English
Related papers

Related papers: Fixing Vulnerabilities Potentially Hinders Maintai…

200 papers

Motivation: Code understandability is crucial in software development, as developers spend 58% to 70% of their time reading source code. Improving it can improve productivity and reduce maintenance costs. Problem: Experimental studies often…

Software Engineering · Computer Science 2024-11-13 Delano Oliveira , Reydne Santos , Benedito de Oliveira , Martin Monperrus , Fernando Castor , Fernanda Madeiral

Open Source Software (OSS) security and resilience are worldwide phenomena hampering economic and technological innovation. OSS vulnerabilities can cause unauthorized access, data breaches, network disruptions, and privacy violations,…

Software Engineering · Computer Science 2024-01-17 Nafis Tanveer Islam , Gonzalo De La Torre Parra , Dylan Manual , Murtuza Jadliwala , Peyman Najafirad

Understanding how software defects manifest and evolve in production environments is critical for improving reliability. While previous research has largely focused on pre-release defects, the nature of residual faults, i.e., those escaping…

Software Engineering · Computer Science 2026-04-30 Domenico Cotroneo , Giuseppe De Rosa , Cristina Improta , Benedetta Gaia Varriale

Identifying security issues early is encouraged to reduce the latent negative impacts on software systems. Code review is a widely-used method that allows developers to manually inspect modified code, catching security issues during a…

Software Engineering · Computer Science 2024-05-10 Wachiraphan Charoenwet , Patanamon Thongtanunam , Van-Thuan Pham , Christoph Treude

Identifying the software weaknesses exploited by attacks supports efforts to reduce developer introduction of vulnerabilities and to guide security code review efforts. A weakness is a bug or fault type that can be exploited through an…

Cryptography and Security · Computer Science 2024-05-03 Peter Mell , Irena Bojanova , Carlos Galhardo

Software maintainability is essential for long-term success in the software industry. Despite widespread evidence of the high costs associated with poor maintainability, market pressure drives many organizations to prioritize short-term…

Software Engineering · Computer Science 2024-12-10 Markus Borg , Amogha Udayakumar , Adam Tornhill

Open-source software vulnerability patch detection is a critical component for maintaining software security and ensuring software supply chain integrity. Traditional manual detection methods face significant scalability challenges when…

Software Engineering · Computer Science 2025-09-30 Haoran Xu , Chen Zhi , Junxiao Han , Xinkui Zhao , Jianwei Yin , Shuiguang Deng

Outdated software remains a potent and underappreciated menace in 2025's cybersecurity environment, exposing systems to a broad array of threats, including ransomware, data breaches, and operational outages that can have devastating and…

Cryptography and Security · Computer Science 2025-05-21 Gogulakrishnan Thiyagarajan , Vinay Bist , Prabhudarshi Nayak

Library dependencies in software ecosystems play a crucial role in the development of software. As newer releases of these libraries are published, developers may opt to pin their dependencies to a particular version. While pinning may have…

Software Engineering · Computer Science 2025-12-22 Vasudev Vikram , Yuvraj Agarwal , Rohan Padhye

Much of the current software depends on open-source components, which in turn have complex dependencies on other open-source libraries. Vulnerabilities in open source therefore have potentially huge impacts. The goal of this work is to get…

Software Engineering · Computer Science 2023-05-10 Tobias Dam , Sebastian Neumaier

Third-party library reuse has become common practice in contemporary software development, as it includes several benefits for developers. Library dependencies are constantly evolving, with newly added features and patches that fix bugs in…

Software Engineering · Computer Science 2017-09-15 Raula Gaikovina Kula , Daniel M. German , Ali Ouni , Takashi Ishio , Katsuro Inoue

Software vulnerabilities often persist or re-emerge even after being fixed, revealing the complex interplay between code evolution and socio-technical factors. While source code metrics provide useful indicators of vulnerabilities, software…

Software Engineering · Computer Science 2026-01-21 Samiha Shimmi , Nicholas M. Synovic , Mona Rahimi , George K. Thiruvathukal

The Log4j-Core vulnerability, known as Log4Shell, exposed significant challenges to dependency management in software ecosystems. When a critical vulnerability is disclosed, it is imperative that dependent packages quickly adopt patched…

Open-source software (OSS) supply chain security has become a topic of concern for organizations. Patching an OSS vulnerability can require updating other dependent software products in addition to the original package. However, the…

Software Engineering · Computer Science 2024-04-19 Cadence Patrick , Kimberly Ruth , Zakir Durumeric

The changesets (or patches) that fix open source software vulnerabilities form critical datasets for various machine learning security-enhancing applications, such as automated vulnerability patching and silent fix detection. These patch…

Software Engineering · Computer Science 2025-09-23 Hui Chen , Yunhua Zhao , Kostadin Damevski

Developers interrupting their participation in a project might slowly forget critical information about the code, such as its intended purpose, structure, the impact of external dependencies, and the approach used for implementation.…

Software Engineering · Computer Science 2023-08-29 Dario Amoroso d'Aragona , Luca Pascarella , Andrea Janes , Valentina Lenarduzzi , Rafael Penaloza , Davide Taibi

To build secure software, developers often work together during software development and maintenance to find, fix, and prevent security vulnerabilities. Examining the nature of developer interactions during their security activities…

Software Engineering · Computer Science 2019-07-30 Song Wang , Nachi Nagappan

We present a longitudinal study on the long-term evolution of maintainability in open-source software. Quality assessment remains at the forefront of both software research and practice, with many models and assessment methodologies…

Software Engineering · Computer Science 2020-03-03 Arthur-Jozsef Molnar , Simona Motogna

Software security is of utmost importance for most software systems. Developers must systematically select, plan, design, implement, and especially, maintain and evolve security features -- functionalities to mitigate attacks or protect…

Software Engineering · Computer Science 2025-09-30 Kevin Hermann , Sven Peldszus , Jan-Philipp Steghöfer , Thorsten Berger

Energy efficiency is a crucial quality requirement for mobile applications. However, improving energy efficiency is far from trivial as developers lack the knowledge and tools to aid in this activity. In this paper we study the impact of…

Software Engineering · Computer Science 2019-08-29 Luis Cruz , Rui Abreu , John Grundy , Li Li , Xin Xia