English
Related papers

Related papers: Towards Immediate Feedback for Security Relevant C…

200 papers

Rust, a popular systems-level programming language, has garnered widespread attention due to its features of achieving run-time efficiency and memory safety. With an increasing number of real-world projects adopting Rust, understanding how…

Software Engineering · Computer Science 2024-12-20 Mohan Cui , Penglei Mao , Shuran Sun , Yangfan Zhou , Hui Xu

Effective collaboration is a key factor in the success of a software project developed by a team. In this work, we suggest the approach of Synchronized Software Development (SSD), which promotes a new mechanism of collaboration in general,…

Software Engineering · Computer Science 2015-04-29 Stanislav Levin , Amiram Yehudai

The ongoing shortage of skilled developers, particularly in security-critical software development, has led organizations to increasingly adopt AI-powered development tools to boost productivity and reduce reliance on limited human…

Software Engineering · Computer Science 2026-03-18 Nadine Jost , Benjamin Berens , Manuel Karl , Stefan Albert Horstmann , Martin Johns , Alena Naiakshina

Enabling fully automated testing of mobile applications has recently become an important topic of study for both researchers and practitioners. A plethora of tools and approaches have been proposed to aid mobile developers both by…

Software Engineering · Computer Science 2018-01-22 Mario Linares Vasquez , Carlos Bernal-Cardenas , Kevin Moran , Denys Poshyvanyk

Security issue reports are the primary means of informing development teams of security risks in projects, but little is known about current practices. We aim to understand the characteristics of these reports in open-source projects and…

Cryptography and Security · Computer Science 2021-12-21 Noah Bühlmann , Mohammad Ghafari

Security is an important quality of software systems, but there is a huge lack of security experts. To overcome this gap, we aim to make security design knowledge reusable for architects by proposing the SecuRe recommendation approach to…

Software Engineering · Computer Science 2025-01-28 Alex R. Sabau , Dominik Lammers , Horst Lichter

Self-Admitted Technical Debt (SATD) refers to instances where developers knowingly introduce suboptimal solutions into code and document them, often through textual artifacts. This paper provides a comprehensive state-of-practice report on…

Software Engineering · Computer Science 2025-03-20 Edi Sutoyo , Andrea Capiluppi

The use of open-source software (OSS) is ever-increasing, and so is the number of open-source vulnerabilities being discovered and publicly disclosed. The gains obtained from the reuse of community-developed libraries may be offset by the…

Cryptography and Security · Computer Science 2025-03-18 Serena E. Ponta , Henrik Plate , Antonino Sabetta

Formal verification of software is a bit of a niche activity: it is only applied to the most safety-critical or security-critical software and it is typically only performed by specialized verification engineers. This paper considers…

Logic in Computer Science · Computer Science 2020-11-02 Alastair Reid , Luke Church , Shaked Flur , Sarah de Haas , Maritza Johnson , Ben Laurie

With software systems permeating our lives, we are entitled to expect that such systems are secure by design, and that such security endures throughout the use of these systems and their subsequent evolution. Although adaptive security…

Cryptography and Security · Computer Science 2023-06-08 Liliana Pasquale , Kushal Ramkumar , Wanling Cai , John McCarthy , Gavin Doherty , Bashar Nuseibeh

Java platform and third-party libraries provide various security features to facilitate secure coding. However, misusing these features can cost tremendous time and effort of developers or cause security vulnerabilities in software. Prior…

Cryptography and Security · Computer Science 2017-09-29 Na Meng , Stefan Nagy , Daphne Yao , Wenjie Zhuang , Gustavo Arango Argoty

Software development teams establish elaborate continuous integration pipelines containing automated test cases to accelerate the development process of software. Automated tests help to verify the correctness of code modifications…

Software Engineering · Computer Science 2023-12-05 Chidera Biringa , Gokhan Kul

Motivation: Technical debt is a metaphor that describes not-quite-right code introduced for short-term needs. Developers are aware of it and admit it in source code comments, which is called Self- Admitted Technical Debt (SATD). Therefore,…

Software Engineering · Computer Science 2023-12-05 Moritz Mock

Defects in requirements specifications can have severe consequences during the software development lifecycle. Some of them result in overall project failure due to incorrect or missing quality characteristics such as security. There are…

Software Engineering · Computer Science 2019-06-28 H. Villamizar , A. A. Neto , M. Kalinowski , A. Garcia , D. Mendez Fernández

These days, software development and security go hand in hand. Numerous techniques and strategies are discussed in the literature that can be applied to guarantee the incorporation of security into the software development process. In this…

Cryptography and Security · Computer Science 2024-03-29 Timo Langstrof , Alex R. Sabau

Embedded systems in safety-critical environments are continuously required to deliver more performance and functionality, while expected to provide verified safety guarantees. Nonetheless, platform-wide software verification (required for…

Systems and Control · Computer Science 2017-05-09 Fardin Abdi , Renato Mancuso , Rohan Tabish , Marco Caccamo

In the rapidly evolving landscape of software engineering, the demand for robust and secure systems has become increasingly critical. This is especially true for self-adaptive systems due to their complexity and the dynamic environments in…

Cryptography and Security · Computer Science 2026-04-07 Irdin Pekaric , Raffaela Groner , Alexander Raschke , Thomas Witte , Jubril Gbolahan Adigun , Michael Felderer , Matthias Tichy

Android Inter-Component Communication (ICC) is complex, largely unconstrained, and hard for developers to understand. As a consequence, ICC is a common source of security vulnerability in Android apps. To promote secure programming…

Cryptography and Security · Computer Science 2018-12-11 Pascal Gadient , Mohammad Ghafari , Patrick Frischknecht , Oscar Nierstrasz

Security remains a critical challenge in modern web applications, where threats such as unauthorized access, data breaches, and injection attacks continue to undermine trust and reliability. Traditional Object-Oriented Programming (OOP)…

Software Engineering · Computer Science 2025-09-10 Mterorga Ukor

Reviewing source code from a security perspective has proven to be a difficult task. Indeed, previous research has shown that developers often miss even popular and easy-to-detect vulnerabilities during code review. Initial evidence…

Software Engineering · Computer Science 2022-02-15 Larissa Braz , Christian Aeberhard , Gül Çalikli , Alberto Bacchelli