Special Issue "Software Security and Assurance"

A special issue of Computers (ISSN 2073-431X).

Deadline for manuscript submissions: closed (15 November 2018)

Special Issue Editors

Guest Editor
Prof. Jungwoo Ryoo

Division of Business, Engineering, and Information Sciences and Technology (IST), Pennsylvania State University (Altoona College), Altoona PA, USA
Website | E-Mail
Interests: software engineering; software security; cyber security
Guest Editor
Prof. Dr. Simon Tjoa

Department of Computer Science and Security, St. Pölten University of Applied Sciences, Sankt Poelten, Austria
Website | E-Mail
Interests: cyber security; information security auditing; risk management
Guest Editor
Dr. Hae Young Lee

DuDu IT, 96 Gamasan-ro Seoul, 08501, South Korea
Website | E-Mail
Interests: cyber security; security education and training; privacy-enhancing technologies
Guest Editor
Dr. Hyoungshick Kim

Software, Sungkyunkwan University, Suwon, South Korea
Website | E-Mail
Interests: security engineering; usable security; software security
Guest Editor
Prof. Hyungjong Kim

Department of Information Security, College of Information Media, Seoul Women's University, Seoul, South Korea
Website | E-Mail
Interests: simulation modeling methodology; knowledge-based simulation; information security and survivability of information infrastructure

Special Issue Information

Dear Colleagues,

Software security is gaining increasingly more attention from the computer security community.

Although many attempts have been made to improve software security over the years, traditional software security research has relied on tools and techniques focusing on testing (e.g., static analysis). We believe that the scope of software security and assurance is much wider than these limited research areas.

International Conference on Software Security and Assurance (ICSSA) provides a chance for academic and industry professionals to discuss recent progress in the area of software security and assurance and explore various facets of software security and assurance, which have not been thoroughly studied yet.

Selected papers presented at the ICSSA 2018 are invited to submit their extended versions to this Special Issue of the journal Computers. All submitted papers will undergo our standard peer-review procedure. Accepted papers will be published in open access format in Computers and collected together on the Special Issue website.

Conference papers should be cited and noted on the first page of the paper; authors are asked to disclose that it is a conference paper in their cover letter and include a statement on what has been changed compared to the original conference paper; Please note that the submitted extended paper should contain at least 50% new content (e.g., in the form of technical extensions, more in-depth evaluations, or additional use cases...) and not exceed 30% copy/paste from conference paper.

Please prepare and format your paper according to the Instructions for Authors. Use the LaTeX or Microsoft Word template file of the journal (both are available from the Instructions for Authors page). Manuscripts should be submitted online via our susy.mdpi.com editorial system.

Prof. Jungwoo Ryoo
Prof. Dr. Simon Tjoa
Dr. Hae Young Lee
Dr. Hyoungshick Kim
Prof. Hyungjong Kim
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Computers is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 350 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • software security
  • secure software design and architecture
  • secure software practices
  • security requirements engineering
  • security analysis tools and methods
  • security evaluation criteria and methodology
  • security education and training
  • usability of secure and security software

Published Papers (1 paper)

View options order results:
result details:
Displaying articles 1-1
Export citation of selected articles as:

Research

Open AccessArticle An Empirical Study on Security Knowledge Sharing and Learning in Open Source Software Communities
Received: 19 July 2018 / Revised: 20 September 2018 / Accepted: 28 September 2018 / Published: 1 October 2018
PDF Full-text (584 KB) | HTML Full-text | XML Full-text
Abstract
Open source software (OSS) security has been the focus of the security community and practitioners over the past decades. However, the number of new vulnerabilities keeps increasing in today’s OSS systems. With today’s increasingly important and complex OSS, lacking software security knowledge to
[...] Read more.
Open source software (OSS) security has been the focus of the security community and practitioners over the past decades. However, the number of new vulnerabilities keeps increasing in today’s OSS systems. With today’s increasingly important and complex OSS, lacking software security knowledge to handle security vulnerabilities in OSS development will result in more breaches that are serious in the future. Learning software security is a difficult and challenging task since the domain is quite context specific and the real project situation is necessary to apply the security concepts within the specific system. Many OSS proponents believe that the OSS community offers significant learning opportunities from its best practices. However, studies that specifically explore security knowledge sharing and learning in OSS communities are scarce. This research is intended to fill this gap by empirically investigating factors that affect knowledge sharing and learning about software security and the relationship among them. A conceptual model is proposed that helps to conceptualize the linkage between socio-technical practices and software security learning processes in OSS communities. A questionnaire and statistical analytical techniques were employed to test hypothesized relationships in the model to gain a better understanding of this research topic. Full article
(This article belongs to the Special Issue Software Security and Assurance)
Figures

Figure 1

Back to Top