English
Related papers

Related papers: A Case Study on Software Vulnerability Coordinatio…

200 papers

The understanding of source code in large-scale software systems poses a challenge for developers. The role of expertise in source code becomes critical for identifying developers accountable for substantial changes. However, in the context…

Software Engineering · Computer Science 2025-08-26 Karolina Milano , Bruno Cafeo

Software development is rarely an individual effort and generally involves teams of developers collaborating to generate good reliable code. Among the software code there exist technical dependencies that arise from software components…

Software Engineering · Computer Science 2010-06-08 Chintan Amrit , Jos van Hillegersberg

The Common Vulnerabilities and Exposures (CVE) represent standard means for sharing publicly known information security vulnerabilities. One or more CVEs are grouped into the Common Weakness Enumeration (CWE) classes for the purpose of…

Cryptography and Security · Computer Science 2022-04-04 Ehsan Aghaei , Waseem Shadid , Ehab Al-Shaer

Advancing our understanding of software vulnerabilities, automating their identification, the analysis of their impact, and ultimately their mitigation is necessary to enable the development of software that is more secure. While operating…

Software Engineering · Computer Science 2025-03-18 Serena E. Ponta , Henrik Plate , Antonino Sabetta , Michele Bezzi , Cédric Dangremont

The exponential growth of Common Vulnerabilities and Exposures (CVE) disclosures poses significant challenges for enterprise security management, necessitating automated and quantitative risk assessment methodologies. Existing vulnerability…

Cryptography and Security · Computer Science 2026-04-09 Wanru Shao

Software Vulnerability (SV) severity assessment is a vital task for informing SV remediation and triage. Ranking of SV severity scores is often used to advise prioritization of patching efforts. However, severity assessment is a difficult…

Software Engineering · Computer Science 2022-01-19 Roland Croft , M. Ali Babar , Li Li

Open-source software (OSS) has become increasingly more popular across different domains. However, this rapid development and widespread adoption come with a security cost. The growing complexity and openness of OSS ecosystems have led to…

Cryptography and Security · Computer Science 2025-06-17 Seyed Ali Akhavani , Behzad Ousat , Amin Kharraz

Many public sources of cyber threat and vulnerability information exist to help defend cyber systems. This paper links MITRE's ATT&CK MATRIX of Tactics and Techniques, NIST's Common Weakness Enumerations (CWE), Common Vulnerabilities and…

Cryptography and Security · Computer Science 2021-02-11 Erik Hemberg , Jonathan Kelly , Michal Shlapentokh-Rothman , Bryn Reinstadler , Katherine Xu , Nick Rutar , Una-May O'Reilly

Given the relevance of coordination in the field of global software engineering, this work was carried out to further understand coordination mechanisms. Specifically, we investigated meetings and the collaboration tool Slack. We conducted…

Software Engineering · Computer Science 2020-07-07 Viktoria Stray , Nils Brede Moe

The significant increase in software production, driven by the acceleration of development cycles over the past two decades, has led to a steady rise in software vulnerabilities, as shown by statistics published yearly by the CVE program.…

Software Engineering · Computer Science 2025-12-11 Dyna Soumhane Ouchebara , Stéphane Dupont

Vulnerability detection is crucial for maintaining software security, and recent research has explored the use of Language Models (LMs) for this task. While LMs have shown promising results, their performance has been inconsistent across…

Cryptography and Security · Computer Science 2024-12-24 Syafiq Al Atiiq , Christian Gehrmann , Kevin Dahlén

Software engineering increasingly involves making high-stakes decisions under uncertainty, using signals from code, field data, and socio-technical processes. Recent AI-driven support (e.g., anomaly detection, predictive analytics, AIOps,…

Software Engineering · Computer Science 2026-05-05 Roberto Pietrantuono , Luca Giamattei , Stefano Russo , Julien Siebert , Neil Walkinshaw

Bug triaging for security vulnerabilities is a critical part of software maintenance, ensuring that the most pressing vulnerabilities are addressed promptly to safeguard system integrity and user data. However, the process is…

While code review is central to the software development process, it can be tedious and expensive to carry out. In this paper, we investigate whether and how Large Language Models (LLMs) can aid with code reviews. Our investigation focuses…

Software Engineering · Computer Science 2024-03-14 Rasmus Ingemann Tuffveson Jensen , Vali Tawosi , Salwa Alamir

Software vulnerability detection (SVD) is a critical challenge in modern systems. Large language models (LLMs) offer natural-language explanations alongside predictions, but most work focuses on binary evaluation, and explanations often…

Software Engineering · Computer Science 2026-02-12 Samal Mukhtar , Yinghua Yao , Zhu Sun , Mustafa Mustafa , Yew Soon Ong , Youcheng Sun

Vulnerability Detection (VD) using machine learning faces a significant challenge: the vast diversity of vulnerability types. Each Common Weakness Enumeration (CWE) represents a unique category of vulnerabilities with distinct…

Cryptography and Security · Computer Science 2024-08-06 Syafiq Al Atiiq , Christian Gehrmann , Kevin Dahlén , Karim Khalil

Isolation is a critical property for shared infrastructure to limit exposure and interference among simultaneous running workloads. Cloud providers use different isolation mechanisms such as full Virtual Machines, microVMs, Linux…

Operating Systems · Computer Science 2025-07-30 Anjali , Michael M. Swift

The dynamic landscape of cybersecurity demands precise and scalable solutions for vulnerability management in heterogeneous systems, where configuration-specific vulnerabilities are often misidentified due to inconsistent data in databases…

Cryptography and Security · Computer Science 2025-05-21 Yuning Jiang , Feiyang Shang , Freedy Tan Wei You , Huilin Wang , Chia Ren Cong , Qiaoran Meng , Nay Oo , Hoon Wei Lim , Biplab Sikdar

Engineering projects are notoriously hard to complete on-time, with project delays often theorised to propagate across interdependent activities. Here, we use a novel dataset consisting of activity networks from 14 diverse, large-scale…

Social and Information Networks · Computer Science 2021-07-16 Marc Santolini , Christos Ellinas , Christos Nicolaides

Deep Learning (DL)-based methods have proven to be effective for software vulnerability detection, with a potential for substantial productivity enhancements for detecting vulnerabilities. Current methods mainly focus on detecting single…

Software Engineering · Computer Science 2024-04-25 Xin-Cheng Wen , Xinchen Wang , Yujia Chen , Ruida Hu , David Lo , Cuiyun Gao