Evaluating Complexity, Code Churn, and Developer Activity as Indicators of Software Vulnerabilities

Keywords evaluating complexity code churn developer activity software vulnerabilities

Standards groups

Developer Activity did not support predicatabilty hypothesis for Red Hat
But still showed that developer activity did have an affect on vulnerability
No evidence that one category of metrics is better than the other
In most cases, the 70% vulnerability for 30% inspection was true

Metadata

Date published

UNKNOWN

Document type

Case Study

Pages

Defines standard

Replaced/Superseded by document(s)

Cancelled by

Amended by

File	MIME type		Size (KB)	Language	Download
Evaluating Complexity.pptx	application/vnd.openxmlformats-officedocument.presentationml.presentation		1.07 MB	English	DOWNLOAD!

File attachments

Provides definitions

Cover images

Introduction

Evaluate whether complexity & developer activity metrics can be used to prevent software vulnerabilities
Evaluate whether complexity, code churn, and developer activity metrics are predictive of vulnerable locations of code

Author(s)

Umer Ahmed

Site Slogan

Evaluating Complexity, Code Churn, and Developer Activity as Indicators of Software Vulnerabilities

Australia
PO Box 2385
Ringwood North, VIC 3134, Australia
P: +61 (0) 3 9876 7345
[email protected]

USA (answers in Australia)
P: +1 888 772 5174

Brazil
P: +55 12 9 9780 3490

China 绝对不是
P: +86 188 5117 2867