DocumentCode :
638290
Title :
Peer Code Review to Prevent Security Vulnerabilities: An Empirical Evaluation
Author :
Bosu, Amiangshu ; Carver, Jeffrey C.
Author_Institution :
Univ. of Alabama, Tuscaloosa, AL, USA
fYear :
2013
fDate :
18-20 June 2013
Firstpage :
229
Lastpage :
230
Abstract :
Peer code review, as an effective quality improvement practice, has also been considered important for reducing security vulnerabilities. There is a lack of empirical evidence to quantify and support this claim. Therefore, we propose a research plan to analyze mature open source projects to gather empirical evidence regarding the relationship between peer code review and security vulnerabilities. As a proof-of-concept, we analyzed the Chromium OS project and found that reviewers identified potential vulnerabilities in 32 review requests.
Keywords :
operating systems (computers); security of data; Chromium OS project; empirical evaluation; mature open source projects; peer code review; quality improvement practice; security vulnerabilities prevention; Communities; Computer bugs; Databases; Forgery; Inspection; Security; Software; code review; open source; security defects; vulnerability;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Software Security and Reliability-Companion (SERE-C), 2013 IEEE 7th International Conference on
Conference_Location :
Gaithersburg, MD
Print_ISBN :
978-1-4799-2924-5
Type :
conf
DOI :
10.1109/SERE-C.2013.22
Filename :
6616350
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=638290
بازگشت