English
Related papers

Related papers: Less is More: Supporting Developers in Vulnerabili…

200 papers

Code review is a critical step in the software development life cycle, which assesses and boosts the code's effectiveness and correctness, pinpoints security issues, and raises its quality by adhering to best practices. Due to the increased…

Software Engineering · Computer Science 2023-06-21 Feiyang Tang , Bjarte M. Østvold , Magiel Bruntink

Context: Writing Clean Code understandable by other collaborators has become crucial to enhancing collaboration and productivity. However, very little is known regarding whether developers agree with Clean Code Principles and how they apply…

Software Engineering · Computer Science 2022-08-16 Kevin Ljung , Javier Gonzalez-Huerta

Software vulnerabilities, caused by unintentional flaws in source code, are a primary root cause of cyberattacks. Static analysis of source code has been widely used to detect these unintentional defects introduced by software developers.…

Software Engineering · Computer Science 2024-08-08 Andrew A Mahyari

Psychological safety refers to the belief that team members can speak up or make mistakes without fear of negative consequences. While it is recognized as important in traditional software teams, its role in open-source software development…

Software Engineering · Computer Science 2026-05-18 Emeralda Sesari , Federica Sarro , Ayushi Rastogi

This paper illustrates an empirical study of the working efficiency of machine learning techniques in classifying code review text by semantic meaning. The code review comments from the source control repository in GitHub were extracted for…

Software Engineering · Computer Science 2025-08-25 Shadikur Rahman , Umme Ayman Koana , Hasibul Karim Shanto , Mahmuda Akter , Chitra Roy , Aras M. Ismael

While smart contracts are foundational elements of blockchain applications, their inherent susceptibility to security vulnerabilities poses a significant challenge. Existing training datasets employed for vulnerability detection tools may…

Cryptography and Security · Computer Science 2024-10-31 Cuong Tran Manh , Hieu Dinh Vo

Code reviews are a critical yet time-consuming aspect of modern software development, increasingly challenged by growing system complexity and the demand for faster delivery. This paper presents a study conducted at WirelessCar Sweden AB,…

Software security is of utmost importance for most software systems. Developers must systematically select, plan, design, implement, and especially, maintain and evolve security features -- functionalities to mitigate attacks or protect…

Software Engineering · Computer Science 2025-09-30 Kevin Hermann , Sven Peldszus , Jan-Philipp Steghöfer , Thorsten Berger

The task of designing secure software systems is fraught with uncertainty, as data on uncommon attacks is limited, costs are difficult to estimate, and technology and tools are continually changing. Consequently, experts may interpret the…

Cryptography and Security · Computer Science 2013-06-03 Simon Miller , Susan Appleby , Jonathan M. Garibaldi , Uwe Aickelin

Background: Code reviewing is an essential part of software development to ensure software quality. However, the abundance of review tasks and the intensity of the workload for reviewers negatively impact the quality of the reviews. The…

Software Engineering · Computer Science 2022-07-26 Shadikur Rahman , Umme Ayman Koana , Maleknaz Nayebi

When writing software code, developers typically prioritise functionality over security, either consciously or unconsciously through biases and heuristics. This is often attributed to tangible pressures such as client requirements, but…

Software Engineering · Computer Science 2022-05-10 Matthew Ivory

Reading code is an essential activity in software maintenance and evolution. Several studies with human subjects have investigated how different factors, such as the employed programming constructs and naming conventions, can impact code…

Software Engineering · Computer Science 2021-10-05 Delano Oliveira , Reydne Bruno , Fernanda Madeiral , Fernando Castor

Many software projects employ manual code review to gatekeep defects and vulnerabilities in the code before integration. However, reviewers often work under time pressure and rely primarily on static inspection, leaving the dynamic aspects…

Software Engineering · Computer Science 2025-10-20 Wachiraphan Charoenwet , Patanamon Thongtanunam , Van-Thuan Pham , Christoph Treude

The security attitudes and approaches of software developers have a large impact on the software they produce, yet we know very little about how and when these views are constructed. This paper investigates the security and privacy (S&P)…

Cryptography and Security · Computer Science 2021-03-30 Mohammad Tahaei , Adam Jenkins , Kami Vaniea , Maria Wolters

Identifying the software weaknesses exploited by attacks supports efforts to reduce developer introduction of vulnerabilities and to guide security code review efforts. A weakness is a bug or fault type that can be exploited through an…

Cryptography and Security · Computer Science 2024-05-03 Peter Mell , Irena Bojanova , Carlos Galhardo

Scientific progress in NLP rests on the reproducibility of researchers' claims. The *CL conferences created the NLP Reproducibility Checklist in 2020 to be completed by authors at submission to remind them of key information to include. We…

Computation and Language · Computer Science 2023-06-19 Ian Magnusson , Noah A. Smith , Jesse Dodge

Does the act of writing a specification (how the code should behave) for a piece of security sensitive code lead to developers producing more secure code? We asked 138 developers to write a snippet of code to store a password: Half of them…

Cryptography and Security · Computer Science 2021-02-22 Joseph Hallett , Nikhil Patnaik , Benjamin Shreeve , Awais Rashid

Code review is a critical practice in modern software engineering, helping developers detect defects early, improve code quality, and facilitate knowledge sharing. With the rapid advancement of large language models (LLMs), a growing body…

Software Engineering · Computer Science 2026-02-17 Taufiqul Islam Khan , Shaowei Wang , Haoxiang Zhang , Tse-Hsun Chen

Recently, workforce shortage has become a popular issue in information technology (IT). One solution to increasing the workforce supply is to increase the number of female IT professionals. This is because there is gender imbalance in…

Software Engineering · Computer Science 2022-09-09 Yuriko Takatsuka , Yukasa Murakami , Masateru Tsunoda , Masahide Nakamura

With the urgent need to secure supply chains among Open Source libraries, attention has focused on mitigating vulnerabilities detected in these libraries. Although awareness has improved recently, most studies still report delays in the…

Software Engineering · Computer Science 2024-06-18 Ruksit Rojpaisarnkit , Hathaichanok Damrongsiri , Christoph Treude , Ali Ouni , Raula Gaikovina Kula