Technical debt as an indicator of software security risk: a machine learning approach for software development enterprises.
Saved in:
| Title: | Technical debt as an indicator of software security risk: a machine learning approach for software development enterprises. |
|---|---|
| Authors: | Siavvas, Miltiadis, Tsoukalas, Dimitrios, Jankovic, Marija, Kehagias, Dionysios, Tzovaras, Dimitrios |
| Source: | Enterprise Information Systems; May2022, Vol. 16 Issue 5, p1-43, 43p |
| Subject Terms: | COMPUTER software security, COMPUTER software development, DEBT, SOFTWARE engineering, BUSINESS enterprises, SOFTWARE product line engineering, MACHINE learning |
| Abstract: | Vulnerability prediction facilitates the development of secure software, as it enables the identification and mitigation of security risks early enough in the software development lifecycle. Although several factors have been studied for their ability to indicate software security risk, very limited attention has been given to technical debt (TD), despite its potential relevance to software security. To this end, in the present study, we investigate the ability of common TD indicators to indicate security risks in software products, both at project-level and at class-level of granularity. Our findings suggest that TD indicators may potentially act as security indicators as well. [ABSTRACT FROM AUTHOR] |
| Copyright of Enterprise Information Systems is the property of Taylor & Francis Ltd and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) | |
| Database: | Complementary Index |
Full Text Finder 
Nájsť tento článok vo Web of Science | FullText | Text: Availability: 0 CustomLinks: – Url: https://resolver.ebscohost.com/openurl?sid=EBSCO:edb&genre=article&issn=17517575&ISBN=&volume=16&issue=5&date=20220501&spage=1&pages=1-43&title=Enterprise Information Systems&atitle=Technical%20debt%20as%20an%20indicator%20of%20software%20security%20risk%3A%20a%20machine%20learning%20approach%20for%20software%20development%20enterprises.&aulast=Siavvas%2C%20Miltiadis&id=DOI:10.1080/17517575.2020.1824017 Name: Full Text Finder Category: fullText Text: Full Text Finder Icon: https://imageserver.ebscohost.com/branding/images/FTF.gif MouseOverText: Full Text Finder – Url: https://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=EBSCO&SrcAuth=EBSCO&DestApp=WOS&ServiceName=TransferToWoS&DestLinkType=GeneralSearchSummary&Func=Links&author=Siavvas%20M Name: ISI Category: fullText Text: Nájsť tento článok vo Web of Science Icon: https://imagesrvr.epnet.com/ls/20docs.gif MouseOverText: Nájsť tento článok vo Web of Science |
|---|---|
| Header | DbId: edb DbLabel: Complementary Index An: 156729664 RelevancyScore: 926 AccessLevel: 6 PubType: Academic Journal PubTypeId: academicJournal PreciseRelevancyScore: 925.765075683594 |
| IllustrationInfo | |
| Items | – Name: Title Label: Title Group: Ti Data: Technical debt as an indicator of software security risk: a machine learning approach for software development enterprises. – Name: Author Label: Authors Group: Au Data: <searchLink fieldCode="AR" term="%22Siavvas%2C+Miltiadis%22">Siavvas, Miltiadis</searchLink><br /><searchLink fieldCode="AR" term="%22Tsoukalas%2C+Dimitrios%22">Tsoukalas, Dimitrios</searchLink><br /><searchLink fieldCode="AR" term="%22Jankovic%2C+Marija%22">Jankovic, Marija</searchLink><br /><searchLink fieldCode="AR" term="%22Kehagias%2C+Dionysios%22">Kehagias, Dionysios</searchLink><br /><searchLink fieldCode="AR" term="%22Tzovaras%2C+Dimitrios%22">Tzovaras, Dimitrios</searchLink> – Name: TitleSource Label: Source Group: Src Data: Enterprise Information Systems; May2022, Vol. 16 Issue 5, p1-43, 43p – Name: Subject Label: Subject Terms Group: Su Data: <searchLink fieldCode="DE" term="%22COMPUTER+software+security%22">COMPUTER software security</searchLink><br /><searchLink fieldCode="DE" term="%22COMPUTER+software+development%22">COMPUTER software development</searchLink><br /><searchLink fieldCode="DE" term="%22DEBT%22">DEBT</searchLink><br /><searchLink fieldCode="DE" term="%22SOFTWARE+engineering%22">SOFTWARE engineering</searchLink><br /><searchLink fieldCode="DE" term="%22BUSINESS+enterprises%22">BUSINESS enterprises</searchLink><br /><searchLink fieldCode="DE" term="%22SOFTWARE+product+line+engineering%22">SOFTWARE product line engineering</searchLink><br /><searchLink fieldCode="DE" term="%22MACHINE+learning%22">MACHINE learning</searchLink> – Name: Abstract Label: Abstract Group: Ab Data: Vulnerability prediction facilitates the development of secure software, as it enables the identification and mitigation of security risks early enough in the software development lifecycle. Although several factors have been studied for their ability to indicate software security risk, very limited attention has been given to technical debt (TD), despite its potential relevance to software security. To this end, in the present study, we investigate the ability of common TD indicators to indicate security risks in software products, both at project-level and at class-level of granularity. Our findings suggest that TD indicators may potentially act as security indicators as well. [ABSTRACT FROM AUTHOR] – Name: Abstract Label: Group: Ab Data: <i>Copyright of Enterprise Information Systems is the property of Taylor & Francis Ltd and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.) |
| PLink | https://erproxy.cvtisr.sk/sfx/access?url=https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=edb&AN=156729664 |
| RecordInfo | BibRecord: BibEntity: Identifiers: – Type: doi Value: 10.1080/17517575.2020.1824017 Languages: – Code: eng Text: English PhysicalDescription: Pagination: PageCount: 43 StartPage: 1 Subjects: – SubjectFull: COMPUTER software security Type: general – SubjectFull: COMPUTER software development Type: general – SubjectFull: DEBT Type: general – SubjectFull: SOFTWARE engineering Type: general – SubjectFull: BUSINESS enterprises Type: general – SubjectFull: SOFTWARE product line engineering Type: general – SubjectFull: MACHINE learning Type: general Titles: – TitleFull: Technical debt as an indicator of software security risk: a machine learning approach for software development enterprises. Type: main BibRelationships: HasContributorRelationships: – PersonEntity: Name: NameFull: Siavvas, Miltiadis – PersonEntity: Name: NameFull: Tsoukalas, Dimitrios – PersonEntity: Name: NameFull: Jankovic, Marija – PersonEntity: Name: NameFull: Kehagias, Dionysios – PersonEntity: Name: NameFull: Tzovaras, Dimitrios IsPartOfRelationships: – BibEntity: Dates: – D: 01 M: 05 Text: May2022 Type: published Y: 2022 Identifiers: – Type: issn-print Value: 17517575 Numbering: – Type: volume Value: 16 – Type: issue Value: 5 Titles: – TitleFull: Enterprise Information Systems Type: main |
| ResultId | 1 |