English
Related papers

Related papers: Why Don't Developers Detect Improper Input Validat…

200 papers

Software security vulnerabilities allow attackers to perform malicious activities to disrupt software operations. Recent Transformer-based language models have significantly advanced vulnerability detection, surpassing the capabilities of…

Cryptography and Security · Computer Science 2024-06-11 Aidan Z. H. Yang , Haoye Tian , He Ye , Ruben Martins , Claire Le Goues

Many tools and libraries are readily available to build and operate distributed Web applications. While the setup of operational environments is comparatively easy, practice shows that their continuous secure operation is more difficult to…

Cryptography and Security · Computer Science 2012-07-13 Matteo Maria Casalino , Michele Mangili , Henrik Plate , Serena Elisa Ponta

In recent years, program verifiers and interactive theorem provers have become more powerful and more suitable for verifying large programs or proofs. This has demonstrated the need for improving the user experience of these tools to…

Programming Languages · Computer Science 2014-04-29 K. Rustan M. Leino , Valentin Wüstholz

Large language models are increasingly used to produce runnable software. In practice, security is often addressed through a Detect--Repair--Verify (DRV) loop that detects issues, applies fixes, and verifies the result. This work studies…

Software Engineering · Computer Science 2026-03-03 Cheng Cheng

The validity of instrumental variable (IV) designs is typically tested using two types of falsification tests. We characterize these tests as conditional independence tests between negative control variables -- proxies for unobserved…

Econometrics · Economics 2025-04-29 Oren Danieli , Daniel Nevo , Itai Walk , Bar Weinstein , Dan Zeltzer

Software updates are essential to enhance security, fix bugs, and add better features to the existing software. While some users accept software updates, non-compliance remains a widespread issue. While some users accept software updates,…

Software Engineering · Computer Science 2025-10-30 Mahzabin Tamanna , Mohd Anwar , Joseph D. W. Stephens

The foundation model industry exhibits unprecedented concentration in critical inputs: semiconductors, energy infrastructure, elite talent, capital, and training data. Despite extensive sectoral analyses, no comprehensive framework exists…

General Economics · Economics 2026-03-25 Claudio Pirrone , Stefano Fricano , Gioacchino Fazio

To face future reliability challenges, it is necessary to quantify the risk of error in any part of a computing system. To this goal, the Architectural Vulnerability Factor (AVF) has long been used for chips. However, this metric is used…

Hardware Architecture · Computer Science 2023-08-02 Luc Jaulmes , Miquel Moretó , Mateo Valero , Marc Casas

Trusting software systems, particularly autonomous ones, is challenging. To address this, formal verification techniques can ensure these systems behave as expected. Runtime Verification (RV) is a leading, lightweight method for verifying…

Formal Languages and Automata Theory · Computer Science 2024-08-22 Angelo Ferrando , Vadim Malvone

Software is infamous for its poor quality and frequent occurrence of bugs. While there is no doubt that thorough testing is an appropriate answer to ensure sufficient quality, the poor state of software generally suggests that developers…

Software Engineering · Computer Science 2023-09-06 Philipp Straubinger , Gordon Fraser

Passwords are still a mainstay of various security systems, as well as the cause of many usability issues. For end-users, many of these issues have been studied extensively, highlighting problems and informing design decisions for better…

Cryptography and Security · Computer Science 2017-08-31 Alena Naiakshina , Anastasia Danilova , Christian Tiefenau , Marco Herzog , Sergej Dechand , Matthew Smith

Machine learning-based software vulnerability detection requires high-quality datasets, which is essential for training effective models. To address challenges related to data label quality, diversity, and comprehensiveness, we constructed…

Software Engineering · Computer Science 2025-05-14 Chaomeng Lu , Tianyu Li , Toon Dehaene , Bert Lagaisse

Weak alignment of requirements engineering (RE) with verification and validation (VV) may lead to problems in delivering the required products in time with the right quality. For example, weak communication of requirements changes to…

Artificial Intelligence (AI) has revolutionized software development, particularly by automating repetitive tasks and improving developer productivity. While these advancements are well-documented, the use of AI-powered tools for Software…

Software Engineering · Computer Science 2025-12-24 M. Mehdi Kholoosi , Triet Huynh Minh Le , M. Ali Babar

Third-party library dependencies are commonplace in today's software development. With the growing threat of security vulnerabilities, applying security fixes in a timely manner is important to protect software systems. As such, the…

Software Engineering · Computer Science 2022-05-18 Ayano Ikegami , Raula Gaikovina Kula , Bodin Chinthanet , Vittunyuta Maeprasart , Ali Ouni , Takashi Ishio , Kenichi Matsumoto

Version control systems for source code, such as Git, are key tools in modern software development environments. Many developers use online services, such as GitHub or GitLab, for collaborative software development. While software projects…

Cryptography and Security · Computer Science 2022-11-15 Alexander Krause , Jan H. Klemmer , Nicolas Huaman , Dominik Wermke , Yasemin Acar , Sascha Fahl

Background: Data errors are a common challenge in machine learning (ML) projects and generally cause significant performance degradation in ML-enabled software systems. To ensure early detection of erroneous data and avoid training ML…

Software Engineering · Computer Science 2021-03-09 Lucy Ellen Lwakatare , Ellinor Rånge , Ivica Crnkovic , Jan Bosch

Program verifiers are not exempt from the bugs that affect nearly every piece of software. In addition, they often exhibit brittle behavior: their performance changes considerably with details of how the input program is expressed-details…

Software Engineering · Computer Science 2018-05-10 Yu-Ting Chen , Carlo A. Furia

Many researchers have studied the behaviour of successful developers while debugging desktop software. In this paper, we investigate the embedded-software debugging by intermediate programmers through an exploratory study. The bugs are…

Software Engineering · Computer Science 2017-04-12 Pansy Arafa , Daniel Solomon , Samaneh Navabpour , Sebastian Fischmeister

Agent skills extend LLM agents with privileged third-party capabilities such as filesystem access, credentials, network calls, and shell execution. Existing safety work catches malicious prompts and risky runtime actions, but the skill…

Cryptography and Security · Computer Science 2026-05-13 Yuhao Wu , Tung-Ling Li , Hongliang Liu