English
Related papers

Related papers: Structuring a Comprehensive Software Security Cour…

200 papers

Secure development process is a procedure taken by developers to ensure the programs developed are following the general security standards and will always be up to date so that the outcomes are well secured and obedient. As a software…

Software Engineering · Computer Science 2020-12-22 Abdul Hadi bin Abdul Rahman , Abdullah Nazir , Kim Tae Hyun , Tan Horng Yarng , Fatima-tuz-Zahra

As software becomes more complex and assumes an even greater role in our lives, formal verification is set to become the gold standard in securing software systems into the future, since it can guarantee the absence of errors and entire…

Human-Computer Interaction · Computer Science 2021-11-17 Carolina Carreira , João F. Ferreira , Alexandra Mendes , Nicolas Christin

Security patterns are a means to encapsulate and communicate proven security solutions. They are well-established approaches for introducing security into the software development process. Our objective is to explore the research efforts on…

Software Engineering · Computer Science 2018-12-03 Abbas Javan Jafari , Abbas Rasoolzadegan

While providing economic and software development value, software supply chains are only as strong as their weakest link. Over the past several years, there has been an exponential increase in cyberattacks, specifically targeting vulnerable…

Cryptography and Security · Computer Science 2025-05-16 Imranur Rahman , Yasemin Acar , Michel Cukier , William Enck , Christian Kastner , Alexandros Kapravelos , Dominik Wermke , Laurie Williams

Large language models (LLMs) are being increasingly integrated into practical hardware and firmware development pipelines for code generation. Existing studies have primarily focused on evaluating the functional correctness of LLM-generated…

Cryptography and Security · Computer Science 2026-01-21 Qirui Chen , Jingxian Shuai , Shuangwu Chen , Shenghao Ye , Zijian Wen , Xufei Su , Jie Jin , Jiangming Li , Jun Chen , Xiaobin Tan , Jian Yang

Background: Due to their diversity, complexity, and above all importance, safety-critical and dependable systems must be developed with special diligence. Criticality increases as these systems likely contain artificial intelligence (AI)…

Software Engineering · Computer Science 2025-06-03 Amra Ramic , Stefan Kugele

Software vulnerabilities can have serious consequences, which is why many techniques have been proposed to defend against them. Among these, vulnerability detection techniques are a major area of focus. However, there is a lack of a…

Software Engineering · Computer Science 2023-03-30 Yingzhou Bi , Jiangtao Huang , Penghui Liu , Lianmei Wang

Understanding the landscape of software vulnerabilities is key for developing effective security solutions. Fortunately, the evaluation of vulnerability databases that use a framework for communicating vulnerability attributes and their…

Cryptography and Security · Computer Science 2021-02-04 Assane Gueye , Peter Mell

Today's digital ecosystem relies heavily on software supply chains, which enable developers to reuse code and ship software at scale. However, a single vulnerable component can jeopardize the entire supply chain. In recent years,…

Cryptography and Security · Computer Science 2026-05-29 Md Atiqur Rahman , Yasemin Acar , Michel Cucker , William Enck , Alexandros Kapravelos , Christian Kastner , Dominik Wermke , Laurie Williams

While code review is central to the software development process, it can be tedious and expensive to carry out. In this paper, we investigate whether and how Large Language Models (LLMs) can aid with code reviews. Our investigation focuses…

Software Engineering · Computer Science 2024-03-14 Rasmus Ingemann Tuffveson Jensen , Vali Tawosi , Salwa Alamir

Much of the current software depends on open-source components, which in turn have complex dependencies on other open-source libraries. Vulnerabilities in open source therefore have potentially huge impacts. The goal of this work is to get…

Software Engineering · Computer Science 2023-05-10 Tobias Dam , Sebastian Neumaier

The Open Source Security Testing Methodology Manual (OSSTMM) provides a "scientific methodology for the accurate characterization of operational security" [Her10, p.13]. It is extensively referenced in writings aimed at security testing…

Cryptography and Security · Computer Science 2020-10-14 Martin R. Albrecht , Rikke Bjerg Jensen

In an increasingly interconnected and data-driven world, the importance of robust security measures cannot be overstated. A knowledge graph constructed with information extracted from the system along with the desired security behavior can…

Cryptography and Security · Computer Science 2023-12-11 M. Xie , T. Rahat , W. Wang , Y. Tian

Malware programs are diverse, with varying objectives, functionalities, and threat levels ranging from mere pop-ups to financial losses. Consequently, their run-time footprints across the system differ, impacting the optimal data source…

Cryptography and Security · Computer Science 2022-11-15 Sareena Karapoola , Nikhilesh Singh , Chester Rebeiro , Kamakoti V

In today's rapidly evolving technological landscape and advanced software development, the rise in cyber security attacks has become a pressing concern. The integration of robust cyber security defenses has become essential across all…

Software Engineering · Computer Science 2023-11-02 Mounika Vanamala , Keith Bryant , Alex Caravella

Software supply chain attacks have increased exponentially since 2020. The primary attack vectors for supply chain attacks are through: (1) software components; (2) the build infrastructure; and (3) humans (a.k.a software practitioners).…

Cryptography and Security · Computer Science 2025-09-11 Laurie Williams , Sammy Migues

Open-source projects are essential to software development, but publicly disclosing vulnerabilities without fixes increases the risk of exploitation. The Open Source Security Foundation (OpenSSF) addresses this issue by promoting robust…

Java platform and third-party libraries provide various security features to facilitate secure coding. However, misusing these features can cost tremendous time and effort of developers or cause security vulnerabilities in software. Prior…

Cryptography and Security · Computer Science 2017-09-29 Na Meng , Stefan Nagy , Daphne Yao , Wenjie Zhuang , Gustavo Arango Argoty

Increasingly, courses on Empirical Software Engineering research methods are being offered in higher education institutes across the world, mostly at the M.Sc. and Ph.D. levels. While the need for such courses is evident and in line with…

Software Engineering · Computer Science 2025-03-17 Paris Avgeriou , Nauman bin Ali , Marcos Kalinowski , Daniel Mendez

Background: Security tools play a vital role in enabling developers to build secure software. However, it can be quite challenging to introduce and fully leverage security tools without affecting the speed or frequency of deployments in the…

Cryptography and Security · Computer Science 2021-07-20 Roshan Namal Rajapakse , Mansooreh Zahedi , Muhammad Ali Babar