Exploring the Relationship Between Architecture Coupling and Software Vulnerabilities
نویسندگان
چکیده
Employing software metrics, such as size and complexity, for predicting defects has been given a lot of attention over the years and proven very useful. However, the few studies looking at software architecture and vulnerabilities are limited in scope and findings. We explore the relationship between software vulnerabilities and component metrics (like code churn and cyclomatic complexity), as well as architecture coupling metrics (direct, indirect, and cyclic coupling). Our case is based on the Google Chromium project, an open source project that has not been studied for this topic yet. Our findings show a strong relationship between vulnerabilities and both component level metrics and architecture coupling metrics. Unfortunately, the effects of different types of coupling are somewhat hard to distinguish. Keywords—software, architecture, complexity, coupling, vulnerabilities
منابع مشابه
A Quantitative Evaluation of Maintainability of Software Architecture Styles
Proper decisions play a crucial role in any software architecture design process. An important decision of design stage is the selection of a suitable software architecture style. Lack of investigation on the quantitative impact of architecture styles on software quality attributes is the main problem in using such styles. Consequently, the use of architecture styles in designing is based on th...
متن کاملExploring the Relationship Between Web Application Development Tools and Security
How should software engineers choose which tools to use to develop secure web applications? Different developers have different opinions regarding which language, framework, or vulnerability-finding tool tends to yield more secure software than another; some believe that there is no difference at all between such tools. This paper adds quantitative data to the discussion and debate. We use manu...
متن کاملThe Assessment of the Community Capacity on the Urban Vulnerability Based on Community Disaster Risk Management (CBDRM) (Case Study : Yousef-Abad, Tehran City)
Disaster Management and current approaches in this field in one hand only has focused to physicalvulnerabilities and in the other hand has included consequential action to reduce vulnerability and improve physicalpreparation as well as resistance institutional insignificant during the disaster. Therefore, these approaches usually haveignored the capabilities and capacities of residents to reduc...
متن کاملA Review of Intrusion Detection Defense Solutions Based on Software Defined Network
Most networks without fixed infrastructure are based on cloud computing face various challenges. In recent years, different methods have been used to distribute software defined network to address these challenges. This technology, while having many capabilities, faces some vulnerabilities in the face of some common threats and destructive factors such as distributed Denial of Service. A review...
متن کاملThe recognition of the necessity of for community-based disaster risk management to reduce the risk of vulnerability to earthquake disaster (case study: YousefAbad neighborhood of Tehran)
Disaster management and current attitudes in this area only focus on this areachr('39')s physical vulnerabilities, raising urban residentschr('39') exposure to these challenges in front of the earthquake. On the other hand, Incidental actions include reducing the vulnerability and the physical strengthening and promotion of poor organization during the disaster; they ignored the capabilities an...
متن کامل