Addressing problems with replicability and validity of repository mining studies through a smart data platform
F Trautsch, S Herbold, P Makedonski… - Empirical Software …, 2018 - Springer
The usage of empirical methods has grown common in software engineering. This trend
spawned hundreds of publications, whose results are helping to understand and improve …
spawned hundreds of publications, whose results are helping to understand and improve …
Call graph construction for java libraries
Today, every application uses software libraries. Yet, while a lot of research exists wrt
analyzing applications, research that targets the analysis of libraries independent of any …
analyzing applications, research that targets the analysis of libraries independent of any …
Static data-flow analysis for software product lines in C: Revoking the preprocessor's special role
Many critical codebases are written in C, and most of them use preprocessor directives to
encode variability, effectively encoding software product lines. These preprocessor …
encode variability, effectively encoding software product lines. These preprocessor …
Lossless, persisted summarization of static callgraph, points-to and data-flow analysis
PD Schubert, B Hermann… - 35th European Conference …, 2021 - drops.dagstuhl.de
Static analysis is used to automatically detect bugs and security breaches, and aids compiler
optimization. Whole-program analysis (WPA) can yield high precision, however causes long …
optimization. Whole-program analysis (WPA) can yield high precision, however causes long …
A Server‐Side JavaScript Security Architecture for Secure Integration of Third‐Party Libraries
N Van Ginkel, W De Groef, F Massacci… - Security and …, 2019 - Wiley Online Library
The popularity of the JavaScript programming language for server‐side programming has
increased tremendously over the past decade. The Node. js framework is a popular …
increased tremendously over the past decade. The Node. js framework is a popular …
Hermes: assessment and creation of effective test corpora
An integral part of developing a new analysis is to validate the correctness of its
implementation and to demonstrate its usefulness when applied to real-world code. As a …
implementation and to demonstrate its usefulness when applied to real-world code. As a …
Capabilities for Java: Secure access to resources
This paper explores adding capabilities to Java with the objective of tightening security
management for access to resources both within the Java Class Library and Java …
management for access to resources both within the Java Class Library and Java …
[PDF][PDF] Full-stack static security analysis for the java platform
B Hermann - 2016 - core.ac.uk
I did not decide right away that in my career as a computer scientist pursuing a doctorate
would be something I would invest time into. After my diploma thesis I wanted to venture out …
would be something I would invest time into. After my diploma thesis I wanted to venture out …
[引用][C] Scaling Static Whole-Program Analysis to Modern C and C++ Software Development
PD Schubert - 2024 - Paderborn University