English
Related papers

Related papers: Underproduction: An Approach for Measuring Risk in…

200 papers

Linux users expect fresh packages in the official repositories of their distributions. Yet, due to philosophical divergences, the packages available in various distributions do not all have the same degree of freshness. Users therefore need…

Software Engineering · Computer Science 2021-03-17 Damien Legay , Alexandre Decan , Tom Mens

A stack overflow occurs when a program or process tries to store more data in a buffer (or stack) than it was intended to hold. If the affected program is running with special privileges or accepts data from untrusted network hosts (e.g. a…

Cryptography and Security · Computer Science 2019-11-07 Md. Masudur Rahman , B M Mainul Hossain

Vulnerability detection is crucial to protect software security. Nowadays, deep learning (DL) is the most promising technique to automate this detection task, leveraging its superior ability to extract patterns and representations within…

Software Engineering · Computer Science 2026-02-13 Yuejun Guo , Qiang Hu , Qiang Tang , Yves Le Traon

Understanding vulnerability propagation is essential for assessing how vulnerabilities spread across components of a software package. This supports more accurate impact analysis and enhances threat detection and mitigation. In this paper,…

Cryptography and Security · Computer Science 2026-04-21 Michael Robinson , Sajal Halder , Muhammad Ejaz Ahmed , Muhammad Ikram , Seyit Camtepe , Hyoungshick Kim

Source code repositories allow developers to manage multiple versions (or branches) of a software system. Pull-requests are used to modify a branch, and backporting is a regular activity used to port changes from a current development…

Software Engineering · Computer Science 2022-04-11 Debasish Chakroborti , Kevin A. Schneider , Chanchal K. Roy

Evidence suggests that Free/Libre Open Source Software (FLOSS) environments provide unlimited learning opportunities. Community members engage in a number of activities both during their interaction with their peers and while making use of…

Software Engineering · Computer Science 2023-07-18 Patrick Mukala , Antonio Cerone , Franco Turini

Software bloat is code that is packaged in an application but is actually not necessary to run the application. The presence of software bloat is an issue for security, for performance, and for maintenance. In this paper, we introduce a…

Software Engineering · Computer Science 2022-05-20 César Soto-Valero , Thomas Durieux , Nicolas Harrand , Benoit Baudry

The purpose of continuous fuzzing platforms is to enable fuzzing for software projects via \emph{fuzz harnesses} -- but as the projects continue to evolve, are these harnesses updated in lockstep, or do they run out of date? If these…

Software Engineering · Computer Science 2025-05-12 Philipp Görz , Joschua Schilling , Thorsten Holz , Marcel Böhme

Different security issues are a common problem for open source packages archived to and delivered through software ecosystems. These often manifest themselves as software weaknesses that may lead to concrete software vulnerabilities. This…

Software Engineering · Computer Science 2021-12-28 Jukka Ruohonen , Kalle Hjerppe , Kalle Rindell

Software defect datasets, which are collections of software bugs, are essential resources to facilitate empirical research and enable standardized benchmarking for a wide range of software engineering techniques, including emerging areas…

Software Engineering · Computer Science 2026-02-12 Hao-Nan Zhu , Robert M. Furth , Michael Pradel , Cindy Rubio-González

Relying on dependency packages accelerates software development, but it also increases the exposure to security vulnerabilities that may be present in dependencies. While developers have full control over which dependency packages (and…

Software Engineering · Computer Science 2023-10-13 Abbas Javan Jafari , Diego Elias Costa , Ahmad Abdellatif , Emad Shihab

Logging plays a crucial role in software engineering because it is key to perform various tasks including debugging, performance analysis, and detection of anomalies. Despite the importance of log data, the practice of logging still suffers…

Software Engineering · Computer Science 2022-08-16 Keyur Patel , Joao Faccin , Abdelwahab Hamou-Lhadj , Ingrid Nunes

Context: Over the last decades, open-source software has pervaded the software industry and has become one of the key pillars in software engineering. The incomparable growth of open source reflected that pervasion: Prior work described…

Software Engineering · Computer Science 2022-01-21 Michael Dorner , Maximilian Capraro , Ann Barcomb , Krzysztof Wnuk

Software systems have grown as an indispensable commodity used across various industries, and almost all essential services depend on them for effective operation. The software is no longer an independent or stand-alone piece of code…

Software Engineering · Computer Science 2025-05-29 Ritwik Murali , Akash Ravi

Bug localization is the task of recommending source code locations (typically files) that contain the cause of a bug and hence need to be changed to fix the bug. Along these lines, information retrieval-based bug localization (IRBL)…

A critical issue faced by open-source software projects is the risk of key personnel leaving the project. This risk is exacerbated in large projects that have been under development for a long time and experienced growth in their…

Software Engineering · Computer Science 2024-01-09 Aliza Lisan , Boyana Norris

Software quality research increasingly relies on large-scale datasets that measure both the product and process aspects of software systems. However, existing resources often focus on limited dimensions, such as code smells, technical debt,…

Software Engineering · Computer Science 2025-11-17 Mikel Robredo , Matteo Esposito , Davide Taibi , Rafael Peñaloza , Valentina Lenarduzzi

In the open source software (OSS) ecosystem, there exists a complex software supply chain, where developers upstream and downstream widely borrow and reuse code. This results in the widespread occurrence of recurring defects, missing fixes,…

Cryptography and Security · Computer Science 2024-01-31 Fuwei Wang , Yongzhi Liu , Zhiqiang Dong

The software supply chain is becoming a widespread analogy to designate the series of steps taken to go from source code published by developers to executables running on the users? computers. A security vulnerability in any of these steps…

Software Engineering · Computer Science 2022-06-30 Ludovic Courtès

Vulnerabilities in open-source operating systems (OSs) pose substantial security risks to software systems, making their detection crucial. While fuzzing has been an effective vulnerability detection technique in various domains, OS fuzzing…

Operating Systems · Computer Science 2026-01-21 Kun Hu , Qicai Chen , Wenzhuo Zhang , Zilong Lu , Bihuan Chen , You Lu , Haowen Jiang , Bingkun Sun , Xin Peng , Wenyun Zhao