Visible to the public Biblio

Filters: Author is Erdogmus, Hakan  [Clear All Filters]
2023-08-16
Reis, Sofia, Abreu, Rui, Erdogmus, Hakan, Păsăreanu, Corina.  2022.  SECOM: Towards a convention for security commit messages. 2022 IEEE/ACM 19th International Conference on Mining Software Repositories (MSR). :764—765.
One way to detect and assess software vulnerabilities is by extracting security-related information from commit messages. Automating the detection and assessment of vulnerabilities upon security commit messages is still challenging due to the lack of structured and clear messages. We created a convention, called SECOM, for security commit messages that structure and include bits of security-related information that are essential for detecting and assessing vulnerabilities for both humans and tools. The full convention and details are available here: https://tqrg.github.io/secom/.