English
Related papers

Related papers: Towards Immediate Feedback for Security Relevant C…

200 papers

Security holds an important role in a software. Most people are not aware of the significance of security in software system and tend to assume that they will be fine without security in their software systems. However, the lack of security…

Software Engineering · Computer Science 2020-12-25 Ariessa Davaindran Lingham , Nelson Tang Kwong Kin , Chen Wan Jing , Chong Heng Loong , Fatima-tuz-Zahra

This study investigates vulnerabilities in dependencies of sampled open-source software (OSS) projects, the relationship between these and overall project security, and how developers' behaviors and practices influence their mitigation.…

Cryptography and Security · Computer Science 2024-08-27 Janislley Oliveira de Sousa , Bruno Carvalho de Farias , Eddie Batista de Lima Filho , Lucas Carvalho Cordeiro

Developers use different means to document the security concerns of their code. Because of all of these opportunities, they may forget where the information is stored, or others may not be aware of it, and leave it unmaintained for so long…

Software Engineering · Computer Science 2025-01-15 Moritz Mock , Thomas Forrer , Barbara Russo

Android is the most used Operating System worldwide for mobile devices, with hundreds of thousands of apps downloaded daily. Although these apps are primarily written in Java and Kotlin, advanced functionalities such as graphics or…

Cryptography and Security · Computer Science 2024-12-03 Silvia Lucia Sanna , Diego Soi , Davide Maiorca , Giorgio Fumera , Giorgio Giacinto

This paper is an introductory discussion on the cause of open source software vulnerabilities, their importance in the cybersecurity ecosystem, and a selection of detection methods. A recent application security report showed 44% of…

Cryptography and Security · Computer Science 2022-03-31 Stuart Millar

As software development practices increasingly adopt AI-powered tools, ensuring that such tools can support secure coding has become critical. This study evaluates the effectiveness of GitHub Copilot's recently introduced code review…

Software Engineering · Computer Science 2025-09-18 Amena Amro , Manar H. Alalfi

The increasing demand for programmers has led to a surge in participants in programming courses, making it increasingly challenging for instructors to assess student code manually. As a result, automated programming assessment systems…

Software Engineering · Computer Science 2025-03-18 Eduard Frankford , Daniel Crazzolara , Michael Vierhauser , Niklas Meissner , Stephan Krusche , Ruth Breu

Effective software testing is critical for producing reliable and secure software, yet many computer science students struggle to master the foundational concepts required to construct comprehensive test suites. While automated feedback…

Software Engineering · Computer Science 2025-10-02 Shiza Andleeb , Teo Mendoza , Lucas Cordova , Gursimran Walia , Jeffrey C. Carver

Many industrial software development processes today have to comply with security standards such as the IEC~62443-4-1. These standards, written in natural language, are ambiguous and complex to understand. This is especially true for…

Software Engineering · Computer Science 2021-05-31 Fabiola Moyón , Daniel Méndez , Kristian Beckers , Sebastian Klepper

With the emergence of the Node.js ecosystem, JavaScript has become a widely-used programming language for implementing server-side web applications. In this paper, we present the first empirical study of static code analysis tools for…

Cryptography and Security · Computer Science 2023-08-07 Tiago Brito , Mafalda Ferreira , Miguel Monteiro , Pedro Lopes , Miguel Barros , José Fragoso Santos , Nuno Santos

We present the Code Documentation and Analysis Tool (CoDAT). CoDAT is a tool designed to maintain consistency between the various levels of code documentation, e.g. if a line in a code sketch is changed, the comment that documents the…

Software Engineering · Computer Science 2024-07-17 Paul Attie , Anas Obeidat , Nathaniel Oh , Ian Yelle

With the increasing adoption of Continuous Integration and Continuous Deployment pipelines, securing software supply chains has become a critical challenge for modern DevOps teams. This study addresses these challenges by applying a…

Software Engineering · Computer Science 2025-06-10 Sowmiya Dhandapani

Integrated development environments (IDE) play an important role in supporting developers during program comprehension and completion. Many of these supportive features focus on low-level programming and debugging activities. Unfortunately,…

Software Engineering · Computer Science 2021-05-20 Ali Shokri , Mehdi Mirakhorli

Bug fixing is a complex and time-consuming task in software development. Bug localization research tends to focus on the accuracy of automated tools that suggest source code files for developers to look at. However, little is known about…

Software Engineering · Computer Science 2026-05-07 Pablo Diaz Pedreira , Tamara Lopez , Michel Wermelinger

The increasing use of Infrastructure as Code (IaC) in DevOps leads to benefits in speed and reliability of deployment operation, but extends to infrastructure challenges typical of software systems. IaC scripts can contain defects that…

Software Engineering · Computer Science 2022-06-22 Michele Chiari , Michele De Pascalis , Matteo Pradella

The use of blockchain and smart contracts have not stopped growing in recent years. Like all software that begins to expand its use, it is also beginning to be targeted by hackers who will try to exploit vulnerabilities in both the…

Cryptography and Security · Computer Science 2024-02-07 Antonio López Vivar , Ana Lucila Sandoval Orozco , Luis Javier García Villalba

Recent trends in the software development practices (Agile, DevOps, CI) have shortened the development life-cycle causing the need for efficient security-by-design approaches. In this context, software architectures are analyzed for…

Software Engineering · Computer Science 2019-06-06 Katja Tuma , Danial Hosseini , Kyriakos Malamas , Riccardo Scandariato

Python is one of the most popular programming languages; as such, projects written in Python involve an increasing number of diverse security vulnerabilities. However, existing state-of-the-art analysis tools for Python only support a few…

Software Engineering · Computer Science 2026-01-22 Yoann Marquer , Domenico Bianculli , Lionel C. Briand

Knowing what sensitive resources a dependency could potentially access would help developers assess the risk of a dependency before selection. One way to get an understanding of the potential sensitive resource usage by a dependency is…

Cryptography and Security · Computer Science 2025-03-19 Imranur Rahman , Ranidya Paramitha , Henrik Plate , Dominik Wermke , Laurie Williams

Background: Despite the widespread use of automated security defect detection tools, software projects still contain many security defects that could result in serious damage. Such tools are largely context-insensitive and may not cover all…

Software Engineering · Computer Science 2023-07-06 Jiaxin Yu , Liming Fu , Peng Liang , Amjed Tahir , Mojtaba Shahin