Evaluating Complexity, Code Churn, and Developer Activity as Indicators of Software Vulnerabilities

Keywords evaluating complexity code churn developer activity software vulnerabilities
Standards groups

Developer Activity did not support predicatabilty hypothesis for Red Hat
But still showed that developer activity did have an affect on vulnerability
No evidence that one category of metrics is better than the other
In most cases, the 70% vulnerability for 30% inspection was true

Date published
Document type
Case Study
Defines standard
Replaced/Superseded by document(s)
Cancelled by
Amended by
File MIME type Size (KB) Language Download
Evaluating Complexity.pptx application/vnd.openxmlformats-officedocument.presentationml.presentation   1.07 MB English DOWNLOAD!
File attachments
Cover images

Evaluate whether complexity & developer activity metrics can be used to prevent software vulnerabilities
Evaluate whether complexity, code churn, and developer activity metrics are predictive of vulnerable locations of code

Umer Ahmed
Visit also