Works (19)
Updated: April 4th, 2024 09:09
2021 conference paper
Combining Theory and Practice in Data Structures & Algorithms Course Projects: An Experience Report
Proceedings of the 52nd ACM Technical Symposium on Computer Science Education, 959–965.
Event: at New York, NY, USA
TL;DR:
The objective of the redesigned CS2 course project is to connect computer science theory with software development practice by incorporating algorithm design and analysis, data structure selection, and experimental analysis as part of the software development lifecycle.
(via Semantic Scholar)
dl.acm.org (publisher PDF)
Source: ORCID
Added: March 18, 2021
2020 article
Integrating Testing Throughout the CS Curriculum
2020 IEEE 13TH INTERNATIONAL CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION WORKSHOPS (ICSTW), pp. 441–444.
author keywords: testing; CS1; CS2
TL;DR:
This paper discusses how software testing is taught in CS1 – Introductory Programming, CS2 – Software Development Fundamentals, and several other courses beyond CS2 and discusses lessons learned and open concerns for future research.
(via Semantic Scholar)
Sources: Web Of Science, NC State University Libraries
Added: March 8, 2021
2018 article
Developing Software Engineering Skills using Real Tools for Automated Grading
SIGCSE'18: PROCEEDINGS OF THE 49TH ACM TECHNICAL SYMPOSIUM ON COMPUTER SCIENCE EDUCATION, pp. 794–799.
Event: at New York, NY, USA
author keywords: Automated grading; continuous integration; version control; software engineering best practice
TL;DR:
The Canary Framework for supporting software engineering practices through the use of Eclipse for development; GitHub for submission and collaboration; and Jenkins for continuous integration and automated grading is presented.
(via Semantic Scholar)
Sources: Web Of Science, NC State University Libraries, ORCID
Added: September 16, 2019
2017 journal article
Identifying the implied: Findings from three differentiated replications on the use of security requirements templates
EMPIRICAL SOFTWARE ENGINEERING, 22(4), 2127–2178.
author keywords: Security requirements; Controlled experiment; Replication; Requirements engineering; Templates; Patterns; Automation
TL;DR:
Qualitative findings indicate that participants may be able to differentiate between relevant and extraneous templates suggestions and be more inclined to fill in the templates with additional support, supporting the findings of the original study.
(via Semantic Scholar)
Sources: Web Of Science, NC State University Libraries, ORCID
Added: August 6, 2018
2017 journal article
To log, or not to log: using heuristics to identify mandatory log events - a controlled experiment
EMPIRICAL SOFTWARE ENGINEERING, 22(5), 2684–2717.
author keywords: Logging; User activity logs; Security; Controlled experiment; User study; Mandatory log events
TL;DR:
The results indicate additional training and enforcement may be necessary to ensure subjects understand and consistently apply the assigned methods for identifying MLEs, as well as support security analysts in performing forensic analysis by evaluating the use of a heuristics-driven method for identifying mandatory log events.
(via Semantic Scholar)
Sources: Web Of Science, NC State University Libraries, ORCID
Added: August 6, 2018
2016 conference paper
Establishing a Baseline for Measuring Advancement in the Science of Security: An Analysis of the 2015 IEEE Security & Privacy Proceedings
Proceedings of the Symposium and Bootcamp on the Science of Security, 38–51.
Event: at New York, NY, USA
author keywords: Science of Security; Literature Review
TL;DR:
The findings showed that while papers are generally easy to read, they often do not explicitly document some key information like the research objectives, the process for choosing the cases to include in the studies, and the threats to validity.
(via Semantic Scholar)
Source: ORCID
Added: March 17, 2021
2016 conference paper
Teaching Software Engineering Skills in CS1.5: Incorporating Real-world Practices and Tools (Abstract Only)
Proceedings of the 47th ACM Technical Symposium on Computing Science Education, 696–697.
Event: at New York, NY, USA
TL;DR:
The goal of the research is to improve student learning, engagement in the course and profession, and retention through the use of software engineering practices and tools that introduce students to the software engineering profession.
(via Semantic Scholar)
Source: ORCID
Added: March 17, 2021
2015 conference paper
Automating Software Engineering Best Practices Using an Open Source Continuous Integration Framework (Abstract Only)
Proceedings of the 46th ACM Technical Symposium on Computer Science Education, 677–677.
Event: at New York, NY, USA
TL;DR:
The objective is to improve software engineering courses by incorporating best practices for automated software engineering and facilitating rapid feedback for students using an open source continuous integration framework for evaluating student software development.
(via Semantic Scholar)
UN Sustainable Development Goal Categories
9. Industry, Innovation and Infrastructure
(OpenAlex)
Source: ORCID
Added: March 17, 2021
2015 conference paper
Enabling Forensics by Proposing Heuristics to Identify Mandatory Log Events
Proceedings of the 2015 Symposium and Bootcamp on the Science of Security, 6:1–6:11.
Event: at New York, NY, USA
TL;DR:
This study systematically extracts each verb and object being acted upon from natural language software artifacts for three open-source software systems and develops 12 heuristics to help determine whether a verb-object pair describes an action that must be logged.
(via Semantic Scholar)
Source: ORCID
Added: March 17, 2021
2015 report
Security Literature Review Paper Analysis Rubric
Technical Report #SERG-2015-01.
Source: ORCID
Added: March 17, 2021
2014 conference paper
Hidden in plain sight: Automatically identifying security requirements from natural language artifacts
2014 ieee 22nd international requirements engineering conference (re), 183–192.
TL;DR:
A tool-assisted process that automatically identifies security-relevant sentences in natural language requirements artifacts and classifies them according to the security objectives, either explicitly stated or implied by the sentences.
(via Semantic Scholar)
Sources: NC State University Libraries, NC State University Libraries, ORCID
Added: August 6, 2018
2014 conference paper
Log Your CRUD: Design Principles for Software Logging Mechanisms
Proceedings of the 2014 Symposium and Bootcamp on the Science of Security, 5:1–5:10.
Event: at New York, NY, USA
TL;DR:
It is found that viewing protected data is often not logged by default, allowing unauthorized views of data to go undetected, and a set of principles are proposed that developers should consider when developing logging mechanisms to ensure the ability to capture adequate traces of user activity.
(via Semantic Scholar)
Source: ORCID
Added: March 17, 2021
2014 conference paper
Using Templates to Elicit Implied Security Requirements from Functional Requirements - a Controlled Experiment
Proceedings of the 8th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement, 22:1–22:10.
Event: at New York, NY, USA
TL;DR:
It is found that participants need more incentive than just a participatory grade when completing the task, and to ensure task completeness, participants either need a step-driven approach or progress indicators to identify remaining work.
(via Semantic Scholar)
Source: ORCID
Added: March 17, 2021
2013 conference paper
Cataloging and Comparing Logging Mechanism Specifications for Electronic Health Record Systems
Proceedings of the 2013 USENIX Conference on Safety, Security, Privacy and Interoperability of Health Information Technologies, 4–4. http://dl.acm.org/citation.cfm?id=2696523.2696527
Event: at Berkeley, CA, USA
Source: ORCID
Added: March 17, 2021
2013 conference paper
Measuring the Forensic-ability of Audit Logs for Nonrepudiation
Proceedings of the 2013 International Conference on Software Engineering, 1419–1422. http://dl.acm.org/citation.cfm?id=2486788.2487022
Event: at Piscataway, NJ, USA
Sources: NC State University Libraries, ORCID
Added: August 6, 2018
2012 journal article
Audit Mechanisms in Electronic Health Record Systems: Protected Health Information May Remain Vulnerable to Undetected Misuse
3(2), 23–42.
Event: at Hershey, PA, USA
TL;DR:
The authors analyzed the audit mechanisms of two open source EHR systems, OpenEMR and Tolven eCHR, and one proprietary EHR system and found a noteworthy lack of easily accessible and readable auditing for non-repudiation in each of the three E HR systems.
(via Semantic Scholar)
Source: ORCID
Added: March 17, 2021
2012 conference paper
Modifying Without a Trace: General Audit Guidelines Are Inadequate for Open-source Electronic Health Record Audit Mechanisms
Proceedings of the 2Nd ACM SIGHIT International Health Informatics Symposium, 305–314.
Event: at New York, NY, USA
TL;DR:
EHR system developers should focus on specific auditable events for managing protected health information instead of general events derived from guidelines, which may explain the inadequacy of auditing for non-repudiation.
(via Semantic Scholar)
Source: ORCID
Added: March 17, 2021
2012 conference paper
Secure Logging and Auditing in Electronic Health Records Systems: What Can We Learn from the Payment Card Industry
Presented as part of the 3rd USENIX Workshop on Health Security and Privacy. Presented at the Bellevue, WA. https://www.usenix.org/conference/healthsec12/workshop-program/presentation/King
Event: at Bellevue, WA
Source: ORCID
Added: March 17, 2021
2010 conference paper
Challenges for Protecting the Privacy of Health Information: Required Certification Can Leave Common Vulnerabilities Undetected
Proceedings of the Second Annual Workshop on Security and Privacy in Medical and Home-care Systems, 1–12.
Event: at New York, NY, USA
TL;DR:
An enhanced set of security test scripts should be used as entry criteria to the EHR certification process so that certification bodies have confidence that the software system meets a basic level of security competence.
(via Semantic Scholar)
Source: ORCID
Added: March 17, 2021
Citation Index includes data from a number of different sources. If you have questions about the sources of data in the Citation Index or need a set of data which is free to re-distribute, please contact us.
Certain data included herein are derived from the Web of Science© and InCites© (2024) of Clarivate Analytics. All rights reserved. You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.
