English
Related papers

Related papers: SecDocker: Hardening the Continuous Integration Wo…

200 papers

Protecting programs against control-flow hijacking attacks recently has become an arms race between defenders and attackers. While certain defenses, e.g., \textit{Control Flow Integrity} (CFI), restrict the targets of indirect control-flow…

Cryptography and Security · Computer Science 2018-12-21 Paul Muntean

In recent years, there has been a growing concern with software integrity, that is, the assurance that software has not been tampered with on the path between developers and users. This path is represented by a software development pipeline…

Cryptography and Security · Computer Science 2022-11-14 B. M. Reichert , R. R. Obelheiro

It's long been accepted that continuous integration (CI) in software engineering increases the code quality of enterprise projects when adhered to by it's practitioners. But is any of that effort to increase code quality and velocity…

Software Engineering · Computer Science 2024-02-13 Parth Sane

The number of cyber-attacks have substantially increased over the past decade resulting in huge organizational financial losses. Indeed, it is no longer a matter of "if" but "when" a security incident will take place. A Security Operations…

Systems-on-chip (SoCs) are becoming heterogeneous: they combine general-purpose processor cores with application-specific hardware components, also known as accelerators, to improve performance and energy efficiency. The advantages of…

Distributed, Parallel, and Cluster Computing · Computer Science 2019-03-19 Luca Piccolboni , Giuseppe Di Guglielmo , Luca Carloni

Traditionally the integration of data from multiple sources is done on an ad-hoc basis for each analysis scenario and application. This is a solution that is inflexible, incurs in high costs, leads to "silos" that prevent sharing data…

Data-Flow Integrity (DFI) is a well-known approach to effectively detecting a wide range of software attacks. However, its real-world application has been quite limited so far because of the prohibitive performance overhead it incurs.…

Hardware Architecture · Computer Science 2021-11-30 Lang Feng , Jiayi Huang , Jeff Huang , Jiang Hu

The intersection between security and continuous software engineering has been of great interest since the early years of the agile development movement, and it remains relevant as software development processes are more frequently guided…

Software Engineering · Computer Science 2024-01-15 Fabiola Moyón , Florian Angermeir , Daniel Mendez

Automated, secure software development is an important task of digitalization, which is solved with the DevSecOps approach. An important part of the DevSecOps approach is continuous risk assessment, which is necessary to identify and…

Cryptography and Security · Computer Science 2024-12-24 Abed Saif Ahmed Alghawli , Tamara Radivilova

Background: User interface (UI) testing, which is used to verify the behavior of interactive elements in applications, plays an important role in software development and quality assurance. However, little is known about the adoption of UI…

Software Engineering · Computer Science 2025-04-29 Xiaoxiao Gan , Chris Brown

In recent years, Continuous Integration (CI) and Continuous Delivery (CD) has been heatedly discussed and widely used in part or all of the software development life cycle as the practices and pipeline to deliver software products in an…

Software Engineering · Computer Science 2022-05-11 Yajing Luo , Peng Liang , Mojtaba Shahin , Zengyang Li , Chen Yang

Background: Much research has been conducted to investigate the impact of Continuous Integration (CI) on the productivity and quality of open-source projects. Most of studies have analyzed the impact of adopting a CI server service (e.g,…

Software Engineering · Computer Science 2022-08-05 Jadson Santos , Daniel Alencar da Costa , Uirá Kulesza

We introduce a tool that supports continuous flow analysis in order to detect security problems as the user edits. The tool uses abstract interpretation over both byte codes and abstract syntax trees to trace the flow of both type…

Software Engineering · Computer Science 2019-10-01 Steven P. Reiss

In the context of modern software engineering, there is a trend towards Cloud-native software development involving international teams with members from all over the world. Cloud-based version management services like GitHub are commonly…

Cryptography and Security · Computer Science 2024-07-15 Tobias J. Bauer , Andreas Aßmuth

Large-scale software development has become a highly collaborative and geographically distributed endeavour, especially in open-source software development ecosystems and their associated developer communities. It has given rise to modern…

Software Engineering · Computer Science 2023-05-18 Mairieli Wessel , Tom Mens , Alexandre Decan , Pooya Rostami Mazrae

Companies are misled into thinking they solve their security issues by using a DevSecOps system. This paper aims to answer the question: Could a DevOps pipeline be misused to transform a securely developed application into an insecure one?…

Cryptography and Security · Computer Science 2022-02-01 Nicholas Pecka , Lotfi ben Othmane , Altaz Valani

Apart from forming the backbone of compiler optimization, static dataflow analysis has been widely applied in a vast variety of applications, such as bug detection, privacy analysis, program comprehension, etc. Despite its importance,…

Programming Languages · Computer Science 2024-12-18 Zewen Sun , Yujin Zhang , Duanchen Xu , Yiyu Zhang , Yun Qi , Yueyang Wang , Yi Li , Zhaokang Wang , Yue Li , Xuandong Li , Zhiqiang Zuo , Qingda Lu , Wenwen Peng , Shengjian Guo

An Intrusion Detection System (IDS) aims to alert users of incoming attacks by deploying a detector that monitors network traffic continuously. As an effort to increase detection capabilities, a set of independent IDS detectors typically…

Cryptography and Security · Computer Science 2020-02-19 Guntur Dharma Putra , Volkan Dedeoglu , Salil S Kanhere , Raja Jurdak

The reproducibility of software environments is a critical concern in modern software engineering, with ramifications ranging from the effectiveness of collaboration workflows to software supply chain security and scientific…

Software Engineering · Computer Science 2026-01-21 Julien Malka , Stefano Zacchiroli , Théo Zimmermann

Context: DevOps has become one of the fastest-growing software development paradigms in the industry. However, this trend has presented the challenge of ensuring secure software delivery while maintaining the agility of DevOps. The efforts…

Software Engineering · Computer Science 2023-05-02 Roshan N. Rajapakse , Mansooreh Zahedi , M. Ali Babar , Haifeng Shen