Welcome to our new site version. Your web page bookmarks may have changed, please search for pages by title to update them. Having problems ? Please try clearing your web browser cache and hard-reloading your web page first before contacting our webmaster.

Evaluating Complexity, Code Churn, and Developer Activity as Indicators of Software Vulnerabilities

[document] Submitted on 23 May, 2019 - 15:21
Keywords evaluating complexity code churn developer activity software vulnerabilities
Standards groups

Developer Activity did not support predicatabilty hypothesis for Red Hat
But still showed that developer activity did have an affect on vulnerability
No evidence that one category of metrics is better than the other
In most cases, the 70% vulnerability for 30% inspection was true

Metadata
Date published
UNKNOWN
Document type
Case Study
Pages
24
Replaced/Superseded by document(s)
Cancelled by
Amended by
File MIME type Size (KB) Language Download
Evaluating Complexity.pptx application/vnd.openxmlformats-officedocument.presentationml.presentation   1.07 MB English DOWNLOAD!
File attachments
Cover images
Introduction

Evaluate whether complexity & developer activity metrics can be used to prevent software vulnerabilities
Evaluate whether complexity, code churn, and developer activity metrics are predictive of vulnerable locations of code

Author(s)
Umer Ahmed
Defines standard
Visit also