Works (9)

Updated: July 5th, 2023 15:42

2021 article

An improved text classification modelling approach to identify security messages in heterogeneous projects

Oyetoyan, T. D., & Morrison, P. (2021, May 27). SOFTWARE QUALITY JOURNAL.

By: T. Oyetoyan* & P. Morrison n

author keywords: Security; Classification model; Text classification; Software repository; Machine learning
TL;DR: Using harvested security keywords as features to train a text classification model improve classification models and generalise to other projects significantly, and introduces new and promising approaches to construct models that can generalise across different independent projects. (via Semantic Scholar)
Source: Web Of Science
Added: June 14, 2021

2018 article

Are Vulnerabilities Discovered and Resolved like Other Defects?

PROCEEDINGS 2018 IEEE/ACM 40TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE), pp. 498–498.

By: P. Morrison n, R. Pandita*, X. Xiao*, R. Chillarege* & L. Williams n

Source: Web Of Science
Added: January 21, 2019

2018 article

Identifying Security Issues in Software Development: Are Keywords Enough?

PROCEEDINGS 2018 IEEE/ACM 40TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING - COMPANION (ICSE-COMPANION, pp. 426–427.

By: P. Morrison n, T. Oyetoyan* & L. Williams n

author keywords: Security; vocabulary; classification model; CVE; Prediction
TL;DR: The goal of this research is to support researchers and practitioners in identifying security issues in software development project artifacts by defining and evaluating a systematic scheme for identifying project-specific security vocabularies that can be used for keyword-based classification. (via Semantic Scholar)
Source: Web Of Science
Added: December 3, 2018

2018 journal article

Mapping the field of software life cycle security metrics

INFORMATION AND SOFTWARE TECHNOLOGY, 102, 146–159.

By: P. Morrison n, D. Moye n, R. Pandita n & L. Williams n

author keywords: Metrics; Measurement; Security
TL;DR: The field of software life cycle security metrics has yet to converge on an accepted set of metrics, and the most-cited and most used metric, vulnerability count, has multiple definitions and operationalizations. (via Semantic Scholar)
Source: Web Of Science
Added: October 19, 2018

2018 article

What Questions Do Programmers Ask About Configuration as Code?

PROCEEDINGS 2018 IEEE/ACM 4TH INTERNATIONAL WORKSHOP ON RAPID CONTINUOUS SOFTWARE ENGINEERING (RCOSE), pp. 16–22.

By: A. Rahman n, A. Partho, P. Morrison n & L. Williams n

author keywords: challenge; configuration as code; continuous deployment; devops; infrastructure as code; programming; puppet; question; stack over-flow
TL;DR: This paper extracts 2,758 Puppet-related questions asked by programmers from January 2010 to December 2016, posted on Stack Overflow, and applies qualitative analysis to identify the questions programmers ask about Puppet. (via Semantic Scholar)
Source: Web Of Science
Added: January 21, 2019

2016 conference paper

Veteran developers' contributions and motivations: an open source perspective

2016 ieee symposium on visual languages and human-centric computing (vl/hcc), 171–179.

By: P. Morrison n, R. Pandita n, E. Murphy-Hill n & A. McLaughlin n

TL;DR: The results suggest that veterans' are less motivated by social interactions than their younger peers, and could contribute a broader knowledge of software development than their young peers, as well as knowledge of old technologies that can be applied to newer technologies. (via Semantic Scholar)
Source: NC State University Libraries
Added: August 6, 2018

2015 article

A Security Practices Evaluation Framework

2015 IEEE/ACM 37TH IEEE INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, VOL 2, pp. 935–938.

By: P. Morrison n

author keywords: Security; Quality; Measurement Frameworks; Software Development Lifecycle
TL;DR: The Security Practices Evaluation Framework (SP-EF) is defined, a measurement framework for software development security practices that supports evidence-based practice selection and is evaluated on historical data and industrial projects. (via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018

2013 article

Proposing Regulatory-Driven Automated Test Suites

2013 AGILE CONFERENCE (AGILE), pp. 11–21.

By: P. Morrison n, C. Holmgreen n, A. Massey n & L. Williams n

author keywords: Behavior-Driven-Development; Healthcare IT; Regulatory Compliance; Security; Software Engineering; Software Testing
TL;DR: This research found that it was possible to create scenarios and system-specific code supporting scenario execution on three systems, that iTrust can be shown to be noncompliant, and that emergency access procedures are not defined clearly enough by the regulation to determine compliance or non-compliance. (via Semantic Scholar)
Source: Web Of Science
Added: August 6, 2018

2013 conference paper

Proposing regulatory-driven automated test suites for electronic health record systems

2013 5th international workshop on software engineering in health care (sehc), 46–49.

By: P. Morrison n, C. Holmgreen n, A. Massey n & L. Williams n

TL;DR: The use of Behavior-Driven-Development scenarios are proposed as the basis of an automated compliance test suite for standards such as regulation and interoperability and could become a shared asset for use by all systems subject to these regulations and standards. (via Semantic Scholar)
Source: NC State University Libraries
Added: August 6, 2018

Citation Index includes data from a number of different sources. If you have questions about the sources of data in the Citation Index or need a set of data which is free to re-distribute, please contact us.

Certain data included herein are derived from the Web of Science© and InCites© (2024) of Clarivate Analytics. All rights reserved. You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.