A Screening Test for Disclosed Vulnerabilities in FOSS Components
- Submitting institution
-
The University of Sheffield
- Unit of assessment
- 11 - Computer Science and Informatics
- Output identifier
- 2453
- Type
- D - Journal article
- DOI
-
10.1109/TSE.2018.2816033
- Title of journal
- IEEE Transactions on Software Engineering
- Article number
- -
- First page
- 945
- Volume
- 45
- Issue
- 10
- ISSN
- 0098-5589
- Open access status
- Compliant
- Month of publication
- March
- Year of publication
- 2018
- URL
-
-
- Supplementary information
-
-
- Request cross-referral to
- -
- Output has been delayed by COVID-19
- No
- COVID-19 affected output statement
- -
- Forensic science
- No
- Criminology
- No
- Interdisciplinary
- No
- Number of additional authors
-
2
- Research group(s)
-
I - Verification
- Citation count
- 1
- Proposed double-weighted
- No
- Reserve for an output with double weighting
- No
- Additional information
- This paper presents a pioneering approach to rapidly identify the vulnerabilities in Open Source components. It contains both novel algorithmic and empirical aspects and is published in a Q1 software engineering journal. It has far-reaching socio-economic impact, enabling software vendors to develop more cost- effective strategies to mitigate vulnerabilities. The methodology is used by SAP SE (implemented by the author) and is incorporated in the US Patent Application US 14/965449.
- Author contribution statement
- -
- Non-English
- No
- English abstract
- -