Evaluating Complexity, Code Churn, and Developer Activity as Indicators of Software Vulnerabilities

Keywords evaluating complexity code churn developer activity software vulnerabilities
Standards groups

Developer Activity did not support predicatabilty hypothesis for Red Hat
But still showed that developer activity did have an affect on vulnerability
No evidence that one category of metrics is better than the other
In most cases, the 70% vulnerability for 30% inspection was true

Metadata
Date published
UNKNOWN
Document type
Case Study
Pages
24
Defines standard
Replaced/Superseded by document(s)
Cancelled by
Amended by
File MIME type Size (KB) Language Download
Evaluating Complexity.pptx application/vnd.openxmlformats-officedocument.presentationml.presentation   1.07 MB English DOWNLOAD!
File attachments
Cover images
Introduction

Evaluate whether complexity & developer activity metrics can be used to prevent software vulnerabilities
Evaluate whether complexity, code churn, and developer activity metrics are predictive of vulnerable locations of code

Author(s)
Umer Ahmed
Visit also