TY - CONF AU - Luo, Linghui AU - Piskachev, Goran AU - Krishnamurthy, Ranjith AU - Dolby, Julian AU - Schäf, Martin AU - Bodden, Eric ID - 41812 T2 - IEEE International Conference on Software Testing, Verification and Validation (ICST) TI - Model Generation For Java Frameworks ER - TY - CONF AU - Trentinaglia, Roman AU - Merschjohann, Sven AU - Fockel, Markus AU - Eikerling, Hendrik ID - 43395 SN - 0302-9743 T2 - REFSQ 2023: Requirements Engineering: Foundation for Software Quality TI - Eliciting Security Requirements – An Experience Report ER - TY - JOUR AB - AbstractThe use of static analysis security testing (SAST) tools has been increasing in recent years. However, previous studies have shown that, when shipped to end users such as development or security teams, the findings of these tools are often unsatisfying. Users report high numbers of false positives or long analysis times, making the tools unusable in the daily workflow. To address this, SAST tool creators provide a wide range of configuration options, such as customization of rules through domain-specific languages or specification of the application-specific analysis scope. In this paper, we study the configuration space of selected existing SAST tools when used within the integrated development environment (IDE). We focus on the configuration options that impact three dimensions, for which a trade-off is unavoidable, i.e., precision, recall, and analysis runtime. We perform a between-subjects user study with 40 users from multiple development and security teams - to our knowledge, the largest population for this kind of user study in the software engineering community. The results show that users who configure SAST tools are more effective in resolving security vulnerabilities detected by the tools than those using the default configuration. Based on post-study interviews, we identify common strategies that users have while configuring the SAST tools to provide further insights for tool creators. Finally, an evaluation of the configuration options of two commercial SAST tools, Fortify and CheckMarx, reveals that a quarter of the users do not understand the configuration options provided. The configuration options that are found most useful relate to the analysis scope. AU - Piskachev, Goran AU - Becker, Matthias AU - Bodden, Eric ID - 49439 IS - 5 JF - Empirical Software Engineering KW - Software SN - 1382-3256 TI - Can the configuration of static analyses make resolving security vulnerabilities more effective? - A user study VL - 28 ER - TY - CONF AU - Fockel, Markus AU - Schubert, David AU - Trentinaglia, Roman AU - Schulz, Hannes AU - Kirmair, Wolfgang ID - 29847 T2 - Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development TI - Semi-automatic Integrated Safety and Security Analysis for Automotive Systems ER - TY - CONF AU - Koch, Thorsten AU - Trippel, Sascha AU - Dziwok, Stefan AU - Bodden, Eric ID - 29844 T2 - Proceedings of the 10th International Conference on Model-Driven Engineering and Software Development TI - Integrating Security Protocols in Scenario-based Requirements Specifications ER - TY - CONF AU - Trentinaglia, Roman ID - 34298 T2 - Proceedings of the 25th International Conference on Model Driven Engineering Languages and Systems: Companion Proceedings TI - Deriving model-based safety and security assurance cases from design rationale of countermeasure patterns ER - TY - JOUR AB - Distributed, software-intensive systems (e.g., in the automotive sector) must fulfill communication requirements under hard real-time constraints. The requirements have to be documented and validated carefully using a systematic requirements engineering (RE) approach, for example, by applying scenario-based requirements notations. The resources of the execution platforms and their properties (e.g., CPU frequency or bus throughput) induce effects on the timing behavior, which may lead to violations of the real-time requirements. Nowadays, the platform properties and their induced timing effects are verified against the real-time requirements by means of timing analysis techniques mostly implemented in commercial-off-the-shelf tools. However, such timing analyses are conducted in late development phases since they rely on artifacts produced during these phases (e.g., the platform-specific code). In order to enable early timing analyses already during RE, we extend a scenario-based requirements notation with allocation means to platform models and define operational semantics for the purpose of simulation-based, platform-aware timing analyses. We illustrate and evaluate the approach with an automotive software-intensive system. AU - Holtmann, Jörg AU - Deantoni, Julien AU - Fockel, Markus ID - 31071 JF - Software and Systems Modeling KW - Modeling and Simulation KW - Software SN - 1619-1366 TI - Early timing analysis based on scenario requirements and platform models ER - TY - JOUR AU - Piskachev, Goran AU - Späth, Johannes AU - Budde, Ingo AU - Bodden, Eric ID - 33836 IS - 5 JF - Empirical Software Engineering TI - Fluently specifying taint-flow queries with fluentTQL VL - 27 ER - TY - CONF AU - Krishnamurthy, Ranjith AU - Piskachev, Goran AU - Bodden, Eric ID - 33838 TI - To what extent can we analyze Kotlin programs using existing Java taint analysis tools? ER - TY - CONF AU - Piskachev, Goran AU - Dziwok, Stefan AU - Koch, Thorsten AU - Merschjohann, Sven AU - Bodden, Eric ID - 33837 TI - How far are German companies in improving security through static program analysis tools? ER -