Forschungsbericht 2024

Software Security E-22

Leitung: Scandariato, Riccardo

Institut auf TORE
Institutswebsite

Publikationen

• On the understandability of design-level security practices in infrastructure-as-code scripts and deployment architectures - Journal Article
  Ntentos, Evangelos; Hörner, Nicole; Simhandl, Georg; Zdun, Uwe; Schneider, Simon Malte; Scandariato, Riccardo; Díaz Ferreyra, Nicolás
  ACM Transactions on Software Engineering and Methodology 34 (1): 6 (2024)
  Open Access | Publisher DOI
  
  
• MADE-WIC: Multiple Annotated Datasets for Exploring Weaknesses In Code - Conference Paper
  Mock, Moritz; Melegati, Jorge; Kretschmann, Max; Díaz Ferreyra, Nicolás; Russo, Barbara
  39th ACM/IEEE International Conference on Automated Software Engineering, ASE 2024
  Open Access | Publisher DOI
  
  
• Designing secure AI-based systems: a multi-vocal literature review - Conference Paper
  Schneider, Simon Malte; Saha, Ananya; Mezzi, Emanuele; Tuma, Katja; Scandariato, Riccardo
  IEEE Secure Development Conference, SecDev 2024
  Publisher DOI
  
  
• Managing security evidence in safety-critical organizations - Journal Article
  Mohamad, Mazen; Steghöfer, Jan-Philipp; Knauss, Eric; Scandariato, Riccardo
  Journal of Systems and Software 214: 112082 (2024)
  Open Access | Publisher DOI
  
  
• Detection strategies for microservice security tactics - Journal Article
  Zdun, Uwe; Queval, Pierre-Jean; Simhandl, Georg; Scandariato, Riccardo; Chakravarty, Somik; Jelić, Marjan; Jovanovic, Aleksandar
  IEEE Transactions on Dependable and Secure Computing 21 (3): 1257-1273 (2024)
  Open Access | Publisher DOI
  
  
• APR4Vul: an empirical study of automatic program repair techniques on real-world Java vulnerabilities - Journal Article
  Bui, Quang Cuong; Paramitha, Ranindya; Vu, Duc-Ly; Massacci, Fabio; Scandariato, Riccardo
  Empirical Software Engineering 29 (1): 18 (2024)
  Open Access | Publisher DOI
  
  
• What can self-admitted technical debt tell us about security? A mixed-methods study - Conference Paper
  Díaz Ferreyra, Nicolás; Shahin, Mojtaba; Zahedi, Mansooreh; Quadri, Sodiq; Scandariato, Riccardo
  IEEE/ACM 21st International Conference on Mining Software Repositories, MSR 2024
  Publisher DOI
  
  
• CATMA: Conformance Analysis Tool for Microservice Applications - Conference Paper
  Cao, Clinton; Schneider, Simon; Díaz Ferreyra, Nicolás; Verwer, Sicco; Panichella, Annibale; Scandariato, Riccardo
  2024 IEEE/ACM 46th International Conference on Software Engineering, ICSE 2024
  Open Access | Publisher DOI
  
  
• How dataflow diagrams impact software security analysis : an empirical experiment - Conference Paper
  Schneider, Simon Malte; Díaz Ferreyra, Nicolás; Queval, Pierre-Jean; Simhandl, Georg; Zdun, Uwe; Scandariato, Riccardo
  31st IEEE International Conference on Software Analysis, Evolution and Reengineering, SANER 2024
  Publisher DOI
  
  

Forschungsdaten

• Published version of the SSATD Dataset - Dataset
  Díaz Ferreyra, Nicolás; Quadri, Sodiq; Shahin, Mojtaba; Zahedi, Mansooreh; Scandariato, Riccardo
  Publisher DOI
  
  

Projekte

• Sec4AI4Sec - Cybersecurity for AI-Augmented Systems
  European Commission; Laufzeit 2023-2026
  Projektleitung: Scandariato, Riccardo