

Software Engineering · Computer Science 2025-06-13 Samiha Shimmi , Hamed Okhravi , Mona Rahimi

Vulnerability Discovery with attack Injection security threats are increasing for the server software, when software is developed, the software tested for the functionality. Due to unawareness of software vulnerabilities most of the…

Networking and Internet Architecture · Computer Science 2014-02-12 G. Vijay Kumar , Ravikumar S. Raykundaliya , Dr. P. Naga Prasad

(U.S) Rule-based policies to mitigate software risk suggest to use the CVSS score to measure the individual vulnerability risk and act accordingly: an HIGH CVSS score according to the NVD (National (U.S.) Vulnerability Database) is…

Cryptography and Security · Computer Science 2015-04-13 Luca Allodi , Fabio Massacci

Preventing vulnerability exploits is a critical software maintenance task, and software engineers often rely on Common Vulnerability and Exposure (CVEs) reports for information about vulnerable systems and libraries. These reports include…

Software Engineering · Computer Science 2019-10-01 Danielle Gonzalez , Holly Hastings , Mehdi Mirakhorli

As the number of Common Vulnerabilities and Exposures (CVE) continues to grow exponentially, security teams face increasingly difficult decisions about prioritization. Current approaches using Common Vulnerability Scoring System (CVSS)…

Cryptography and Security · Computer Science 2026-03-05 Naoyuki Shimizu , Masaki Hashimoto

Validation accuracy is a necessary, but not sufficient, measure of a neural network classifier's quality. High validation accuracy during development does not guarantee that a model is free of serious flaws, such as vulnerability to…

Machine Learning · Computer Science 2019-10-08 John S. Hyatt , Michael S. Lee

Context: Traditional software security analysis methods struggle to keep pace with the scale and complexity of modern codebases, requiring intelligent automation to detect, assess, and remediate vulnerabilities more efficiently and…

Software Engineering · Computer Science 2026-01-14 Shaznin Sultana , Sadia Afreen , Nasir U. Eisty