Patrick Morrison

Works (10)

Updated: July 21st, 2025 14:37

2025 article

Research Directions in Software Supply Chain Security

Williams, L., Benedetti, G., Hamer, S., Paramitha, R., Rahman, I., Tamanna, M., … Enck, W. (2025, January 27). ACM Transactions on Software Engineering and Methodology, Vol. 34.

By: L. Williams n, G. Benedetti*, S. Hamer n, R. Paramitha*, I. Rahman n, M. Tamanna n, G. Tystahl n, N. Zahan n ...

author keywords: Software security; Software supply chain security; Open source security
topics (OpenAlex): Information and Cyber Security; Advanced Malware Detection Techniques; Software Engineering Research
Sources: Web Of Science, ORCID, NC State University Libraries
Added: January 27, 2025

2021 article

An improved text classification modelling approach to identify security messages in heterogeneous projects

Oyetoyan, T. D., & Morrison, P. (2021, May 27). Software Quality Journal.

By: T. Oyetoyan* & P. Morrison n

author keywords: Security; Classification model; Text classification; Software repository; Machine learning
topics (OpenAlex): Software Engineering Research; Information and Cyber Security; Software Reliability and Analysis Research
TL;DR: Using harvested security keywords as features to train a text classification model improve classification models and generalise to other projects significantly, and introduces new and promising approaches to construct models that can generalise across different independent projects. (via Semantic Scholar)
Source: Web Of Science
Added: June 14, 2021

2018 article

Are vulnerabilities discovered and resolved like other defects?

Morrison, P. J., Pandita, R., Xiao, X., Chillarege, R., & Williams, L. (2018, May 27).

By: P. Morrison n, R. Pandita*, X. Xiao*, R. Chillarege* & L. Williams n

topics (OpenAlex): Software Engineering Research; Software Engineering Techniques and Practices; Software Reliability and Analysis Research
Source: Web Of Science
Added: January 21, 2019

2018 article

Identifying security issues in software development

Morrison, P., Oyetoyan, T. D., & Williams, L. (2018, May 27).

By: P. Morrison n, T. Oyetoyan* & L. Williams n

author keywords: Security; vocabulary; classification model; CVE; Prediction
topics (OpenAlex): Software Engineering Research; Software Reliability and Analysis Research; Web Application Security Vulnerabilities
TL;DR: The goal of this research is to support researchers and practitioners in identifying security issues in software development project artifacts by defining and evaluating a systematic scheme for identifying project-specific security vocabularies that can be used for keyword-based classification. (via Semantic Scholar)
Source: Web Of Science
Added: December 3, 2018

2018 article

Mapping the field of software life cycle security metrics

Morrison, P., Moye, D., Pandita, R., & Williams, L. (2018, May 30). Information and Software Technology.

By: P. Morrison n, D. Moye n, R. Pandita n & L. Williams n

author keywords: Metrics; Measurement; Security
topics (OpenAlex): Information and Cyber Security; Software Engineering Research; Software Reliability and Analysis Research
TL;DR: The field of software life cycle security metrics has yet to converge on an accepted set of metrics, and the most-cited and most used metric, vulnerability count, has multiple definitions and operationalizations. (via Semantic Scholar)
Source: Web Of Science
Added: October 19, 2018

2018 article

What questions do programmers ask about configuration as code?

Rahman, A., Partho, A., Morrison, P., & Williams, L. (2018, May 29).

By: A. Rahman n, A. Partho, P. Morrison n & L. Williams n

author keywords: challenge; configuration as code; continuous deployment; devops; infrastructure as code; programming; puppet; question; stack over-flow
topics (OpenAlex): Software Engineering Research; Software Engineering Techniques and Practices; Software System Performance and Reliability
TL;DR: This paper extracts 2,758 Puppet-related questions asked by programmers from January 2010 to December 2016, posted on Stack Overflow, and applies qualitative analysis to identify the questions programmers ask about Puppet. (via Semantic Scholar)
Source: Web Of Science
Added: January 21, 2019

2016 article proceedings

Veteran developers' contributions and motivations: An open source perspective

By: P. Morrison n, R. Pandita n, E. Murphy-Hill n & A. McLaughlin n

topics (OpenAlex): Open Source Software Innovations; Knowledge Management and Sharing; Mobile Crowdsensing and Crowdsourcing
TL;DR: The results suggest that veterans' are less motivated by social interactions than their younger peers, and could contribute a broader knowledge of software development than their young peers, as well as knowledge of old technologies that can be applied to newer technologies. (via Semantic Scholar)
Sources: NC State University Libraries, NC State University Libraries, Crossref
Added: August 6, 2018

2015 article

A Security Practices Evaluation Framework

Morrison, P. (2015, May 1). 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.

By: P. Morrison n

author keywords: Security; Quality; Measurement Frameworks; Software Development Lifecycle
topics (OpenAlex): Software Engineering Research; Software Reliability and Analysis Research; Software Engineering Techniques and Practices
TL;DR: The Security Practices Evaluation Framework (SP-EF) is defined, a measurement framework for software development security practices that supports evidence-based practice selection and is evaluated on historical data and industrial projects. (via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018

2013 article

Proposing Regulatory-Driven Automated Test Suites

Morrison, P., Holmgreen, C., Massey, A., & Williams, L. (2013, August 1).

By: P. Morrison n, C. Holmgreen n, A. Massey n & L. Williams n

author keywords: Behavior-Driven-Development; Healthcare IT; Regulatory Compliance; Security; Software Engineering; Software Testing
topics (OpenAlex): Software Engineering Techniques and Practices; Advanced Software Engineering Methodologies; Business Process Modeling and Analysis
TL;DR: This research found that it was possible to create scenarios and system-specific code supporting scenario execution on three systems, that iTrust can be shown to be noncompliant, and that emergency access procedures are not defined clearly enough by the regulation to determine compliance or non-compliance. (via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018

2013 article

Proposing regulatory-driven automated test suites for electronic health record systems

Morrison, P., Holmgreen, C., Massey, A., & Williams, L. (2013, May 1).

By: P. Morrison n, C. Holmgreen n, A. Massey n & L. Williams n

topics (OpenAlex): Information and Cyber Security; Advanced Software Engineering Methodologies; Software Engineering Research
TL;DR: The use of Behavior-Driven-Development scenarios are proposed as the basis of an automated compliance test suite for standards such as regulation and interoperability and could become a shared asset for use by all systems subject to these regulations and standards. (via Semantic Scholar)
Source: NC State University Libraries
Added: August 6, 2018

Citation Index includes data from a number of different sources. If you have questions about the sources of data in the Citation Index or need a set of data which is free to re-distribute, please contact us.

Certain data included herein are derived from the Web of Science© and InCites© (2026) of Clarivate Analytics. All rights reserved. You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.