scholarly journals On the adoption of static analysis for software security assessment–A case study of an open-source e-government project

2021 ◽  
Vol 111 ◽  
pp. 102470
Author(s):  
Anh Nguyen-Duc ◽  
Manh Viet Do ◽  
Quan Luong Hong ◽  
Kiem Nguyen Khac ◽  
Anh Nguyen Quang
Keyword(s):  
Open Source ◽  
Static Analysis ◽  
Software Security ◽  
Security Assessment ◽  
Government Project

scholarly journals Detecting security vulnerabilities with static analysis – A case study

2021 ◽  
Keyword(s):  
Open Source ◽  
Static Analysis ◽  
Source Code ◽  
Performance Comparison ◽  
Test Suite ◽  
Study Analysis ◽  
Security Vulnerabilities ◽  
Analysis Tools ◽  
A Performance

Abstract Many security vulnerabilities can be detected by static analysis. This paper is a case study and a performance comparison of four open-source static analysis tools and plugins (PMD, SpotBugs, Find Security Bugs, and SonarQube) on Java source code. Experiments have been conducted on the widely used Juliet Test Suite with respect to six selected weaknesses from the official Top 25 list of Common Weakness Enumeration. In this study, analysis metrics have been calculated for helping Java developers decide which tools can be used when checking their programs for security vulnerabilities. It turned out that particular weaknesses are best detected with particular tools.

A Systematic Review and Catalog of Security Metric during the Secure Software Development Life Cycle

2020 ◽  
Vol 13 ◽  
Author(s):  
Sampada G.C ◽  
Tende Ivo Sake ◽  
Amrita
Keyword(s):  
Systematic Review ◽  
Life Cycle ◽  
Software Development ◽  
Software Security ◽  
Security Assessment ◽  
Security Metrics ◽  
Development Life Cycle ◽  
Development Processes ◽  
Secure Software Development ◽  
Software Development Life Cycle

Background: With the advancement in the field of software development, software poses threats and risks to customers’ data and privacy. Most of these threats are persistent because security is mostly considered as a feature or a non-functional requirement, not taken into account during the software development life cycle (SDLC). Introduction: In order to evaluate the security performance of a software system, it is necessary to integrate the security metrics during the SDLC. The appropriate security metrics adopted for each phase of SDLC aids in defining the security goals and objectives of the software as well as quantify the security in the software. Methods: This paper presents systematic review and catalog of security metrics that can be adopted during the distinguishable phases of SDLC, security metrics for vulnerability and risk assessment reported in the literature for secure development of software. The practices of these metrics enable software security experts to improve the security characteristics of the software being developed. The critical analysis of security metrics of each phase and their comparison are also discussed. Results: Security metrics obtained during the development processes help to improve the confidentiality, integrity, and availability of software. Hence, it is imperative to consider security during the development of the software, which can be done with the use of software security metrics. Conclusion: This paper reviews the various security metrics that are meditated in the copious phases during the progression of the SDLC in order to provide researchers and practitioners with substantial knowledge for adaptation and further security assessment.

Performance Comparison of Web Backend And Database: A Case Study Of Node.JS, Golang and MySQL, MongoDB

2019 ◽  
Vol 13 ◽  
Author(s):  
Faried Effendy ◽  
Taufik ◽  
Bramantyo Adhilaksono
Keyword(s):  
Response Time ◽  
Open Source ◽  
Poisson Distribution ◽  
Mobile Application ◽  
Web Applications ◽  
Performance Comparison ◽  
Memory Usage ◽  
Data Traffic ◽  
Cpu Utilization

: Substantial research has been conducted to compare web servers or to compare databases, but very limited research combines the two. Node.js and Golang (Go) are popular platforms for both web and mobile application back-ends, whereas MySQL and Go are among the best open source databases with different characters. Using MySQL and MongoDB as databases, this study aims to compare the performance of Go and Node.js as web applications back-end regarding response time, CPU utilization, and memory usage. To simulate the actual web server workload, the flow of data traffic on the server follows the Poisson distribution. The result shows that the combination of Go and MySQL is superior in CPU utilization and memory usage, while the Node.js and MySQL combination is superior in response time.

scholarly journals Vehicle Energy Consumption in Python (VencoPy): Presenting and Demonstrating an Open-Source Tool to Calculate Electric Vehicle Charging Flexibility

Energies ◽  
2021 ◽  
Vol 14 (14) ◽  
pp. 4349
Author(s):  
Niklas Wulff ◽  
Fabia Miorelli ◽  
Hans Christian Gils ◽  
Patrick Jochem
Keyword(s):  
Open Source ◽  
Electric Vehicle ◽  
Full Range ◽  
Mobility Patterns ◽  
Electric Vehicle Charging ◽  
Survey Results ◽  
Vehicle Demand ◽  
Vehicle Fleet ◽  
Electric Loads

As electric vehicle fleets grow, rising electric loads necessitate energy systems models to incorporate their respective demand and potential flexibility. Recently, a small number of tools for electric vehicle demand and flexibility modeling have been released under open source licenses. These usually sample discrete trips based on aggregate mobility statistics. However, the full range of variables of travel surveys cannot be accessed in this way and sub-national mobility patterns cannot be modeled. Therefore, a tool is proposed to estimate future electric vehicle fleet charging flexibility while being able to directly access detailed survey results. The framework is applied in a case study involving two recent German national travel surveys (from the years 2008 and 2017) to exemplify the implications of different mobility patterns of motorized individual vehicles on load shifting potential of electric vehicle fleets. The results show that different mobility patterns, have a significant impact on the resulting load flexibilites. Most obviously, an increased daily mileage results in higher electricty demand. A reduced number of trips per day, on the other hand, leads to correspondingly higher grid connectivity of the vehicle fleet. VencoPy is an open source, well-documented and maintained tool, capable of assessing electric vehicle fleet scenarios based on national travel surveys. To scrutinize the tool, a validation of the simulated charging by empirically observed electric vehicle fleet charging is advised.

PVDP: A portable open source pipeline for detection of plant viruses in RNAseq data. A case study on potato viruses in Antioquia (Colombia)

2021 ◽  
Vol 113 ◽  
pp. 101604
Author(s):  
Pablo Gutiérrez ◽  
Ary Rivillas ◽  
Daniel Tejada ◽  
Susana Giraldo ◽  
Andrea Restrepo ◽  
...  
Keyword(s):  
Open Source ◽  
Plant Viruses ◽  
Potato Viruses ◽  
Rnaseq Data
Sign in / Sign up

Export Citation Format

Share Document