{"id":"https://openalex.org/W4313412728","doi":"https://doi.org/10.1109/csit56902.2022.10000561","title":"Open Source Software Computed Risk Framework","display_name":"Open Source Software Computed Risk Framework","publication_year":2022,"publication_date":"2022-11-10","ids":{"openalex":"https://openalex.org/W4313412728","doi":"https://doi.org/10.1109/csit56902.2022.10000561"},"language":"en","primary_location":{"id":"doi:10.1109/csit56902.2022.10000561","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/csit56902.2022.10000561","pdf_url":null,"source":{"id":"https://openalex.org/S4363608244","display_name":"2022 IEEE 17th International Conference on Computer Sciences and Information Technologies (CSIT)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE 17th International Conference on Computer Sciences and Information Technologies (CSIT)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5081545907","display_name":"S. Jonathan Chapman","orcid":"https://orcid.org/0000-0003-3347-6024"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Jon Chapman","raw_affiliation_strings":["University of California,One Shields Avenue Davis,DavisDepartment of Computer Science,CA,95616"],"affiliations":[{"raw_affiliation_string":"University of California,One Shields Avenue Davis,DavisDepartment of Computer Science,CA,95616","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5044701606","display_name":"Hari Venugopalan","orcid":"https://orcid.org/0000-0001-7607-7256"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Hari Venugopalan","raw_affiliation_strings":["University of California,One Shields Avenue Davis,DavisDepartment of Computer Science,CA,95616"],"affiliations":[{"raw_affiliation_string":"University of California,One Shields Avenue Davis,DavisDepartment of Computer Science,CA,95616","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5081545907"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.27711717,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"16","issue":null,"first_page":"172","last_page":"175"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7179316282272339},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.6359802484512329},{"id":"https://openalex.org/keywords/metric","display_name":"Metric (unit)","score":0.6121770143508911},{"id":"https://openalex.org/keywords/open-source","display_name":"Open source","score":0.597558319568634},{"id":"https://openalex.org/keywords/open-source-software","display_name":"Open source software","score":0.5849481225013733},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5574806928634644},{"id":"https://openalex.org/keywords/code-review","display_name":"Code review","score":0.536626398563385},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.525702714920044},{"id":"https://openalex.org/keywords/risk-management","display_name":"Risk management","score":0.47662317752838135},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.4332921504974365},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.4093111753463745},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.40211260318756104},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.27744412422180176},{"id":"https://openalex.org/keywords/software-quality","display_name":"Software quality","score":0.19193753600120544},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.13258010149002075},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.13161060214042664},{"id":"https://openalex.org/keywords/operations-management","display_name":"Operations management","score":0.07171773910522461}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7179316282272339},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.6359802484512329},{"id":"https://openalex.org/C176217482","wikidata":"https://www.wikidata.org/wiki/Q860554","display_name":"Metric (unit)","level":2,"score":0.6121770143508911},{"id":"https://openalex.org/C3018397939","wikidata":"https://www.wikidata.org/wiki/Q3644502","display_name":"Open source","level":3,"score":0.597558319568634},{"id":"https://openalex.org/C2988343187","wikidata":"https://www.wikidata.org/wiki/Q1130645","display_name":"Open source software","level":3,"score":0.5849481225013733},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5574806928634644},{"id":"https://openalex.org/C150292731","wikidata":"https://www.wikidata.org/wiki/Q1342704","display_name":"Code review","level":5,"score":0.536626398563385},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.525702714920044},{"id":"https://openalex.org/C32896092","wikidata":"https://www.wikidata.org/wiki/Q189447","display_name":"Risk management","level":2,"score":0.47662317752838135},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.4332921504974365},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.4093111753463745},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.40211260318756104},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.27744412422180176},{"id":"https://openalex.org/C117447612","wikidata":"https://www.wikidata.org/wiki/Q1412670","display_name":"Software quality","level":4,"score":0.19193753600120544},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.13258010149002075},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.13161060214042664},{"id":"https://openalex.org/C21547014","wikidata":"https://www.wikidata.org/wiki/Q1423657","display_name":"Operations management","level":1,"score":0.07171773910522461},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/csit56902.2022.10000561","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/csit56902.2022.10000561","pdf_url":null,"source":{"id":"https://openalex.org/S4363608244","display_name":"2022 IEEE 17th International Conference on Computer Sciences and Information Technologies (CSIT)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE 17th International Conference on Computer Sciences and Information Technologies (CSIT)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":13,"referenced_works":["https://openalex.org/W1992114977","https://openalex.org/W2140952846","https://openalex.org/W2789570312","https://openalex.org/W2929275958","https://openalex.org/W2963926786","https://openalex.org/W2982485630","https://openalex.org/W3006556904","https://openalex.org/W3109049172","https://openalex.org/W4205791736","https://openalex.org/W4220954340","https://openalex.org/W4401384187","https://openalex.org/W6643459645","https://openalex.org/W6871589146"],"related_works":["https://openalex.org/W4376877853","https://openalex.org/W1493891899","https://openalex.org/W4250928611","https://openalex.org/W166480398","https://openalex.org/W1612808768","https://openalex.org/W2113128227","https://openalex.org/W2491403535","https://openalex.org/W632256878","https://openalex.org/W2104915799","https://openalex.org/W4311938462"],"abstract_inverted_index":{"The":[0,79,102],"increased":[1],"dissemination":[2,19],"of":[3,20,141,155,196],"open":[4,137],"source":[5,138],"software":[6,49,55],"to":[7,13,37,47,67,117,123,129,165,190],"a":[8,14,43,48,69,86,89,125,171,191],"broader":[9],"audience":[10],"has":[11],"led":[12],"proportional":[15],"increase":[16],"in":[17,127,193,201],"the":[18,39,60,96,105,108,142,175,194,202],"vulnerabilities.":[21],"These":[22],"vulnerabilities":[23,115,198],"are":[24,150,179],"introduced":[25,132,197],"by":[26,65,133],"developers,":[27],"some":[28],"intentionally":[29],"or":[30],"negligently.":[31],"In":[32],"this":[33,95,122,167,187],"paper,":[34],"we":[35,93],"work":[36],"quantity":[38,130],"relative":[40],"risk":[41,131,143,168],"that":[42,178],"given":[44],"developer":[45],"represents":[46,104],"project.":[50],"We":[51,120,163,185],"propose":[52],"using":[53],"empirical":[54],"engineering":[56],"based":[57],"analysis":[58],"on":[59,77],"vast":[61],"data":[62],"made":[63],"available":[64],"GitHub":[66,159],"create":[68],"Developer":[70,109],"Risk":[71,110],"Score":[72,100],"(DRS)":[73],"for":[74,146,174,181,199],"prolific":[75],"contributors":[76,147],"GitHub.":[78,162],"DRS":[80],"can":[81],"then":[82],"be":[83,124],"aggregated":[84],"across":[85,112,136],"project":[87,176],"as":[88,170],"derived":[90,151],"vulnerability":[91],"assessment,":[92],"call":[94],"Computational":[97],"Vulnerability":[98],"Assessment":[99],"(CVAS).":[101],"CVAS":[103],"correlation":[106],"between":[107],"score":[111],"projects":[113,200],"and":[114,148,160],"attributed":[116],"those":[118,145],"projects.":[119,139],"believe":[121],"contribution":[126],"trying":[128],"specific":[134],"developers":[135],"Both":[140],"scores,":[144],"projects,":[149],"from":[152,158],"an":[153],"amalgamation":[154],"data,":[156],"both":[157],"outside":[161],"seek":[164],"provide":[166],"metric":[169],"force":[172],"multiplier":[173],"maintainers":[177],"responsible":[180],"reviewing":[182],"code":[183],"contributions.":[184],"hope":[186],"will":[188],"lead":[189],"reduction":[192],"number":[195],"Open":[203],"Source":[204],"ecosystem.":[205]},"counts_by_year":[],"updated_date":"2025-12-23T23:11:35.936235","created_date":"2025-10-10T00:00:00"}