English
Related papers

Related papers: Fixing Vulnerabilities Potentially Hinders Maintai…

200 papers

Embedded software is developed under the assumption that hardware execution is always correct. Fault attacks break and exploit that assumption. Through the careful introduction of targeted faults, an adversary modifies the control-flow or…

Cryptography and Security · Computer Science 2020-03-25 Bilgiday Yuce , Patrick Schaumont , Marc Witteman

Hosting providers play a key role in fighting web compromise, but their ability to prevent abuse is constrained by the security practices of their own customers. {\em Shared} hosting, offers a unique perspective since customers operate…

Software quality is an important problem for technology companies, since it substantially impacts the efficiency, usefulness, and maintainability of the final product; hence, code review is a must-do activity for software developers. During…

Social and Information Networks · Computer Science 2022-10-11 Abduljaleel Al-Rubaye , Gita Sukthankar

Managing project dependencies is a key maintenance issue in software development. Developers need to choose an update strategy that allows them to receive important updates and fixes while protecting them from breaking changes. Semantic…

Software Engineering · Computer Science 2023-05-26 Abbas Javan Jafari , Diego Elias Costa , Emad Shihab , Rabe Abdalkareem

Software is prone to bugs and failures. Security bugs are those that expose or share privileged information and access in violation of the software's requirements. Given the seriousness of security bugs, there are centralized mechanisms for…

Software Engineering · Computer Science 2020-12-16 Daito Nakano , Mingyang Yin , Ryosuke Sato , Abram Hindle , Yasutaka Kamei , Naoyasu Ubayashi

While technical debt grows in absolute numbers as software systems evolve over time, the density of technical debt (technical debt divided by lines of code) is reduced in some cases. This can be explained by either the application of…

Software Engineering · Computer Science 2020-10-20 George Digkas , Alexander Chatzigeorgiou , Apostolos Ampatzoglou , Paris Avgeriou

Recent high-profile incidents in open-source software have greatly raised practitioner attention on software supply chain attacks. To guard against potential malicious package updates, security practitioners advocate pinning dependency to…

Software Engineering · Computer Science 2025-02-11 Hao He , Bogdan Vasilescu , Christian Kästner

Software protection aims at safeguarding assets embedded in software by preventing and delaying reverse engineering and tampering attacks. This paper presents an architecture and supporting tool flow to renew parts of native applications…

Cryptography and Security · Computer Science 2020-06-25 Bert Abrath , Bart Coppens , Jens Van den Broeck , Brecht Wyseur , Alessandro Cabutto , Paolo Falcarin , Bjorn De Sutter

The security of research software is essential for ensuring the integrity and reproducibility of scientific results. However, research software security is still largely unexplored. Due to its dependence on open source components and…

Software Engineering · Computer Science 2025-08-07 Richard Hegewald , Rebecca Beyer

Context: Contemporary code review tools are a popular choice for software quality assurance. Using these tools, reviewers are able to post a linkage between two patches during a review discussion. Large development teams that use a…

Software Engineering · Computer Science 2021-06-07 Dong Wang , Raula Gaikovina Kula , Takashi Ishio , Kenichi Matsumoto

To avoid software vulnerabilities, organizations are shifting security to earlier stages of the software development, such as at code review time. In this paper, we aim to understand the developers' perspective on assessing software…

Software Engineering · Computer Science 2022-08-09 Larissa Braz , Alberto Bacchelli

Context: Large embedded systems in vehicles tend to grow in size and complexity, which causes challenges when maintaining these systems. Objective: We explore how developers perceive the relation between maintainability effort and various…

Software Engineering · Computer Science 2025-05-20 Bengt Haraldsson , Miroslaw Staron

Critical software systems face stringent requirements in safety, security, and reliability due to the circumstances surrounding their operation. Safety and security have progressively gained importance over the years due to the integration…

Software Engineering · Computer Science 2015-12-16 Julio Escribano-Barreno , Marisol García-Valls

Software bugs pose an ever-present concern for developers, and patching such bugs requires a considerable amount of costs through complex operations. In contrast, introducing bugs can be an effortless job, in that even a simple mutation can…

Software Engineering · Computer Science 2023-03-02 Jinhan Kim , Jongchan Park , Shin Yoo

Context: Software testability is the degree to which a software system or a unit under test supports its own testing. To predict and improve software testability, a large number of techniques and metrics have been proposed by both…

Software Engineering · Computer Science 2018-12-07 Vahid Garousi , Michael Felderer , Feyza Nur Kilicaslan

Software maintenance faces a persistent challenge with crash bugs, especially across diverse release channels catering to distinct user bases. Nightly builds, favoured by enthusiasts, often reveal crashes that are cheaper to fix but may…

Software Engineering · Computer Science 2024-01-25 Suhaib Mujahid , Diego Elias Costa , Marco Castelluccio

Vulnerabilities of Ethereum smart contracts often cause serious financial damage. Whereas the Solidity compiler has been updated to prevent vulnerabilities, its effectiveness has not been revealed so far, to the best of our knowledge. In…

Cryptography and Security · Computer Science 2023-06-08 Chihiro Kado , Naoto Yanai , Jason Paul Cruz , Kyosuke Yamashita , Shingo Okamura

As the role of information and communication technologies gradually increases in our lives, source code security becomes a significant issue to protect against malicious attempts Furthermore with the advent of data-driven techniques, there…

Cryptography and Security · Computer Science 2023-02-03 Maryam Taeb

Various proxy metrics for test quality have been defined in order to guide developers when writing tests. Code coverage is particularly well established in practice, even though the question of how coverage relates to test quality is a…

Software Engineering · Computer Science 2021-03-15 Goran Petrović , Marko Ivanković , Gordon Fraser , René Just

Fixing bugs is an important phase in software development and maintenance. In practice, the process of bug fixing may conflict with the release schedule. Such confliction leads to a trade-off between software quality and release schedule,…

Software Engineering · Computer Science 2017-04-18 Jifeng Xuan , Yan Hu , He Jiang