English
Related papers

Related papers: Security Debt in Practice: Nuanced Insights from P…

200 papers

Secure software engineering is a fundamental activity in modern software development. However, while the field of security research has been advancing quite fast, in practice, there is still a vast knowledge gap between the security experts…

Software Engineering · Computer Science 2021-04-09 Vivek Arora , Enrique Larios Vargas , Maurício Aniche , Arie van Deursen

Technical Debt, considered by many to be the 'silent killer' of software projects, has undeniably become part of the everyday vocabulary of software engineers. We know it compromises the internal quality of a system, either deliberately or…

The Department of Homeland Security in the United States estimates that 90% of software vulnerabilities can be traced back to defects in design and software coding. The financial impact of these vulnerabilities has been shown to exceed 380…

Software Engineering · Computer Science 2021-02-11 Tiago Espinha Gasiba , Ulrike Lechner , Maria Pinto-Albuquerque , Daniel Mendez

In recent years, the number of cyber attacks has grown rapidly. An effective way to reduce the attack surface and protect software is adoption of methodologies that apply security at each step of the software development lifecycle. While…

Cryptography and Security · Computer Science 2023-07-06 Arina Kudriavtseva , Olga Gadyatskaya

The software development process is considered as one of the key guidelines in the creation of said software and this approach is necessary for providing a more efficient yet satisfactory output. Without separation of work into distinct…

Software Engineering · Computer Science 2020-12-15 Alya Hannah Ahmad Kamal , Caryn Chuah Yi Yen , Gan Jia Hui , Pang Sze Ling , Fatima-tuz-Zahra

Smart contracts have been plagued by security incidents, which resulted in substantial financial losses. Given numerous research efforts in addressing the security issues of smart contracts, we wondered how software practitioners build…

Software Engineering · Computer Science 2021-03-30 Zhiyuan Wan , Xin Xia , David Lo , Jiachi Chen , Xiapu Luo , Xiaohu Yang

To avoid software vulnerabilities, organizations are shifting security to earlier stages of the software development, such as at code review time. In this paper, we aim to understand the developers' perspective on assessing software…

Software Engineering · Computer Science 2022-08-09 Larissa Braz , Alberto Bacchelli

When writing software code, developers typically prioritise functionality over security, either consciously or unconsciously through biases and heuristics. This is often attributed to tangible pressures such as client requirements, but…

Software Engineering · Computer Science 2022-05-10 Matthew Ivory

Software has become an integral part of everyday life. Everyday, millions of people perform transaction through internet, ATM, mobile phone, they send email and Egreetings, and use word processing and spreadsheet for various purpose. People…

Software Engineering · Computer Science 2009-11-04 C. Banerjee , S. K. Pandey

Software supply chain attacks have increased exponentially since 2020. The primary attack vectors for supply chain attacks are through: (1) software components; (2) the build infrastructure; and (3) humans (a.k.a software practitioners).…

Cryptography and Security · Computer Science 2025-09-11 Laurie Williams , Sammy Migues

Software security requirements have been traditionally considered as a non-functional attribute of the software. However, as more software started to provide services online, existing mechanisms of using firewalls and other hardware to…

Software Engineering · Computer Science 2023-10-24 Asif Imran

Software development industries are increasingly adopting containers to enhance the scalability and flexibility of software applications. Security in containerized projects is a critical challenge that can lead to data breaches and…

Software Engineering · Computer Science 2025-04-11 Maha Sroor , Rahul Mohanani , Ricardo Colomo-Palacios , Sandun Dasanayake , Tommi Mikkonen

Secure software is a cornerstone to safe and resilient digital ecosystems. It offers strong foundation to protect users' sensitive data and guard against cyber-threats. The rapidly increasing landscape of digital economy has encouraged…

Cryptography and Security · Computer Science 2023-07-13 Irum Rauf , Tamara Lopez , Thein Tun , Marian Petre , Bashar Nuseibeh

Context: Contemporary software development is typically conducted in dynamic, resource-scarce environments that are prone to the accumulation of technical debt. While this general phenomenon is acknowledged, what remains unknown is how…

Safety-critical software systems are those whose failure or malfunction could result in casualty and/or serious financial loss. In such systems, safety assurance cases (SACs) are an emerging approach that adopts a proactive strategy to…

Software Engineering · Computer Science 2018-03-23 Jinghui Cheng , Micayla Goodrum , Ronald Metoyer , Jane Cleland-Huang

Software needs to be secure, in particular, when deployed to critical infrastructures. Secure coding guidelines capture practices in industrial software engineering to ensure the security of code. This study aims to assess the level of…

Software Engineering · Computer Science 2021-01-07 Tiago Espinha Gasiba , Ulrike Lechner , Maria Pinto-Albuquerque , Daniel Mendez Fernandez

Identifying security issues early is encouraged to reduce the latent negative impacts on software systems. Code review is a widely-used method that allows developers to manually inspect modified code, catching security issues during a…

Software Engineering · Computer Science 2024-05-10 Wachiraphan Charoenwet , Patanamon Thongtanunam , Van-Thuan Pham , Christoph Treude

Self-Admitted Technical Debt (SATD) encompasses a wide array of sub-optimal design and implementation choices reported in software artefacts (e.g., code comments and commit messages) by developers themselves. Such reports have been central…

Software Engineering · Computer Science 2024-03-05 Nicolás E. Díaz Ferreyra , Mojtaba Shahin , Mansooreh Zahedi , Sodiq Quadri , Ricardo Scandariato

During software development, balancing security and non security issues is challenging. We focus on security awareness and approaches taken by non-security experts using software development issue trackers when considering security. We…

Software Engineering · Computer Science 2023-08-28 Léon McGregor , Manuel Maarek , Hans-Wolfgang Loidl

Software security is of utmost importance for most software systems. Developers must systematically select, plan, design, implement, and especially, maintain and evolve security features -- functionalities to mitigate attacks or protect…

Software Engineering · Computer Science 2025-09-30 Kevin Hermann , Sven Peldszus , Jan-Philipp Steghöfer , Thorsten Berger
‹ Prev 1 2 3 10 Next ›