{"id":"https://openalex.org/W7116844109","doi":"https://doi.org/10.1145/3727967.3756840","title":"The Role of Generative AI in Strengthening Secure Software Coding Practices: A Systematic Perspective","display_name":"The Role of Generative AI in Strengthening Secure Software Coding Practices: A Systematic Perspective","publication_year":2025,"publication_date":"2025-06-17","ids":{"openalex":"https://openalex.org/W7116844109","doi":"https://doi.org/10.1145/3727967.3756840"},"language":null,"primary_location":{"id":"doi:10.1145/3727967.3756840","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3727967.3756840","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 29th International Conference on Evaluation and Assessment in Software Engineering Companion","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1145/3727967.3756840","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5082656843","display_name":"Hathal Salamah Alwageed","orcid":"https://orcid.org/0000-0002-8262-8154"},"institutions":[{"id":"https://openalex.org/I199702508","display_name":"Jouf University","ror":"https://ror.org/02zsyt821","country_code":"SA","type":"education","lineage":["https://openalex.org/I199702508"]}],"countries":["SA"],"is_corresponding":true,"raw_author_name":"Hathal Salamah Alwageed","raw_affiliation_strings":["College of Computer and Information Sciences, Jouf University, Sakaka, Saudi Arabia"],"raw_orcid":"https://orcid.org/0000-0002-8262-8154","affiliations":[{"raw_affiliation_string":"College of Computer and Information Sciences, Jouf University, Sakaka, Saudi Arabia","institution_ids":["https://openalex.org/I199702508"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5121122298","display_name":"Rafiq Ahmad Khan","orcid":null},"institutions":[{"id":"https://openalex.org/I68649149","display_name":"University of Malakand","ror":"https://ror.org/012xdha97","country_code":"PK","type":"education","lineage":["https://openalex.org/I68649149"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Rafiq Ahmad Khan","raw_affiliation_strings":["Software Engineering Research Group, Department of Computer Science and IT, University of Malakand, Malakand, Pakistan"],"raw_orcid":"https://orcid.org/0000-0003-4321-5557","affiliations":[{"raw_affiliation_string":"Software Engineering Research Group, Department of Computer Science and IT, University of Malakand, Malakand, Pakistan","institution_ids":["https://openalex.org/I68649149"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5082656843"],"corresponding_institution_ids":["https://openalex.org/I199702508"],"apc_list":null,"apc_paid":null,"fwci":1.2753,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.85629448,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"136","last_page":"141"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.6549999713897705,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.6549999713897705,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.10450000315904617,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.041600000113248825,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.8162999749183655},{"id":"https://openalex.org/keywords/workflow","display_name":"Workflow","score":0.6011000275611877},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.574999988079071},{"id":"https://openalex.org/keywords/coding","display_name":"Coding (social sciences)","score":0.5493000149726868},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.512499988079071},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.45649999380111694},{"id":"https://openalex.org/keywords/software-construction","display_name":"Software construction","score":0.366100013256073},{"id":"https://openalex.org/keywords/software-development-process","display_name":"Software development process","score":0.3582000136375427},{"id":"https://openalex.org/keywords/best-practice","display_name":"Best practice","score":0.34850001335144043}],"concepts":[{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.8162999749183655},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6593000292778015},{"id":"https://openalex.org/C177212765","wikidata":"https://www.wikidata.org/wiki/Q627335","display_name":"Workflow","level":2,"score":0.6011000275611877},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.574999988079071},{"id":"https://openalex.org/C179518139","wikidata":"https://www.wikidata.org/wiki/Q5140297","display_name":"Coding (social sciences)","level":2,"score":0.5493000149726868},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.5464000105857849},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.512499988079071},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.45649999380111694},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4120999872684479},{"id":"https://openalex.org/C186846655","wikidata":"https://www.wikidata.org/wiki/Q3398377","display_name":"Software construction","level":4,"score":0.366100013256073},{"id":"https://openalex.org/C180152950","wikidata":"https://www.wikidata.org/wiki/Q2904257","display_name":"Software development process","level":4,"score":0.3582000136375427},{"id":"https://openalex.org/C184356942","wikidata":"https://www.wikidata.org/wiki/Q830382","display_name":"Best practice","level":2,"score":0.34850001335144043},{"id":"https://openalex.org/C39890363","wikidata":"https://www.wikidata.org/wiki/Q36108","display_name":"Generative grammar","level":2,"score":0.335999995470047},{"id":"https://openalex.org/C74579156","wikidata":"https://www.wikidata.org/wiki/Q7554342","display_name":"Software peer review","level":5,"score":0.32739999890327454},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.3249000012874603},{"id":"https://openalex.org/C12713177","wikidata":"https://www.wikidata.org/wiki/Q1900281","display_name":"Perspective (graphical)","level":2,"score":0.3149000108242035},{"id":"https://openalex.org/C182500959","wikidata":"https://www.wikidata.org/wiki/Q7551380","display_name":"Social software engineering","level":5,"score":0.3068000078201294},{"id":"https://openalex.org/C39890963","wikidata":"https://www.wikidata.org/wiki/Q1702721","display_name":"Personal software process","level":5,"score":0.3052999973297119},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.29789999127388},{"id":"https://openalex.org/C137287247","wikidata":"https://www.wikidata.org/wiki/Q1329550","display_name":"Static program analysis","level":4,"score":0.29120001196861267},{"id":"https://openalex.org/C9903902","wikidata":"https://www.wikidata.org/wiki/Q3025536","display_name":"DevOps","level":3,"score":0.2888000011444092},{"id":"https://openalex.org/C120936955","wikidata":"https://www.wikidata.org/wiki/Q2155640","display_name":"Empirical research","level":2,"score":0.26660001277923584},{"id":"https://openalex.org/C123551368","wikidata":"https://www.wikidata.org/wiki/Q7122888","display_name":"Package development process","level":5,"score":0.2574999928474426},{"id":"https://openalex.org/C149091818","wikidata":"https://www.wikidata.org/wiki/Q2429814","display_name":"Software system","level":3,"score":0.2572000026702881},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.2558000087738037}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3727967.3756840","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3727967.3756840","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 29th International Conference on Evaluation and Assessment in Software Engineering Companion","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3727967.3756840","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3727967.3756840","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 29th International Conference on Evaluation and Assessment in Software Engineering Companion","raw_type":"proceedings-article"},"sustainable_development_goals":[{"score":0.5900599360466003,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":20,"referenced_works":["https://openalex.org/W1999798506","https://openalex.org/W2106956101","https://openalex.org/W4205791736","https://openalex.org/W4214532693","https://openalex.org/W4223972832","https://openalex.org/W4285172359","https://openalex.org/W4378448767","https://openalex.org/W4383498485","https://openalex.org/W4383598006","https://openalex.org/W4385692946","https://openalex.org/W4385755118","https://openalex.org/W4386987324","https://openalex.org/W4387763040","https://openalex.org/W4390191336","https://openalex.org/W4390561469","https://openalex.org/W4401209860","https://openalex.org/W4403714226","https://openalex.org/W4404035265","https://openalex.org/W4404288033","https://openalex.org/W4407414557"],"related_works":[],"abstract_inverted_index":{"As":[0],"software":[1,25,52,105,116,151,168],"security":[2,95],"threats":[3],"continue":[4],"to":[5,82,93,159],"evolve,":[6],"the":[7,41,64,83,99,132,137,140,160],"demand":[8],"for":[9,30],"innovative":[10],"ways":[11],"of":[12,20,43,66,78,139,146],"securing":[13],"coding":[14,33,48,101],"has":[15],"tremendously":[16],"grown.":[17],"The":[18],"integration":[19],"Generative":[21],"AI":[22,67,147,164],"(GenAI)":[23],"into":[24,125],"development":[26,106,128],"holds":[27],"significant":[28],"potential":[29,57],"improving":[31,51],"secure":[32,47,100,127,150,167],"practices.":[34],"This":[35],"paper":[36],"aims":[37],"at":[38],"systematically":[39],"studying":[40],"impact":[42],"GenAI":[44,124,134],"in":[45,122,149,154,166],"enhancing":[46],"practices":[49],"from":[50],"security,":[53],"setting":[54],"forth":[55],"its":[56],"benefits,":[58],"challenges,":[59],"and":[60,85,103,118,143],"implications.":[61],"To":[62],"outline":[63],"contribution":[65],"driven":[68],"code":[69],"generation":[70],"tools,":[71],"we":[72],"analyze":[73],"via":[74],"a":[75,126],"structured":[76],"review":[77],"recent":[79],"literature,":[80],"application":[81],"industry,":[84],"empirical":[86],"studies":[87],"on":[88,163],"how":[89],"these":[90],"tools":[91],"help":[92],"mitigate":[94],"risks,":[96],"comply":[97],"with":[98],"standards,":[102],"make":[104],"efficient.":[107],"We":[108],"hope":[109],"that":[110],"our":[111],"findings":[112],"will":[113],"benefit":[114],"researchers,":[115],"engineers":[117],"cybersecurity":[119],"professionals":[120],"alike":[121],"integrating":[123],"workflow":[129],"without":[130],"losing":[131],"advantages":[133],"provides.":[135],"Finally,":[136],"state":[138],"art":[141],"advances":[142],"future":[144],"directions":[145],"assisted":[148,165],"engineering":[152],"discussed":[153],"this":[155],"study":[156],"can":[157],"contribute":[158],"ongoing":[161],"discourse":[162],"engineering.":[169]},"counts_by_year":[{"year":2026,"cited_by_count":1}],"updated_date":"2025-12-23T23:15:37.779995","created_date":"2025-12-23T00:00:00"}