Software Security and Assurance

A special issue of Computers (ISSN 2073-431X).

Deadline for manuscript submissions: closed (31 December 2018) | Viewed by 5884

Special Issue Editors

Division of Business, Engineering, and Information Sciences and Technology (IST), Pennsylvania State University (Altoona College), Altoona, PA 16601, USA
Interests: software engineering; software security; cyber security
Institute of IT Security Research St. Pölten, University of Applied Sciences, 3100 St. Pölten, Austria
Interests: artificial intelligence; trustworthy AI; high risk AI; information security; cyber resilience; information security risk analysis
Special Issues, Collections and Topics in MDPI journals
Cheongju University, Cheongju, South Korea
Interests: cyber security; security education and training; privacy-enhancing technologies
Special Issues, Collections and Topics in MDPI journals
Department of Information Security, College of Information Media, Seoul Women's University, Seoul 01797, Korea
Interests: simulation modeling methodology; knowledge-based simulation; information security and survivability of information infrastructure

Special Issue Information

Dear Colleagues,

Software security is gaining increasingly more attention from the computer security community.

Although many attempts have been made to improve software security over the years, traditional software security research has relied on tools and techniques focusing on testing (e.g., static analysis). We believe that the scope of software security and assurance is much wider than these limited research areas.

International Conference on Software Security and Assurance (ICSSA) provides a chance for academic and industry professionals to discuss recent progress in the area of software security and assurance and explore various facets of software security and assurance, which have not been thoroughly studied yet.

Selected papers presented at the ICSSA 2018 are invited to submit their extended versions to this Special Issue of the journal Computers. All submitted papers will undergo our standard peer-review procedure. Accepted papers will be published in open access format in Computers and collected together on the Special Issue website.

Conference papers should be cited and noted on the first page of the paper; authors are asked to disclose that it is a conference paper in their cover letter and include a statement on what has been changed compared to the original conference paper; Please note that the submitted extended paper should contain at least 50% new content (e.g., in the form of technical extensions, more in-depth evaluations, or additional use cases...) and not exceed 30% copy/paste from conference paper.

Please prepare and format your paper according to the Instructions for Authors. Use the LaTeX or Microsoft Word template file of the journal (both are available from the Instructions for Authors page). Manuscripts should be submitted online via our susy.mdpi.com editorial system.

Prof. Dr. Jungwoo Ryoo
Prof. Dr. Simon Tjoa
Dr. Hae Young Lee
Dr. Hyoungshick Kim
Prof. Dr. Hyungjong Kim
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Computers is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1800 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • software security
  • secure software design and architecture
  • secure software practices
  • security requirements engineering
  • security analysis tools and methods
  • security evaluation criteria and methodology
  • security education and training
  • usability of secure and security software

Published Papers (1 paper)

Order results
Result details
Select all
Export citation of selected articles as:

Research

19 pages, 584 KiB  
Article
An Empirical Study on Security Knowledge Sharing and Learning in Open Source Software Communities
by Shao-Fang Wen
Computers 2018, 7(4), 49; https://doi.org/10.3390/computers7040049 - 01 Oct 2018
Cited by 4 | Viewed by 5266
Abstract
Open source software (OSS) security has been the focus of the security community and practitioners over the past decades. However, the number of new vulnerabilities keeps increasing in today’s OSS systems. With today’s increasingly important and complex OSS, lacking software security knowledge to [...] Read more.
Open source software (OSS) security has been the focus of the security community and practitioners over the past decades. However, the number of new vulnerabilities keeps increasing in today’s OSS systems. With today’s increasingly important and complex OSS, lacking software security knowledge to handle security vulnerabilities in OSS development will result in more breaches that are serious in the future. Learning software security is a difficult and challenging task since the domain is quite context specific and the real project situation is necessary to apply the security concepts within the specific system. Many OSS proponents believe that the OSS community offers significant learning opportunities from its best practices. However, studies that specifically explore security knowledge sharing and learning in OSS communities are scarce. This research is intended to fill this gap by empirically investigating factors that affect knowledge sharing and learning about software security and the relationship among them. A conceptual model is proposed that helps to conceptualize the linkage between socio-technical practices and software security learning processes in OSS communities. A questionnaire and statistical analytical techniques were employed to test hypothesized relationships in the model to gain a better understanding of this research topic. Full article
(This article belongs to the Special Issue Software Security and Assurance)
Show Figures

Figure 1

Back to TopTop