English
Related papers

Related papers: Compliance as Code: A Study of Linux Distributions…

200 papers

Open source licenses create a legal framework that plays a crucial role in the widespread adoption of open source projects. Without a license, any source code available on the internet could not be openly (re)distributed. Although recent…

Software Engineering · Computer Science 2020-12-10 João Pedro Moraes , Ivanilton Polato , Igor Wiese , Filipe Saraiva , Gustavo Pinto

Open-source software (OSS) supply chain security has become a topic of concern for organizations. Patching an OSS vulnerability can require updating other dependent software products in addition to the original package. However, the…

Software Engineering · Computer Science 2024-04-19 Cadence Patrick , Kimberly Ruth , Zakir Durumeric

Continuous integration (CI) tools integrate code changes by automatically compiling, building, and executing test cases upon submission of code changes. Use of CI tools is getting increasingly popular, yet how proprietary projects reap the…

Software Engineering · Computer Science 2018-09-17 Akond Rahman , Amritanshu Agrawal , Rahul Krishna , Alexander Sobran

Peer code review has been found to be effective in identifying security vulnerabilities. However, despite practicing mandatory code reviews, many Open Source Software (OSS) projects still encounter a large number of post-release security…

Software Engineering · Computer Science 2021-02-16 Rajshakhar Paul , Asif Kamal Turzo , Amiangshu Bosu

To fork a project is to copy the existing code base and move in a direction different than that of the erstwhile project leadership. Forking provides a rapid way to address new requirements by adapting an existing solution. However, it can…

Software Engineering · Computer Science 2010-04-19 Neil A. Ernst , Steve Easterbrook , John Mylopoulos

Code cloning is an important software engineering aspect. It is a common software reuse principle that consists of duplicating source code within a program or across different systems owned or maintained by the same entity. There are…

Software Engineering · Computer Science 2015-04-30 Oualid El Halimi , Trith Patel , Zohaib S. Kiyani , Naresh. Kumar , Ankit Singh

Code churn refers to the measure of the amount of code added, modified, or deleted in a project and is often used to assess codebase stability and maintainability. Program comprehension or how understandable the changes are, is equally…

Software Engineering · Computer Science 2024-10-10 Ani Hovhannisyan , Youmei Fan , Gema Rodriguez-Perez , Raula Gaikovina Kula

A number of software foundations have been created as legal instruments to better articulate the structure, collaboration and financial model of Open Source Software (OSS) projects. Some examples are the Apache, Linux, or Mozilla…

Software Engineering · Computer Science 2020-05-21 Javier Luis Cánovas Izquierdo , Jordi Cabot

Compliance of organizations with internal and external norms is a highly relevant topic for both practitioners and academics nowadays. However, the substantive, elementary compliance tactics that organizations can use for achieving internal…

Computers and Society · Computer Science 2020-08-11 Ralph Foorthuis

Integrating third-party software components is a common practice in modern software development, offering significant advantages in terms of efficiency and innovation. However, this practice is fraught with risks related to software…

Software Engineering · Computer Science 2025-07-11 Boyuan Li , Chengwei Liu , Lingling Fan , Sen Chen , Zhenlin Zhang , Zheli Liu

Background: Everything as Code (EaC) is an emerging paradigm aiming to codify all aspects of modern software systems. Despite its growing popularity, comprehensive industry standards and peer-reviewed research clarifying its scope and…

Software Engineering · Computer Science 2025-07-08 Haoran Wei , Nazim Madhavji , John Steinbacher

Mini-app is an emerging form of mobile application that combines web technology with native capabilities. Its features, e.g., no need to download and no installation, have made it popular rapidly. However, privacy issues that violate the…

Cryptography and Security · Computer Science 2023-02-28 Yin Wang , Ming Fan , Junfeng Liu , Junjie Tao , Wuxia Jin , Qi Xiong , Yuhao Liu , Qinghua Zheng , Ting Liu

Patch reviewing is critical for software development, especially in distributed open-source development, which highly depends on voluntary work, such as Linux. This paper studies the past 10 years of patch reviews of the Linux memory…

Software Engineering · Computer Science 2026-03-27 Chih-En Lin , Attreyee Mukherjee , Ajay Rawat , Ruqi Zhang , Pedro Fonseca

The Open Source Software movement has been growing exponentially for a number of years with no signs of slowing. Driving this growth is the widespread availability of libraries and frameworks that provide many functionalities. Developers…

Software Engineering · Computer Science 2022-06-22 Stan Zajdel , Diego Elias Costa , Hafedh Mili

Some approaches to increasing program reliability involve a disciplined use of programming languages so as to minimise the hazards introduced by error-prone features. This is realised by writing code that is constrained to a subset of the a…

Programming Languages · Computer Science 2007-11-06 Guillem Marpons-Ucero , Julio Mariño , Ángel Herranz , Lars-Åke Fredlund , Manuel Carro , Juan José Moreno-Navarro

A controller -- a software module managing hardware behavior -- is a key component of a typical robot system. While control theory gives safety guarantees for standard controller designs, the practical implementation of controllers in…

Software Engineering · Computer Science 2026-02-05 Nils Chur , Thorsten Berger , Einar Broch Johnsen , Andrzej Wąsowski

It is challenging to verify that the planned security mechanisms are actually implemented in the software. In the context of model-based development, the implemented security mechanisms must capture all intended security properties that…

Software Engineering · Computer Science 2022-03-21 Katja Tuma , Sven Peldszus , Daniel Strüber , Riccardo Scandariato , Jan Jürjens

Consistency is one of the keys to maintainable source code and hence a successful software project. We propose a novel method of extracting the intent of programmers from source code of a large project (~300kLOC) and checking the semantic…

Software Engineering · Computer Science 2022-03-21 Yusuke Shinyama , Yoshitaka Arahori , Katsuhiko Gondow

This paper presents a unified framework for evaluating Linux security hardening on the FABRIC testbed through aggregation of heterogeneous security auditing tools. We deploy three Ubuntu 22.04 nodes configured at baseline, partial, and full…

Cryptography and Security · Computer Science 2026-01-06 Sheldon Paul , Izzat Alsmadi

Automatic testing is a widely adopted technique for improving software quality. Software developers add, remove and update test methods and test classes as part of the software development process as well as during the evolution phase,…

Software Engineering · Computer Science 2017-09-27 Stanislav Levin , Amiram Yehudai