2023
Automatic extraction of security-rich dataflow diagrams for microservice applications written in Java
Schneider, Simon; Scandariato, Riccardo
Journal of Systems and Software 202: 111722 (2023-08)
Publisher DOI
Simple stupid insecure practices and GitHub's code search: A looming threat?
Go, Ken Russel; Soundarapandian, Sruthi; Mitra, Aparupa; Vidoni, Melina; Díaz Ferreyra, Nicolás
Journal of Systems and Software 202: 111698 (2023-08)
Publisher DOI
Developers Need Protection, Too: Perspectives and Research Challenges for Privacy in Social Coding Platforms
Díaz Ferreyra, Nicolás; Imine, Abdessamad; Vidoni, Melina; Scandariato, Riccardo
16th IEEE/ACM International Conference on Cooperative and Human Aspects of Software Engineering (CHASE 2023)
Publisher DOI
Regret, Delete, (Do Not) Repeat: An Analysis of Self-Cleaning Practices on Twitter After the Outbreak of the COVID-19 Pandemic
Díaz Ferreyra, Nicolás; Shahi, Gautam Kishore; Tony, Catherine; Stieglitz, Stefan; Scandariato, Riccardo
Conference on Human Factors in Computing Systems - Proceedings: 246 1-7 (2023-03-19)
Publisher DOI
CASCADE: An Asset-driven Approach to Build Security Assurance Cases for Automotive Systems
Mohamad, Mazen; Jolak, Rodi; Askerdal, Örjan; Steghöfer, Jan-Philipp; Scandariato, Riccardo
ACM Transactions on Cyber-Physical Systems 7 (1): 3 (2023-02-20)
Publisher DOI
Microservice Security Metrics for Secure Communication, Identity Management, and Observability
Zdun, Uwe; Queval, Pierre-Jean; Simhandl, Georg; Scandariato, Riccardo; Chakravarty, Somik; Jelić, Marjan; Jovanovic, Aleksandar
ACM Transactions on Software Engineering and Methodology 32 (1): 3532183 (2023-02-13)
Publisher DOI
Detection strategies for microservice security tactics
Zdun, Uwe; Queval, Pierre-Jean; Simhandl, Georg; Scandariato, Riccardo; Chakravarty, Somik; Jelić, Marjan; Jovanovic, Aleksandar
IEEE Transactions on Dependable and Secure Computing (in Press) : (2023)
Publisher DOI
LLMSecEval: a dataset of natural language prompts for security evaluations
Tony, Catherine; Mutas, Markus; Ferreyra, Nicolas E. Diaz; Scandariato, Riccardo
Proceedings - 2023 IEEE/ACM 20th International Conference on Mining Software Repositories, MSR 2023
Publisher DOI
microSecEnD: A dataset of security-enriched dataflow diagrams for microservice applications
Schneider, Simon; Ozen, Tufan; Chen, Michael; Scandariato, Riccardo
Proceedings - 2023 IEEE/ACM 20th International Conference on Mining Software Repositories (MSR 2023)
Publisher DOI
2022
GitHub Considered Harmful? Analyzing Open-Source Projects for the Automatic Generation of Cryptographic API Call Sequences
Tony, Catherine; Díaz Ferreyra, Nicolás; Scandariato, Riccardo
22nd IEEE International Conference on Software Quality, Reliability and Security (QRS 2022)
Publisher DOI
Identifying security-related requirements in regulatory documents based on cross-project classification
Mohamad, Mazen; Steghöfer, Jan-Philipp; Åström, Alexander; Scandariato, Riccardo
18th ACM International Conference on Predictive Models and Data Analytics in Software Engineering (PROMISE 2022)
Publisher DOI
ENAGRAM : an app to evaluate preventative nudges for Instagram
Díaz Ferreyra, Nicolás; Ostendorf, Sina; Äimeur, Esma; Heisel, Maritta; Brand, Matthias
2nd European Symposium on Usable Security (EuroUSEC 2022)
Publisher DOI
Precise Analysis of Purpose Limitation in Data Flow Diagrams
Alshareef, Hanaa; Tuma, Katja; Stucki, Sandro; Schneider, Gerardo; Scandariato, Riccardo
17th International Conference on Availability, Reliability and Security (ARES 2022)
Publisher DOI
RIPOSTE: A Collaborative Cyber Attack Response Framework for Automotive Systems
Jolak, Rodi; Rosenstatter, Thomas; Aldaghistani, Saif; Scandariato, Riccardo
48th Euromicro Conference on Software Engineering and Advanced Applications (SEAA 2022)
Publisher DOI
STRIPED: A Threat Analysis Method for IoT Systems
Srikumar, Kamakshi; Kashish, Komal; Eggers, Kolja; Díaz Ferreyra, Nicolás; Koch, Julian; Schüppstuhl, Thorsten; Scandariato, Riccardo
17th International Conference on Availability, Reliability and Security (ARES 2022)
Publisher DOI
SoK: Security of Microservice Applications: A Practitioners' Perspective on Challenges and Best Practices
Billawa, Priyanka; Bambhore Tukaram, Anusha; Díaz Ferreyra, Nicolás; Steghöfer, Jan-Philipp; Scandariato, Riccardo; Simhandl, Georg
17th International Conference on Availability, Reliability and Security (ARES 2022)
Publisher DOI
Towards a Security Benchmark for the Architectural Design of Microservice Applications
Bambhore Tukaram, Anusha; Schneider, Simon; Díaz Ferreyra, Nicolás; Simhandl, Georg; Zdun, Uwe; Scandariato, Riccardo
17th International Conference on Availability, Reliability and Security (ARES 2022)
Publisher DOI
Maestro: A platform for benchmarking automatic program repair tools on software vulnerabilities
Pinconschi, Eduard; Bui, Quang Cuong; Abreu, Rui; Adão, Pedro; Scandariato, Riccardo
31st ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2022)
Publisher DOI
Conversational DevBots for Secure Programming: An Empirical Study on SKF Chatbot
Tony, Catherine; Balasubramanian, Mohana; Díaz Ferreyra, Nicolás; Scandariato, Riccardo
26th ACM International Conference on Evaluation and Assessment in Software Engineering (EASE 2022)
Publisher DOI
Community detection for access-control decisions : analysing the role of homophily and information diffusion in online social networks
Díaz Ferreyra, Nicolás; Hecking, Tobias; Äimeur, Esma; Heisel, Maritta; Hoppe, Heinz Ulrich
Online Social Networks and Media 29: 100203 (2022-05)
Open Access
|
Publisher DOI
Vul4J: A Dataset of Reproducible Java Vulnerabilities Geared Towards the Study of Program Repair Techniques
Bui, Quang Cuong; Scandariato, Riccardo; Díaz Ferreyra, Nicolás
Mining Software Repositories Conference (MSR 2022)
Publisher DOI
CONSERVE: A framework for the selection of techniques for monitoring containers security
Jolak, Rodi; Rosenstatter, Thomas; Mohamad, Mazen; Strandberg, Kim; Sangchoolie, Behrooz; Nowdehi, Nasser; Scandariato, Riccardo
Journal of Systems and Software 186: 111158 (2022-04)
Open Access
|
Publisher DOI
Checking security compliance between models and code
Tuma, Katja; Peldszus, Sven; Strüber, Daniel; Scandariato, Riccardo; Jürjens, Jan
Software and Systems Modeling 22 (1): 273-296 (2023-02)
Open Access
|
Publisher DOI
2021
Finding security threats that matter: Two industrial case studies
Tuma, Katja; Sandberg, Christian; Thorsson, Urban; Widman, Mathias; Herpel, Thomas; Scandariato, Riccardo
Journal of Systems and Software 179: 111003 (2021-09)
Publisher DOI
Asset-driven Security Assurance Cases with Built-in Quality Assurance
Mohamad, Mazen; Askerdal, Örjan; Jolak, Rodi; Steghöfer, Jan-Philipp; Scandariato, Riccardo
IEEE/ACM 2nd International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS 2021)
Publisher DOI
Security assurance cases - state of the art of an emerging approach
Mohamad, Mazen; Steghöfer, Jan-Philipp; Scandariato, Riccardo
Empirical Software Engineering 26 (4): 70 (2021-07-01)
Open Access
|
Publisher DOI
Secure Software Development in the Era of Fluid Multi-party Open Software and Services
Pashchenko, Ivan; Scandariato, Riccardo; Sabetta, Antonino; Massacci, Fabio
ACM/IEEE International Conference on Software Engineering: New Ideas and Emerging Results (ICSE-NIER 2021)
Publisher DOI