Automating Vulnerability Management in the Software Development Lifecycle

被引：0

作者：

Franca, Horacio L. ^{[1
]}

Teixeira, Cesar ^{[1
]}

laranjeiro, Nuno ^{[1
]}

机构：

[1] Univ Coimbra, CISUC, DEI, Coimbra, Portugal

来源：

2023 53RD ANNUAL IEEE/IFIP INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS - SUPPLEMENTAL VOLUME, DSN-S | 2023年

关键词：

issue report; vulnerabilities; security; software development; machine learning;

D O I：

10.1109/DSN-S58398.2023.00051

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Managing the presence of vulnerabilities in software can be a time and resource consuming process. The advancements in machine learning (ML) over the past few years have allowed us to automate parts of the software development lifecycle, including the identification of vulnerabilities starting from bug reports. However, such approaches have known gaps generally related with subpar effectiveness. In this PhD, we intend to propose a vulnerability management framework aiming at four main objectives: i) highly effective vulnerability identification starting from bug reports; ii) detailed vulnerability classification; iii) prediction of main aspects related with the correction (e.g., defect triage); and iv) recommending corrections based on the detailed knowledge obtained in the previous phases.

引用

页码：188 / 190

页数：3

共 50 条

[31] Automating object-oriented software development methods
Tekinerdogan, B
Saeki, M
Sunyé, G
van den Broek, P
Hruby, P
[J]. OBJECT-ORIENTED TECHNOLOGY, PROCEEDINGS, 2002, 2323 : 41 - 56
[32] Automating the management of software maintenance workflows in a large software enterprise: a case study
Aversano, L
Canfora, G
De Lucia, A
Stefanucci, S
[J]. JOURNAL OF SOFTWARE MAINTENANCE AND EVOLUTION-RESEARCH AND PRACTICE, 2002, 14 (04): : 229 - 255
[33] Role of Knowledge Management in Development and Lifecycle Management of Biopharmaceuticals
Rathore, Anurag S.
Fabian Garcia-Aponte, Oscar
Golabgir, Aydin
Margarita Vallejo-Diaz, Bibiana
Herwig, Christoph
[J]. PHARMACEUTICAL RESEARCH, 2017, 34 (02) : 243 - 256
[34] Role of Knowledge Management in Development and Lifecycle Management of Biopharmaceuticals
Anurag S. Rathore
Oscar Fabián Garcia-Aponte
Aydin Golabgir
Bibiana Margarita Vallejo-Diaz
Christoph Herwig
[J]. Pharmaceutical Research, 2017, 34 : 243 - 256
[35] Exploring software security approaches in software development lifecycle: A systematic mapping study
Mohammed, Nabil M.
Niazi, Mahmood
Alshayeb, Mohammad
Mahmood, Sajjad
[J]. COMPUTER STANDARDS & INTERFACES, 2017, 50 : 107 - 115
[36] Breakdown model: A disruptive software development lifecycle for fault tolerant software systems
Prakash, Vaibhav
Sunderesan, Danny
[J]. CrossTalk, 2016, 29 (01): : 28 - 30
[37] Thermal Management of Software Changes in Product Lifecycle of Consumer Electronics
Muraoka, Yoshio
Seki, Kenichi
Nishimura, Hidekazu
[J]. PRODUCT LIFECYCLE MANAGEMENT FOR A GLOBAL MARKET (PLM 2014), 2014, 442 : 237 - 246
[38] Product Lifecycle Management (PLM) software for machine construction and mechanics
[J]. Konstruktion, 2009, (05):
[39] Product lifecycle management - RPM revs up formulation software
不详
[J]. CHEMICAL WEEK, 2002, 164 (21) : 23 - 23
[40] The Integration of the Risk Management Process with the Lifecycle of Medical Device Software
Pecoraro, F.
Luzi, D.
[J]. METHODS OF INFORMATION IN MEDICINE, 2014, 53 (02) : 92 - 98

← 1 2 3 4 5 →