Operational disruption in healthcare associated with software functionality issue due to software security patching: a case report. [PDF]
Front Digit HealthDespite many benefits, the extensive deployment of Health Information Technology (HIT) systems by healthcare organizations has encountered many challenges, particularly in the field of telemetry concerning patient monitoring and its operational workflow.
Jabin MSR.
europepmc +2 more sources
The FormAI Dataset: Generative AI in Software Security through the Lens of Formal Verification [PDF]
International Conference on Predictive Models in Software Engineering, 2023 This paper presents the FormAI dataset, a large collection of 112,000 AI-generated compilable and independent C programs with vulnerability classification.
Norbert Tihanyi +5 more
semanticscholar +1 more source
Characterizing and Understanding Software Security Vulnerabilities in Machine Learning Libraries [PDF]
IEEE Working Conference on Mining Software Repositories, 2022 The application of machine learning (ML) libraries has tremendously increased in many domains, including autonomous driving systems, medical, and critical industries. Vulnerabilities of such libraries could result in irreparable consequences.
Nima Shiri Harzevili +3 more
semanticscholar +1 more source
Do Software Security Practices Yield Fewer Vulnerabilities? [PDF]
2023 IEEE/ACM 45th International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP), 2022 Due to the ever-increasing number of security breaches, practitioners are motivated to produce more secure software. In the United States, the White House Office released a memorandum on Executive Order (EO) 14028 that mandates organizations provide self-
Nusrat Zahan +3 more
semanticscholar +1 more source
Software security during modern code review: the developer’s perspective [PDF]
ESEC/SIGSOFT FSE, 2022 To avoid software vulnerabilities, organizations are shifting security to earlier stages of the software development, such as at code review time. In this paper, we aim to understand the developers’ perspective on assessing software security during code ...
Larissa Braz, Alberto Bacchelli
semanticscholar +1 more source
DASP: A Framework for Driving the Adoption of Software Security Practices [PDF]
IEEE Transactions on Software Engineering, 2022 Implementing software security practices is a critical concern in modern software development. Industry practitioners, security tool providers, and researchers have provided standard security guidelines and sophisticated security development tools to ...
Enrique Larios-Vargas +5 more
semanticscholar +1 more source
On the combination of static analysis for software security assessment - a case study of an open-source e-government project [PDF]
Advances in Science, Technology and Engineering Systems, 2021 Static Application Security Testing (SAST) is a popular quality assurance technique in software engineering. However, integrating SAST tools into industry-level product development and security assessment poses various technical and managerial challenges.
Anh Nguyen-Duc +3 more
semanticscholar +1 more source
Space Odyssey: An Experimental Software Security Analysis of Satellites
IEEE Symposium on Security and Privacy, 2023 Satellites are an essential aspect of our modern society and have contributed significantly to the way we live today, most notable through modern telecommunications, global positioning, and Earth observation.
Johannes Willbold +5 more
semanticscholar +1 more source
A First Look into Software Security Practices in Bangladesh
ACM J. Comput. Sustain. Soc., 2023 Software security practices are critical in minimizing vulnerabilities and protecting unauthorized access to the code and the system. However, software security practices outside Western countries need to be better understood. This need for understanding
Ankit Shrestha +4 more
semanticscholar +1 more source
Structuring a Comprehensive Software Security Course Around the OWASP Application Security Verification Standard [PDF]
2021 IEEE/ACM 43rd International Conference on Software Engineering: Software Engineering Education and Training (ICSE-SEET), 2021 Lack of security expertise among software practitioners is a problem with many implications. First, there is a deficit of security professionals to meet current needs.
Sarah Elder +5 more
semanticscholar +1 more source