English
Related papers

Related papers: How far are German companies in improving security…

200 papers

The damage caused by cybercrime makes the development of secure software inevitable. Although many tools and frameworks exist to support the development of secure software, statistics on cybercrime show no improvement in recent years. To…

Software Engineering · Computer Science 2025-12-09 Alex R. Mattukat , Timo Langstrof , Horst Lichter

The mass production of complex software has made it impossible to manually test it for security vulnerabilities. Automated security testing tools come in a variety of flavors, function at various stages of software development, and target…

Software Engineering · Computer Science 2023-01-18 Yan Wu , Jingyi Su , David D. Moran , Chris D. Near

Static analyzers are tool sets which are proving to be indispensable to modern programmers. These enable the programmers to detect possible errors and security defects present in the current code base within the implementation phase of the…

Software Engineering · Computer Science 2019-05-14 Eljose E Sajan , Yunpeng Zhang , Liang-Chieh Cheng

The demand for automated security analysis techniques, such as static analysis based security testing (SAST) tools continues to increase. To develop SASTs that are effectively leveraged by developers for finding vulnerabilities, researchers…

Cryptography and Security · Computer Science 2024-06-21 Amit Seal Ami , Kevin Moran , Denys Poshyvanyk , Adwait Nadkarni

Just like other software, spreadsheets can contain significant faults. Static analysis is an accepted and well-established technique in software engineering known for its capability to discover faults. In recent years, a growing number of…

Software Engineering · Computer Science 2014-01-30 Daniel Kulesz , Jan-Peter Ostberg

These days, software development and security go hand in hand. Numerous techniques and strategies are discussed in the literature that can be applied to guarantee the incorporation of security into the software development process. In this…

Cryptography and Security · Computer Science 2024-03-29 Timo Langstrof , Alex R. Sabau

In recent years, the World Economic Forum has identified software security as the most significant technological risk to the world's population, as software-intensive systems process critical data and provide critical services. This raises…

Software Engineering · Computer Science 2021-08-27 Stefan Dziwok , Thorsten Koch , Sven Merschjohann , Boris Budweg , Sebastian Leuer

Static Application Security Testing (SAST) is a popular quality assurance technique in software engineering. However, integrating SAST tools into industry-level product development and security assessment poses various technical and…

Software Engineering · Computer Science 2021-03-25 Anh Nguyen-Duc , Manh Viet Do , Quan Luong Hong , Kiem Nguyen Khac

Static analysis remains one of the most popular approaches for detecting and correcting poor or vulnerable program code. It involves the examination of code listings, test results, or other documentation to identify errors, violations of…

Artificial Intelligence · Computer Science 2021-08-27 Fitzroy D. Nembhard , Marco M. Carvalho

Static security analysis is a widely used technique for detecting software vulnerabilities across a wide range of weaknesses, application domains, and programming languages. While prior work surveyed static analyzes for specific weaknesses…

Cryptography and Security · Computer Science 2026-02-23 Kevin Hermann , Sven Peldszus , Thorsten Berger

Today's small and medium-sized enterprises (SMEs) in the software industry are faced with major challenges. While having to work efficiently using limited resources they have to perform quality assurance on their code to avoid the risk of…

Software Engineering · Computer Science 2016-11-24 Mario Gleirscher , Dmitriy Golubitskiy , Maximilian Irlbeck , Stefan Wagner

Background: Agile software development has become a popular way of developing software. Scrum is the most frequently used agile framework, but it is often reported to be adapted in practice. Objective: Thus, we aim to understand how Scrum…

Software Engineering · Computer Science 2017-03-31 Philipp Diebold , Jan-Peter Ostberg , Stefan Wagner , Ulrich Zendler

Context: Today's safety critical systems are increasingly reliant on software. Software becomes responsible for most of the critical functions of systems. Many different safety analysis techniques have been developed to identify hazards of…

Software Engineering · Computer Science 2016-12-02 Asim Abdulkhaleq , Stefan Wagner

Generative artificial intelligence (GenAI) tools have seen rapid adoption among software developers. While adoption rates in the industry are rising, the underlying factors influencing the effective use of these tools, including the depth…

Software Engineering · Computer Science 2026-01-26 Ludwig Felder , Tobias Eisenreich , Mahsa Fischer , Stefan Wagner , Chunyang Chen

Secure software engineering is a fundamental activity in modern software development. However, while the field of security research has been advancing quite fast, in practice, there is still a vast knowledge gap between the security experts…

Software Engineering · Computer Science 2021-04-09 Vivek Arora , Enrique Larios Vargas , Maurício Aniche , Arie van Deursen

It is quite common for security testing to be delayed until after the software has been developed, but vulnerabilities may get noticed throughout the implementation phase and the earlier they are discovered, the easier and cheaper it will…

Software Engineering · Computer Science 2018-05-25 Rahma Mahmood , Qusay H. Mahmoud

Context: Software code review aims to early find code anomalies and to perform code improvements when they are less expensive. However, issues and challenges faced by developers who do not apply code review practices regularly are unclear.…

Software Engineering · Computer Science 2020-08-04 Marcos Dosea , Claudio Sant'Anna , Ythanna Oliveira , Methanias Colaco Junior

Software security has been an important research topic over the years. The community has proposed processes and tools for secure software development and security analysis. However, a significant number of vulnerabilities remains in…

Software Engineering · Computer Science 2024-06-07 Steven Arzt , Linda Schreiber , Dominik Appelt

Many software products are composed of components integrated from other teams or external parties. Each additional link in a software product's supply chain increases the risk of the injection of malicious behavior. To improve supply chain…

Software Engineering · Computer Science 2025-03-31 Kelechi G. Kalu , Tanya Singla , Chinenye Okafor , Santiago Torres-Arias , James C. Davis

Without quantitative data, deciding whether and how to use static analysis in a development workflow is a matter of expert opinion and guesswork rather than an engineering trade-off. Moreover, relevant data collected under real-world…

Software Engineering · Computer Science 2020-03-09 William R. Nichols
‹ Prev 1 2 3 10 Next ›