ICSE 2020 (series) / ICSE 2020 Posters /
FOSS Dependencies and Security: A Qualitative Study on Developers' Attitudes and Experience
Tue 7 Jul 2020 09:10 - 10:00 at Poster Special Room - I301-Posters
Developers are known to keep third-party dependencies of their projects outdated even if some of them are affected by known vulnerabilities. In this study we aim to understand \emph{why} they do so. For this, we conducted 25 semi-structured interviews with developers of both large and small-medium enterprises located in nine countries. All interviews were transcribed, coded, and analyzed according to applied thematic analysis. The results of the study reveal important aspects of developers’ practices that should be considered by security researchers and dependency tool developers to improve the security of the dependency management process.
| Poster (Poster_ICSE-20.pdf) | 440KiB |
Tue 7 JulDisplayed time zone: (UTC) Coordinated Universal Time change
Tue 7 Jul
Displayed time zone: (UTC) Coordinated Universal Time change
09:10 - 10:00 | |||
09:10 50mPoster | Bugine: a bug report recommendation system for Android apps ICSE 2020 Posters Ziqiang Li Southern University of Science and Technology, Shin Hwei Tan Southern University of Science and Technology Pre-print Media Attached File Attached | ||
09:10 50mPoster | What disconnects Practitioner Belief and Empirical Evidence ? ICSE 2020 Posters Media Attached File Attached | ||
09:10 50mPoster | FOSS Dependencies and Security: A Qualitative Study on Developers' Attitudes and Experience ICSE 2020 Posters Ivan Pashchenko University of Trento, Duc Ly Vu University of Trento, Fabio Massacci University of Trento DOI Pre-print Media Attached File Attached | ||
09:10 50mPoster | An Exploratory Study on Improving Automated Issue Triage with Attached Screen Dumps ICSE 2020 Posters | ||