Related papers: Risk Assessment, Threat Modeling and Security Test…
Systems modeling practice lacks security analysis tools that can interface with modeling languages to facilitate security by design. Security by design is a necessity in the age of safety critical cyber-physical systems, where security…
Context: To effectively defend against ever-evolving cybersecurity threats, software systems should be made as secure as possible. To achieve this, software developers should understand potential vulnerabilities and apply secure coding…
Various project management approaches do not consider the impact that uncertainties have on the project. The identified threats by uncertainty in a projec day-to-day are real and immediate and the expectations in a project are often high.…
Systematic task allocation to different development sites in global software de- velopment projects can open business and engineering perspectives and help to reduce risks and problems inherent in distributed development. Relying only on a…
The allocation of tasks can be seen as a success-critical management activity in distributed development projects. However, such task allocation is still one of the major challenges in global software development due to an insufficient…
Context. Developing secure and reliable software remains a key challenge in software engineering (SE). The ever-evolving technological landscape offers both opportunities and threats, creating a dynamic space where chaos and order compete.…
Agile development methods are commonly used to iteratively develop the information systems and they can easily handle ever-changing business requirements. Scrum is one of the most popular agile software development frameworks. The…
Machine learning has become prevalent across a wide variety of applications. Unfortunately, machine learning has also shown to be susceptible to deception, leading to errors, and even fatal failures. This circumstance calls into question…
Research software is often developed by individual researchers or small teams in parallel to their research work. The more people and research projects rely on the software in question, the more important it is that software updates…
Software safety is a crucial aspect during the development of modern safety-critical systems. Software is becoming responsible for most of the critical functions of systems. Therefore, the software components in the systems need to be…
In software project management, risk management is a critical factor. Project managers use existing lists of risk or perform brainstorming to identify the risks. However, it is not easy to perceive all the risks objectively. As a result,…
Security is an important quality of software systems, but there is a huge lack of security experts. To overcome this gap, we aim to make security design knowledge reusable for architects by proposing the SecuRe recommendation approach to…
Code large language models (CodeLLMs) and agents are increasingly being integrated into complex software engineering tasks spanning the entire Software Development Life Cycle (SDLC). Benchmarking is critical for rigorously evaluating these…
Traditionally, promoted by the internet companies, continuous delivery is more and more appealing to industries which develop systems with safety-critical functions. Since safety-critical systems must meet regulatory requirements and…
This work aims at discussing the complexity aspect of software while demonstrating its relationship with security. Complexity is an essential part of software; however, numerous studies indicate that they increase the vulnerability of the…
This study explores the application of deep learning technologies in software development processes, particularly in automating code reviews, error prediction, and test generation to enhance code quality and development efficiency. Through…
Context: Software start-ups are emerging as suppliers of innovation and software-intensive products. However, traditional software engineering practices are not evaluated in the context, nor adopted to goals and challenges of start-ups. As…
With the rapid advancement of information technology, the complexity of applications continues to increase, and the cybersecurity challenges we face are also escalating. This paper aims to investigate the methods and practices of system…
Many industrial IT security standards and policies mandate the usage of a secure coding methodology in the software development process. This implies two different aspects: first, secure coding must be based on a set of secure coding…
The Proactive Software Supply Chain Risk Management Framework (P SSCRM) described in this document is designed to help you understand and plan a secure software supply chain risk management initiative. P SSCRM was created through a process…