English
Related papers

Related papers: Elevating Software Trust: Unveiling and Quantifyin…

200 papers

Existing safety evaluation methods for large language models (LLMs) suffer from inherent limitations, including evaluator bias and detection failures arising from model homogeneity, which collectively undermine the robustness of risk…

Artificial Intelligence · Computer Science 2025-10-24 Xiuyuan Chen , Jian Zhao , Yuchen Yuan , Tianle Zhang , Huilin Zhou , Zheng Zhu , Ping Hu , Linghe Kong , Chi Zhang , Weiran Huang , Xuelong Li

Vulnerability discovery and exploits detection are two wide areas of study in software engineering. This preliminary work tries to combine existing methods with machine learning techniques to define a metric classification of vulnerable…

Software Engineering · Computer Science 2014-07-23 Gabriele Modena

We introduce a framework for Foundational Analysis of Safety Engineering Requirements (SAFER), a model-driven methodology supported by Generative AI to improve the generation and analysis of safety requirements for complex safety-critical…

Software Engineering · Computer Science 2026-01-13 Noga Chemo , Yaniv Mordecai , Yoram Reich

The exponential growth of Common Vulnerabilities and Exposures (CVE) disclosures poses significant challenges for enterprise security management, necessitating automated and quantitative risk assessment methodologies. Existing vulnerability…

Cryptography and Security · Computer Science 2026-04-09 Wanru Shao

Secure development process is a procedure taken by developers to ensure the programs developed are following the general security standards and will always be up to date so that the outcomes are well secured and obedient. As a software…

Software Engineering · Computer Science 2020-12-22 Abdul Hadi bin Abdul Rahman , Abdullah Nazir , Kim Tae Hyun , Tan Horng Yarng , Fatima-tuz-Zahra

In this paper, we present a novel data-driven approach to quantify safety for non-linear, discrete-time stochastic systems with unknown noise distribution. We define safety as the probability that the system remains in a given region of the…

Systems and Control · Electrical Eng. & Systems 2024-10-10 Frederik Baymler Mathiesen , Licio Romao , Simeon C. Calvert , Luca Laurenti , Alessandro Abate

Software security mainly studies vulnerability detection: is my code vulnerable today? This hinders risk estimation, so new approaches are emerging to forecast the occurrence of future vulnerabilities. While useful, these approaches are…

Software Engineering · Computer Science 2024-11-19 Carlos E. Budde , Ranindya Paramitha , Fabio Massacci

Threats targeting cyberspace are becoming more prominent and intelligent day by day. This inherently leads to a dire demand for continuous security validation and testing. Using this paper, we aim to provide a holistic and precise security…

Cryptography and Security · Computer Science 2021-08-17 Hardik Manocha , Akash Srivastava , Chetan Verma , Ratan Gupta , Bhavya Bansal

In this paper, we present a unified framework for decision making under uncertainty. Our framework is based on the composite of two risk measures, where the inner risk measure accounts for the risk of decision given the exact distribution…

Optimization and Control · Mathematics 2015-01-07 Pengyu Qian , Zizhuo Wang , Zaiwen Wen

Gaps between established security standards and their practical implementation have the potential to introduce vulnerabilities, possibly exposing them to security risks. To effectively address and mitigate these security and compliance…

Cryptography and Security · Computer Science 2025-07-10 Sarah Ali Siddiqui , Chandra Thapa , Derui Wang , Rayne Holland , Wei Shao , Seyit Camtepe , Hajime Suzuki , Rajiv Shah

Software security is of utmost importance for most software systems. Developers must systematically select, plan, design, implement, and especially, maintain and evolve security features -- functionalities to mitigate attacks or protect…

Software Engineering · Computer Science 2025-09-30 Kevin Hermann , Sven Peldszus , Jan-Philipp Steghöfer , Thorsten Berger

Most safety testing efforts for large language models (LLMs) today focus on evaluating foundation models. However, there is a growing need to evaluate safety at the application level, as components such as system prompts, retrieval…

Software Engineering · Computer Science 2025-07-15 Jia Yi Goh , Shaun Khoo , Nyx Iskandar , Gabriel Chua , Leanne Tan , Jessica Foo

The prevalence of software systems has become an integral part of modern-day living. Software usage has increased significantly, leading to its growth in both size and complexity. Consequently, software development is becoming a more…

Software Engineering · Computer Science 2023-06-07 Tiago Dias , Arthur Batista , Eva Maia , Isabel Praça

Formal verification and testing are complementary approaches which are used in the development process to verify the functional correctness of software. However, the correctness of software cannot ensure the safe operation of…

Software Engineering · Computer Science 2016-12-12 Asim Abdulkhaleq , Stefan Wagner , Nancy Leveson

Context: Software testability is the degree to which a software system or a unit under test supports its own testing. To predict and improve software testability, a large number of techniques and metrics have been proposed by both…

Software Engineering · Computer Science 2018-12-07 Vahid Garousi , Michael Felderer , Feyza Nur Kilicaslan

When developing a safety-critical system it is essential to obtain an assessment of different design alternatives. In particular, an early safety assessment of the architectural design of a system is desirable. In spite of the plethora of…

Software Engineering · Computer Science 2011-07-07 Florian Leitner-Fischer , Stefan Leue

Context: Recent software engineering (SE) research has highlighted the need for sociotechnical research, implying a demand for customized psychometric scales. Objective: We define the concepts of technical and sociotechnical infrastructure…

Advanced AI systems offer substantial benefits but also introduce risks. In 2025, AI-enabled cyber offense has emerged as a concrete example. This technical report applies a quantitative risk modeling methodology (described in full in a…

Embedded Systems (ES) development has been historically focused on functionality rather than security, and today it still applies in many sectors and applications. However, there is an increasing number of security threats over ES, and a…

Cryptography and Security · Computer Science 2021-12-13 Ángel Longueira-Romero , Rosa Iglesias , David Gonzalez , Iñaki Garitano

Scoring systems, as a type of predictive model, have significant advantages in interpretability and transparency and facilitate quick decision-making. As such, scoring systems have been extensively used in a wide variety of industries such…

Machine Learning · Computer Science 2022-11-23 Yi Yang , Ying Wu , Mei Li , Xiangyu Chang , Yong Tan