default search action
Laurie A. Williams
Person information
- affiliation: North Carolina State University, Raleigh, USA
Refine list
refinements active!
zoomed in on ?? of ?? records
view refined list in
export refined list as
2020 – today
- 2024
- [j86]Sarah Elder, Md. Rayhanur Rahman, Gage Fringer, Kunal Kapoor, Laurie A. Williams:
A Survey on Software Vulnerability Exploitability Assessment. ACM Comput. Surv. 56(8): 205:1-205:41 (2024) - [j85]Laurie A. Williams:
Narrowing the Software Supply Chain Attack Vectors: The SSDF Is Wonderful but not Enough. IEEE Secur. Priv. 22(2): 4-7 (2024) - [j84]Rezvan Mahdavi-Hezaveh, Sameeha Fatima, Laurie A. Williams:
Paving a Path for a Combined Family of Feature Toggle and Configuration Option Research. ACM Trans. Softw. Eng. Methodol. 33(7): 172:1-172:27 (2024) - [c194]Nusrat Zahan, Philipp Burckhardt, Mikola Lysenko, Feross Aboukhadijeh, Laurie A. Williams:
MalwareBench: Malware samples are not enough. MSR 2024: 728-732 - [c193]Sivana Hamer, Marcelo d'Amorim, Laurie A. Williams:
Just another copy and paste? Comparing the security vulnerabilities of ChatGPT generated code and StackOverflow answers. SP (Workshops) 2024: 87-94 - [d1]Sivana Hamer, Marcelo d'Amorim, Laurie A. Williams:
Just another copy and paste? Comparing the security vulnerabilities of ChatGPT generated code and StackOverflow answers. Zenodo, 2024 - [i49]Md. Rayhanur Rahman, Setu Kumar Basak, Rezvan Mahdavi-Hezaveh, Laurie A. Williams:
Attackers reveal their arsenal: An investigation of adversarial techniques in CTI reports. CoRR abs/2401.01865 (2024) - [i48]Md. Rayhanur Rahman, Brandon Wroblewski, Quinn Matthews, Brantley Morgan, Tim Menzies, Laurie A. Williams:
Mining Temporal Attack Patterns from Cyberthreat Intelligence Reports. CoRR abs/2401.01883 (2024) - [i47]Nusrat Zahan, Philipp Burckhardt, Mikola Lysenko, Feross Aboukhadijeh, Laurie A. Williams:
Shifting the Lens: Detecting Malware in npm Ecosystem with Large Language Models. CoRR abs/2403.12196 (2024) - [i46]Sivana Hamer, Marcelo d'Amorim, Laurie A. Williams:
Just another copy and paste? Comparing the security vulnerabilities of ChatGPT generated code and StackOverflow answers. CoRR abs/2403.15600 (2024) - [i45]Imranur Rahman, Nusrat Zahan, Stephen Magill, William Enck, Laurie A. Williams:
Characterizing Dependency Update Practice of NPM, PyPI and Cargo Packages. CoRR abs/2403.17382 (2024) - [i44]Setu Kumar Basak, K. Virgil English, Ken Ogura, Vitesh Kambara, Bradley Reaves, Laurie A. Williams:
AssetHarvester: A Static Analysis Tool for Detecting Assets Protected by Secrets in Software Artifacts. CoRR abs/2403.19072 (2024) - [i43]Laurie A. Williams, Sammy Migues, Jamie Boote, Ben Hutchison:
Proactive Software Supply Chain Risk Management Framework (P-SSCRM) Version 1. CoRR abs/2404.12300 (2024) - [i42]Greg Tystahl, Yasemin Acar, Michel Cukier, William Enck, Christian Kästner, Alexandros Kapravelos, Dominik Wermke, Laurie A. Williams:
S3C2 Summit 2024-03: Industry Secure Supply Chain Summit. CoRR abs/2405.08762 (2024) - [i41]Sivana Hamer, Nasif Imtiaz, Mahzabin Tamanna, Preya Shabrina, Laurie A. Williams:
Trusting code in the wild: Exploring contributor reputation measures to review dependencies in the Rust ecosystem. CoRR abs/2406.10317 (2024) - [i40]Imranur Rahman, Ranidya Paramitha, Henrik Plate, Dominik Wermke, Laurie A. Williams:
Less Is More: A Mixed-Methods Study on Security-Sensitive API Calls in Java for Better Dependency Selection. CoRR abs/2408.02846 (2024) - [i39]Nusrat Zahan, Yasemin Acar, Michel Cukier, William Enck, Christian Kästner, Alexandros Kapravelos, Dominik Wermke, Laurie A. Williams:
S3C2 Summit 2023-11: Industry Secure Supply Chain Summit. CoRR abs/2408.16529 (2024) - [i38]Mahzabin Tamanna, Sivana Hamer, Mindy Tran, Sascha Fahl, Yasemin Acar, Laurie A. Williams:
Unraveling Challenges with Supply-Chain Levels for Software Artifacts (SLSA) for Securing the Software Supply Chain. CoRR abs/2409.05014 (2024) - 2023
- [j83]Md. Rayhanur Rahman, Rezvan Mahdavi-Hezaveh, Laurie A. Williams:
What Are the Attackers Doing Now? Automating Cyberthreat Intelligence Extraction from Text on Pace with the Changing Threat Landscape: A Survey. ACM Comput. Surv. 55(12): 241:1-241:36 (2023) - [j82]Carl E. Landwehr, Michael K. Reiter, Laurie A. Williams, Gene Tsudik, Trent Jaeger, Tadayoshi Kohno, Apu Kapadia:
Looking Backwards (and Forwards): NSF Secure and Trustworthy Computing 20-Year Retrospective Panel Transcription. IEEE Secur. Priv. 21(2): 32-42 (2023) - [j81]Nusrat Zahan, Elizabeth Lin, Mahzabin Tamanna, William Enck, Laurie A. Williams:
Software Bills of Materials Are Required. Are We There Yet? IEEE Secur. Priv. 21(2): 82-88 (2023) - [j80]Fabio Massacci, Laurie A. Williams:
Software Supply Chain Security [Guest Editors' Introduction]. IEEE Secur. Priv. 21(6): 8-10 (2023) - [j79]Nusrat Zahan, Parth Kanakiya, Brian Hambleton, Shohanuzzaman Shohan, Laurie A. Williams:
OpenSSF Scorecard: On the Path Toward Ecosystem-Wide Automated Security Metrics. IEEE Secur. Priv. 21(6): 76-88 (2023) - [j78]Nasif Imtiaz, Aniqa Khanom, Laurie A. Williams:
Open or Sneaky? Fast or Slow? Light or Heavy?: Investigating Security Releases of Open Source Packages. IEEE Trans. Software Eng. 49(4): 1540-1560 (2023) - [j77]Nasif Imtiaz, Laurie A. Williams:
Are Your Dependencies Code Reviewed?: Measuring Code Review Coverage in Dependency Updates. IEEE Trans. Software Eng. 49(11): 4932-4945 (2023) - [c192]Setu Kumar Basak, Jamison Cox, Bradley Reaves, Laurie A. Williams:
A Comparative Study of Software Secrets Reporting by Secret Detection Tools. ESEM 2023: 1-12 - [c191]Nusrat Zahan, Shohanuzzaman Shohan, Dan Harris, Laurie A. Williams:
Do Software Security Practices Yield Fewer Vulnerabilities? ICSE-SEIP 2023: 292-303 - [c190]Setu Kumar Basak, Lorenzo Neil, Bradley Reaves, Laurie A. Williams:
What Challenges Do Developers Face About Checked-in Secrets in Software Artifacts? ICSE 2023: 1635-1647 - [c189]Setu Kumar Basak, Lorenzo Neil, Bradley Reaves, Laurie A. Williams:
SecretBench: A Dataset of Software Secrets. MSR 2023: 347-351 - [i37]Setu Kumar Basak, Lorenzo Neil, Bradley Reaves, Laurie A. Williams:
What Challenges Do Developers Face About Checked-in Secrets in Software Artifacts? CoRR abs/2301.12377 (2023) - [i36]Setu Kumar Basak, Lorenzo Neil, Bradley Reaves, Laurie A. Williams:
SecretBench: A Dataset of Software Secrets. CoRR abs/2303.06729 (2023) - [i35]Nasif Imtiaz, Preya Shabrina, Laurie A. Williams:
Trusting code in the wild: A social network-based centrality rating for developers in the Rust ecosystem. CoRR abs/2306.00240 (2023) - [i34]Setu Kumar Basak, Jamison Cox, Bradley Reaves, Laurie A. Williams:
A Comparative Study of Software Secrets Reporting by Secret Detection Tools. CoRR abs/2307.00714 (2023) - [i33]Mindy Tran, Yasemin Acar, Michel Cucker, William Enck, Alexandros Kapravelos, Christian Kästner, Laurie A. Williams:
S3C2 Summit 2202-09: Industry Secure Suppy Chain Summit. CoRR abs/2307.15642 (2023) - [i32]Trevor Dunlap, Yasemin Acar, Michel Cucker, William Enck, Alexandros Kapravelos, Christian Kästner, Laurie A. Williams:
S3C2 Summit 2023-02: Industry Secure Supply Chain Summit. CoRR abs/2307.16557 (2023) - [i31]William Enck, Yasemin Acar, Michel Cukier, Alexandros Kapravelos, Christian Kästner, Laurie A. Williams:
S3C2 Summit 2023-06: Government Secure Supply Chain Summit. CoRR abs/2308.06850 (2023) - [i30]Aishwarya Seth, Saikath Bhattacharya, Sarah Elder, Nusrat Zahan, Laurie A. Williams:
Comparing Effectiveness and Efficiency of Interactive Application Security Testing (IAST) and Runtime Application Self-Protection (RASP) Tools in a Large Java-based System. CoRR abs/2312.17726 (2023) - [i29]Eric Bodden, Sam Weber, Laurie A. Williams:
Empirical Evaluation of Secure Development Processes (Dagstuhl Seminar 23181). Dagstuhl Reports 13(5): 1-21 (2023) - 2022
- [j76]Rui Shu, Tianpei Xia, Laurie A. Williams, Tim Menzies:
Omni: automated ensemble with unexpected models against adversarial evasion attack. Empir. Softw. Eng. 27(1): 26 (2022) - [j75]Md. Rayhanur Rahman, Nasif Imtiaz, Margaret-Anne D. Storey, Laurie A. Williams:
Why secret detection tools are not enough: It's not just about false positives - An industrial case study. Empir. Softw. Eng. 27(3): 59 (2022) - [j74]Sarah Elder, Nusrat Zahan, Rui Shu, Monica Metro, Valeri Kozarev, Tim Menzies, Laurie A. Williams:
Do I really need all this work to find vulnerabilities? Empir. Softw. Eng. 27(6): 154 (2022) - [j73]William Enck, Laurie A. Williams:
Top Five Challenges in Software Supply Chain Security: Observations From 30 Industry and Government Organizations. IEEE Secur. Priv. 20(2): 96-100 (2022) - [j72]Laurie A. Williams:
Trusting Trust: Humans in the Software Supply Chain Loop. IEEE Secur. Priv. 20(5): 7-10 (2022) - [j71]Charles Weir, Sammy Migues, Laurie A. Williams:
Exploring the Shift in Security Responsibility. IEEE Secur. Priv. 20(6): 8-17 (2022) - [j70]Rezvan Mahdavi-Hezaveh, Nirav Ajmeri, Laurie A. Williams:
Feature toggles as code: Heuristics and metrics for structuring feature toggles. Inf. Softw. Technol. 145: 106813 (2022) - [c188]Nusrat Zahan, Thomas Zimmermann, Patrice Godefroid, Brendan Murphy, Chandra Shekhar Maddila, Laurie A. Williams:
What are Weak Links in the npm Supply Chain? ICSE (SEIP) 2022: 331-340 - [c187]Rui Shu, Tianpei Xia, Laurie A. Williams, Tim Menzies:
Dazzle: Using Optimized Generative Adversarial Networks to Address Security Data Class Imbalance Issue. MSR 2022: 144-155 - [c186]Setu Kumar Basak, Lorenzo Neil, Bradley Reaves, Laurie A. Williams:
What are the Practices for Secret Management in Software Artifacts? SecDev 2022: 69-76 - [i28]Rui Shu, Tianpei Xia, Laurie A. Williams, Tim Menzies:
Dazzle: Using Optimized Generative Adversarial Networks to Address Security Data Class Imbalance Issue. CoRR abs/2203.11410 (2022) - [i27]Rui Shu, Tianpei Xia, Huy Tu, Laurie A. Williams, Tim Menzies:
Reducing the Cost of Training Security Classifier (via Optimized Semi-Supervised Learning). CoRR abs/2205.00665 (2022) - [i26]Nasif Imtiaz, Laurie A. Williams:
Phantom Artifacts & Code Review Coverage in Dependency Updates. CoRR abs/2206.09422 (2022) - [i25]Sarah Elder, Nusrat Zahan, Rui Shu, Monica Metro, Valeri Kozarev, Tim Menzies, Laurie A. Williams:
Do I really need all this work to find vulnerabilities? An empirical case study comparing vulnerability detection techniques on a Java application. CoRR abs/2208.01595 (2022) - [i24]Nusrat Zahan, Parth Kanakiya, Brian Hambleton, Shohanuzzaman Shohan, Laurie A. Williams:
PREPRINT: Can the OpenSSF Scorecard be used to measure the security posture of npm and PyPI? CoRR abs/2208.03412 (2022) - [i23]Setu Kumar Basak, Lorenzo Neil, Bradley Reaves, Laurie A. Williams:
What are the Practices for Secret Management in Software Artifacts? CoRR abs/2208.11280 (2022) - [i22]Md. Rayhanur Rahman, Laurie A. Williams:
From Threat Reports to Continuous Threat Intelligence: A Comparison of Attack Technique Extraction Methods from Textual Artifacts. CoRR abs/2210.02601 (2022) - [i21]Nusrat Zahan, Shohanuzzaman Shohan, Dan Harris, Laurie A. Williams:
PREPRINT: Do OpenSSF Scorecard Practices Contribute to Fewer Vulnerabilities? CoRR abs/2210.14884 (2022) - [i20]Md. Rayhanur Rahman, Laurie A. Williams:
Investigating co-occurrences of MITRE ATT\&CK Techniques. CoRR abs/2211.06495 (2022) - [i19]Md. Rayhanur Rahman, Laurie A. Williams:
An investigation of security controls and MITRE ATT&CK techniques. CoRR abs/2211.06500 (2022) - [i18]Rezvan Mahdavi-Hezaveh, Sameeha Fatima, Laurie A. Williams:
An Extended Model of Software Configuration. CoRR abs/2212.00505 (2022) - 2021
- [j69]Rezvan Mahdavi-Hezaveh, Jacob Dremann, Laurie A. Williams:
Software development with feature toggles: practices used by practitioners. Empir. Softw. Eng. 26(1): 1 (2021) - [j68]Rui Shu, Tianpei Xia, Jianfeng Chen, Laurie A. Williams, Tim Menzies:
How to Better Distinguish Security Bug Reports (Using Dual Hyperparameter Optimization). Empir. Softw. Eng. 26(3): 53 (2021) - [j67]Laurie A. Williams:
The People Who Live in Glass Houses Are Happy the Stones Weren't Thrown at Them [From the Editors]. IEEE Secur. Priv. 19(3): 4-7 (2021) - [j66]Akond Rahman, Laurie A. Williams:
Different Kind of Smells: Security Smells in Infrastructure as Code Scripts. IEEE Secur. Priv. 19(3): 33-41 (2021) - [j65]Akond Rahman, Md. Rayhanur Rahman, Chris Parnin, Laurie A. Williams:
Security Smells in Ansible and Chef Scripts: A Replication Study. ACM Trans. Softw. Eng. Methodol. 30(1): 3:1-3:31 (2021) - [j64]Zhe Yu, Christopher Theisen, Laurie A. Williams, Tim Menzies:
Improving Vulnerability Inspection Efficiency Using Active Learning. IEEE Trans. Software Eng. 47(11): 2401-2420 (2021) - [c185]Nasif Imtiaz, Seaver Thorn, Laurie A. Williams:
A comparative study of vulnerability reporting by software composition analysis tools. ESEM 2021: 5:1-5:11 - [c184]Sarah Elder, Nusrat Zahan, Valeri Kozarev, Rui Shu, Tim Menzies, Laurie A. Williams:
Structuring a Comprehensive Software Security Course Around the OWASP Application Security Verification Standard. ICSE (SEET) 2021: 95-104 - [c183]Saikath Bhattacharya, Munindar P. Singh, Laurie A. Williams:
Software Security Readiness and Deployment. ISSRE Workshops 2021: 298-299 - [c182]Charles Weir, Sammy Migues, Mike Ware, Laurie A. Williams:
Infiltrating security into development: exploring the world's largest software security study. ESEC/SIGSOFT FSE 2021: 1326-1336 - [i17]Sarah Elder, Nusrat Zahan, Val Kozarev, Rui Shu, Tim Menzies, Laurie A. Williams:
Structuring a Comprehensive Software Security Course Around the OWASP Application Security Verification Standard. CoRR abs/2103.05088 (2021) - [i16]Nasif Imtiaz, Laurie A. Williams:
Memory Error Detection in Security Testing. CoRR abs/2104.04385 (2021) - [i15]Nasif Imtiaz, Seaver Thorn, Laurie A. Williams:
A Comparative Study of Vulnerability Reporting by Software Composition Analysis Tools. CoRR abs/2108.12078 (2021) - [i14]Md. Rayhanur Rahman, Rezvan Mahdavi-Hezaveh, Laurie A. Williams:
What are the attackers doing now? Automating cyber threat intelligence extraction from text on pace with the changing threat landscape: A survey. CoRR abs/2109.06808 (2021) - [i13]Nasif Imtiaz, Aniqa Khanom, Laurie A. Williams:
Open or Sneaky? Fast or Slow? Light or Heavy?: Investigating Security Releases of Open Source Packages. CoRR abs/2112.06804 (2021) - [i12]Nusrat Zahan, Laurie A. Williams, Thomas Zimmermann, Patrice Godefroid, Brendan Murphy, Chandra Shekhar Maddila:
What are Weak Links in the npm Supply Chain? CoRR abs/2112.10165 (2021) - 2020
- [j63]Hui Guo, Özgür Kafali, Anne-Liz Jeukeng, Laurie A. Williams, Munindar P. Singh:
Çorba: crowdsourcing to obtain requirements from regulations and breaches. Empir. Softw. Eng. 25(1): 532-561 (2020) - [j62]Akond Rahman, Effat Farhana, Laurie A. Williams:
The 'as code' activities: development anti-patterns for infrastructure as code. Empir. Softw. Eng. 25(5): 3430-3467 (2020) - [j61]Christopher Theisen, Laurie A. Williams:
Better together: Comparing vulnerability prediction models. Inf. Softw. Technol. 119 (2020) - [j60]Mehdi Mirakhorli, Matthias Galster, Laurie A. Williams:
Understanding Software Security from Design to Deployment. ACM SIGSOFT Softw. Eng. Notes 45(2): 25-26 (2020) - [c181]Md. Rayhanur Rahman, William Enck, Laurie A. Williams:
Do configuration management tools make systems more secure?: an empirical research plan. HotSoS 2020: 23:1-23:2 - [c180]Md. Rayhanur Rahman, Rezvan Mahdavi-Hezaveh, Laurie A. Williams:
A Literature Review on Mining Cyberthreat Intelligence from Unstructured Texts. ICDM (Workshops) 2020: 516-525 - [c179]Akond Rahman, Effat Farhana, Chris Parnin, Laurie A. Williams:
Gang of eight: a defect taxonomy for infrastructure as code scripts. ICSE 2020: 752-764 - [i11]Akond Rahman, Effat Farhana, Laurie A. Williams:
The 'as Code' Activities: Development Anti-patterns for Infrastructure as Code. CoRR abs/2006.00177 (2020) - [i10]Rui Shu, Tianpei Xia, Laurie A. Williams, Tim Menzies:
Omni: Automated Ensemble with Unexpected Models against Adversarial Evasion Attack. CoRR abs/2011.12720 (2020)
2010 – 2019
- 2019
- [j59]Laurie A. Williams:
Science Leaves Clues. IEEE Secur. Priv. 17(5): 4-6 (2019) - [j58]Inger Anne Tøndel, Martin Gilje Jaatun, Daniela Soares Cruzes, Laurie A. Williams:
Collaborative security risk estimation in agile software development. Inf. Comput. Secur. 27(4) (2019) - [j57]Akond Rahman, Rezvan Mahdavi-Hezaveh, Laurie A. Williams:
A systematic mapping study of infrastructure as code research. Inf. Softw. Technol. 108: 65-77 (2019) - [j56]Akond Rahman, Laurie A. Williams:
Source code properties of defective infrastructure as code scripts. Inf. Softw. Technol. 112: 148-163 (2019) - [c178]Nuthan Munaiah, Akond Rahman, Justin Pelletier, Laurie A. Williams, Andrew Meneely:
Characterizing Attacker Behavior in a Cybersecurity Penetration Testing Competition. ESEM 2019: 1-6 - [c177]Akond Rahman, Laurie A. Williams:
A bird's eye view of knowledge needs related to penetration testing. HotSoS 2019: 9:1-9:2 - [c176]Nasif Imtiaz, Laurie A. Williams:
A synopsis of static analysis alerts on open source software. HotSoS 2019: 12:1-12:3 - [c175]Akond Rahman, Chris Parnin, Laurie A. Williams:
The seven sins: security smells in infrastructure as code scripts. ICSE 2019: 164-175 - [c174]Md. Rayhanur Rahman, Akond Rahman, Laurie A. Williams:
Share, But be Aware: Security Smells in Python Gists. ICSME 2019: 536-540 - [c173]Nasif Imtiaz, Brendan Murphy, Laurie A. Williams:
How Do Developers Act on Static Analysis Alerts? An Empirical Study of Coverity Usage. ISSRE 2019: 323-333 - [c172]Nasif Imtiaz, Akond Rahman, Effat Farhana, Laurie A. Williams:
Challenges with responding to static analysis tool alerts. MSR 2019: 245-249 - [i9]Rui Shu, Tianpei Xia, Laurie A. Williams, Tim Menzies:
Better Security Bug Report Classification via Hyperparameter Optimization. CoRR abs/1905.06872 (2019) - [i8]Rezvan Mahdavi-Hezaveh, Jacob Dremann, Laurie A. Williams:
Feature Toggle Driven Development: Practices usedby Practitioners. CoRR abs/1907.06157 (2019) - [i7]Akond Rahman, Md. Rayhanur Rahman, Chris Parnin, Laurie A. Williams:
Security Smells in Infrastructure as Code Scripts. CoRR abs/1907.07159 (2019) - [i6]Rui Shu, Tianpei Xia, Jianfeng Chen, Laurie A. Williams, Tim Menzies:
Improved Recognition of Security Bugs via Dual Hyperparameter Optimization. CoRR abs/1911.02476 (2019) - 2018
- [j55]Patrick Morrison, Rahul Pandita, Xusheng Xiao, Ram Chillarege, Laurie A. Williams:
Are vulnerabilities discovered and resolved like other defects? Empir. Softw. Eng. 23(3): 1383-1421 (2018) - [j54]Patrick Morrison, David Moye, Rahul Pandita, Laurie A. Williams:
Mapping the field of software life cycle security metrics. Inf. Softw. Technol. 102: 146-159 (2018) - [j53]Christopher Theisen, Nuthan Munaiah, Mahran Al-Zyoud, Jeffrey C. Carver, Andrew Meneely, Laurie A. Williams:
Attack surface definitions: A systematic literature review. Inf. Softw. Technol. 104: 94-103 (2018) - [j52]Laurie A. Williams, Gary McGraw, Sammy Migues:
Engineering Security Vulnerability Prevention, Detection, and Response. IEEE Softw. 35(5): 76-80 (2018) - [c171]Sarah Elder, Anna Mattapallil, Laurie A. Williams:
A comparative analysis of manual methods for analyzing security requirements in regulatory documents: POSTER. HotSoS 2018: 13:1 - [c170]Christopher Theisen, Laurie A. Williams:
How bad is it, really? an analysis of severity scores for vulnerabilities: poster. HotSoS 2018: 20:1 - [c169]Hui Guo, Özgür Kafali, Anne-Liz Jeukeng, Laurie A. Williams, Munindar P. Singh:
Toward extraction of security requirements from text: poster. HotSoS 2018: 27:1 - [c168]Laurie A. Williams:
Continuously integrating security. SEAD@ICSE 2018: 1-2 - [c167]Akond Rahman, Asif Partho, Patrick Morrison, Laurie A. Williams:
What questions do programmers ask about configuration as code? RCoSE@ICSE 2018: 16-22 - [c166]Akond Rahman, Jonathan Stallings, Laurie A. Williams:
Defect prediction metrics for infrastructure as code scripts in DevOps. ICSE (Companion Volume) 2018: 414-415 - [c165]Patrick Morrison, Tosin Daniel Oyetoyan, Laurie A. Williams:
Identifying security issues in software development: are keywords enough? ICSE (Companion Volume) 2018: 426-427 - [c164]Patrick J. Morrison, Rahul Pandita, Xusheng Xiao, Ram Chillarege, Laurie A. Williams:
Are vulnerabilities discovered and resolved like other defects? ICSE 2018: 498 - [c163]Akond Rahman, Laurie A. Williams:
Characterizing Defective Configuration Scripts Used for Continuous Deployment. ICST 2018: 34-45 - [c162]Christopher Theisen, Hyunwoo Sohn, Dawson Tripp, Laurie A. Williams:
BP: Profiling Vulnerabilities on the Attack Surface. SecDev 2018: 110-119 - [e9]Munindar P. Singh, Laurie A. Williams, Rick Kuhn, Tao Xie:
Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security, HoTSoS 2018, Raleigh, North Carolina, USA, April 10-11, 2018. ACM 2018 [contents] - [i5]Zhe Yu, Christopher Theisen, Hyunwoo Sohn, Laurie A. Williams, Tim Menzies:
Cost-aware Vulnerability Prediction: the HARMLESS Approach. CoRR abs/1803.06545 (2018) - [i4]Akond Rahman, Rezvan Mahdavi-Hezaveh, Laurie A. Williams:
Where Are The Gaps? A Systematic Mapping Study of Infrastructure as Code Research. CoRR abs/1807.04872 (2018) - [i3]Akond Rahman, Sarah Elder, Faysal Hossain Shezan, Vanessa Frost, Jonathan Stallings, Laurie A. Williams:
Categorizing Defects in Infrastructure as Code. CoRR abs/1809.07937 (2018) - [i2]Akond Rahman, Laurie A. Williams:
Source Code Properties of Defective Infrastructure as Code Scripts. CoRR abs/1810.09605 (2018) - 2017
- [j51]Laurie A. Williams, Doug Baldwin:
Highlights of the ACM student research competition. Commun. ACM 60(11): 5 (2017) - [j50]Maria Riaz, Jason Tyler King, John Slankas, Laurie A. Williams, Fabio Massacci, Christian Quesada-López, Marcelo Jenkins:
Identifying the implied: Findings from three differentiated replications on the use of security requirements templates. Empir. Softw. Eng. 22(4): 2127-2178 (2017) - [j49]Jason Tyler King, Jonathan Stallings, Maria Riaz, Laurie A. Williams:
To log, or not to log: using heuristics to identify mandatory log events - a controlled experiment. Empir. Softw. Eng. 22(5): 2684-2717 (2017) - [j48]Christopher Theisen, Marcel Dunaiski, Laurie A. Williams, Willem Visser:
Software Engineering Research at the International Conference on Software Engineering in 2016. ACM SIGSOFT Softw. Eng. Notes 42(4): 1-7 (2017) - [j47]Rahul Pandita, Raoul Jetley, Sithu D. Sudarsan, Tim Menzies, Laurie A. Williams:
TMAP: Discovering relevant API methods through text mining of API documentation. J. Softw. Evol. Process. 29(12) (2017) - [j46]Chris Parnin, Eric Helms, Chris Atlee, Harley Boughton, Mark Ghattas, Andy Glover, James Holman, John Micco, Brendan Murphy, Tony Savor, Michael Stumm, Shari Whitaker, Laurie A. Williams:
The Top 10 Adages in Continuous Deployment. IEEE Softw. 34(3): 86-95 (2017) - [c161]Christopher Theisen, Ted Zhu, Kevin M. Oliver, Laurie A. Williams:
Teaching Secure Software Development Through an Online Course. SecSE@ESORICS 2017: 19-33 - [c160]Morgan Burcham, Mahran Al-Zyoud, Jeffrey C. Carver, Mohammed Noraden Alsaleh, Hongying Du, Fida Gillani, Jun Jiang, Akond Rahman, Özgür Kafali, Ehab Al-Shaer, Laurie A. Williams:
Characterizing Scientific Reporting in Security Literature: An analysis of ACM CCS and IEEE S&P Papers. HotSoS 2017: 13-23 - [c159]Patrick Morrison, Benjamin H. Smith, Laurie A. Williams:
Surveying Security Practice Adherence in Software Development. HotSoS 2017: 85-94 - [c158]Patrick Morrison, Benjamin H. Smith, Laurie A. Williams:
Measuring Security Practice Use: A Case Study at IBM. CESI@ICSE 2017: 16-22 - [c157]Akond Rahman, Asif Partho, David Meder, Laurie A. Williams:
Which Factors Influence Practitioners' Usage of Build Automation Tools? RCoSE@ICSE 2017: 20-26 - [c156]Katja Kevic, Brendan Murphy, Laurie A. Williams, Jennifer Beckmann:
Characterizing Experimentation in Continuous Deployment: A Case Study on Bing. ICSE-SEIP 2017: 123-132 - [c155]Akond Rahman, Priysha Pradhan, Asif Partho, Laurie A. Williams:
Predicting Android Application Security and Privacy Risk with Static Code Metrics. MOBILESoft@ICSE 2017: 149-153 - [c154]Christopher Theisen, Kim Herzig, Brendan Murphy, Laurie A. Williams:
Risk-Based Attack Surface Approximation: How Much Data Is Enough? ICSE-SEIP 2017: 273-282 - [c153]Christopher Theisen, Marcel Dunaiski, Laurie A. Williams, Willem Visser:
Writing good software engineering research papers: revisited. ICSE (Companion Volume) 2017: 402 - [c152]Özgür Kafali, Jasmine Jones, Megan Petruso, Laurie A. Williams, Munindar P. Singh:
How good is a security policy against real breaches?: a HIPAA case study. ICSE 2017: 530-540 - [c151]Mahran Al-Zyoud, Laurie A. Williams, Jeffrey C. Carver:
Step One Towards Science of Security. SafeConfig@CCS 2017: 31-35 - [c150]Laurie A. Williams:
The rising tide lifts all boats: the advancement of science in cyber security (invited talk). ESEC/SIGSOFT FSE 2017: 1 - [c149]Laurie A. Williams:
Building forensics in: supporting the investigation of digital criminal activities (invited talk). SERF@ESEC/SIGSOFT FSE 2017: 1 - [e8]Michaela Huhn, Laurie A. Williams:
Software Engineering in Health Care - 4th International Symposium, FHIES 2014, and 6th International Workshop, SEHC 2014, Washington, DC, USA, July 17-18, 2014, Revised Selected Papers. Lecture Notes in Computer Science 9062, Springer 2017, ISBN 978-3-319-63193-6 [contents] - 2016
- [j45]Hanan Hibshi, Travis D. Breaux, Maria Riaz, Laurie A. Williams:
A grounded analysis of experts' decision-making during security assessments. J. Cybersecur. 2(2): 147-163 (2016) - [c148]Maria Riaz, Jonathan Stallings, Munindar P. Singh, John Slankas, Laurie A. Williams:
DIGS: A Framework for Discovering Goals for Security Requirements Engineering. ESEM 2016: 35:1-35:10 - [c147]Jeffrey C. Carver, Morgan Burcham, Sedef Akinli Koçak, Ayse Bener, Michael Felderer, Matthias Gander, Jason King, Jouni Markkula, Markku Oivo, Clemens Sauerwein, Laurie A. Williams:
Establishing a baseline for measuring advancement in the science of security: an analysis of the 2015 IEEE security & privacy proceedings. HotSoS 2016: 38-51 - [c146]Özgür Kafali, Munindar P. Singh, Laurie A. Williams:
Toward a normative approach for forensicability. HotSoS 2016: 65-67 - [c145]Akond Ashfaque Ur Rahman, Laurie A. Williams:
Security practices in DevOps. HotSoS 2016: 109-111 - [c144]Christopher Theisen, Laurie A. Williams:
Risk-based attack surface approximation: poster. HotSoS 2016: 121-123 - [c143]Tony Savor, Mitchell Douglas, Michael Gentili, Laurie A. Williams, Kent L. Beck, Michael Stumm:
Continuous deployment at Facebook and OANDA. ICSE (Companion Volume) 2016: 21-30 - [c142]Akond Ashfaque Ur Rahman, Laurie A. Williams:
Software security in DevOps: synthesizing practitioners' perceptions and practices. CSED@ICSE 2016: 70-76 - [c141]Christopher Theisen, Laurie A. Williams, Kevin M. Oliver, Emerson R. Murphy-Hill:
Software security education at scale. ICSE (Companion Volume) 2016: 346-355 - [c140]Rahul Pandita, Kunal Taneja, Laurie A. Williams, Teresa Tung:
ICON: Inferring Temporal Constraints from Natural Language API Descriptions. ICSME 2016: 378-388 - [c139]Maria Riaz, Sarah Elder, Laurie A. Williams:
Systematically Developing Prevention, Detection, and Response Patterns for Security Requirements. RE Workshops 2016: 62-67 - [c138]Özgür Kafali, Munindar P. Singh, Laurie A. Williams:
NANE: Identifying Misuse Cases Using Temporal Norm Enactments. RE 2016: 136-145 - [p4]Christopher Theisen, Laurie A. Williams:
Stack traces reveal attack surfaces. Perspectives on Data Science for Software Engineering 2016: 73-76 - [e7]Tim Menzies, Laurie A. Williams, Thomas Zimmermann:
Perspectives on Data Science for Software Engineering. Academic Press 2016, ISBN 978-0-12-804206-9 [contents] - [e6]Laura K. Dillon, Willem Visser, Laurie A. Williams:
Proceedings of the 38th International Conference on Software Engineering, ICSE 2016, Austin, TX, USA, May 14-22, 2016. ACM 2016, ISBN 978-1-4503-3900-1 [contents] - [e5]Laura K. Dillon, Willem Visser, Laurie A. Williams:
Proceedings of the 38th International Conference on Software Engineering, ICSE 2016, Austin, TX, USA, May 14-22, 2016 - Companion Volume. ACM 2016, ISBN 978-1-4503-4205-6 [contents] - 2015
- [j44]Maria Riaz, Travis D. Breaux, Laurie A. Williams:
How have we evaluated software pattern application? A systematic mapping study of research design practices. Inf. Softw. Technol. 65: 14-38 (2015) - [c137]Akond Ashfaque Ur Rahman, Eric Helms, Laurie A. Williams, Chris Parnin:
Synthesizing Continuous Deployment Practices Used in Software Development. AGILE 2015: 1-10 - [c136]Patrick Morrison, Kim Herzig, Brendan Murphy, Laurie A. Williams:
Challenges with applying vulnerability prediction models. HotSoS 2015: 4:1-4:9 - [c135]Jason King, Rahul Pandita, Laurie A. Williams:
Enabling forensics by proposing heuristics to identify mandatory log events. HotSoS 2015: 6:1-6:11 - [c134]Christopher Theisen, Kim Herzig, Patrick Morrison, Brendan Murphy, Laurie A. Williams:
Approximating Attack Surfaces with Stack Traces. ICSE (2) 2015: 199-208 - [c133]Rahul Pandita, Raoul Praful Jetley, Sithu D. Sudarsan, Laurie A. Williams:
Discovering likely mappings between APIs using text mining. SCAM 2015: 231-240 - [p3]Brendan Murphy, Jacek Czerwonka, Laurie A. Williams:
Using Data to Make Decisions in Software Engineering. The Art and Science of Analyzing Software Data 2015: 349-375 - 2014
- [j43]Hema Srikanth, Sean Banerjee, Laurie A. Williams, Jason A. Osborne:
Towards the prioritization of system test cases. Softw. Test. Verification Reliab. 24(4): 320-337 (2014) - [c132]John Slankas, Xusheng Xiao, Laurie A. Williams, Tao Xie:
Relation extraction for inferring access control rules from natural language artifacts. ACSAC 2014: 366-375 - [c131]Maria Riaz, John Slankas, Jason Tyler King, Laurie A. Williams:
Using templates to elicit implied security requirements from functional requirements - a controlled experiment. ESEM 2014: 22:1-22:10 - [c130]Jason Tyler King, Laurie A. Williams:
Log your CRUD: design principles for software logging mechanisms. HotSoS 2014: 5 - [c129]JeeHyun Hwang, Laurie A. Williams, Mladen A. Vouk:
Access control policy evolution: an empirical study. HotSoS 2014: 28 - [c128]Shweta Subramani, Mladen A. Vouk, Laurie A. Williams:
An analysis of Fedora security profile. HotSoS 2014: 35 - [c127]JeeHyun Hwang, Da Young Lee, Laurie A. Williams, Mladen A. Vouk:
Access Control Policy Evolution: An Empirical Study. ISSRE 2014: 245-254 - [c126]Hanan Hibshi, Travis D. Breaux, Maria Riaz, Laurie A. Williams:
Towards a framework to measure security expertise in requirements analysis. ESPRE 2014: 13-18 - [c125]Maria Riaz, Jason Tyler King, John Slankas, Laurie A. Williams:
Hidden in plain sight: Automatically identifying security requirements from natural language artifacts. RE 2014: 183-192 - [c124]Anthony Thyron Rivers, Mladen A. Vouk, Laurie A. Williams:
On Coverage-Based Attack Profiles. SERE (Companion) 2014: 5-6 - [c123]Maureen Doyle, Laurie A. Williams, Mike Cohn, Kenneth S. Rubin:
Agile Software Development in Practice. XP 2014: 32-45 - [e4]Laurie A. Williams, David M. Nicol, Munindar P. Singh:
Proceedings of the 2014 Symposium and Bootcamp on the Science of Security, HotSoS 2014, Raleigh, NC, USA, April 08 - 09, 2014. ACM 2014, ISBN 978-1-4503-2907-1 [contents] - [i1]Harald C. Gall, Tim Menzies, Laurie A. Williams, Thomas Zimmermann:
Software Development Analytics (Dagstuhl Seminar 14261). Dagstuhl Reports 4(6): 64-83 (2014) - 2013
- [j42]Yonghee Shin, Laurie A. Williams:
Can traditional fault prediction models be used for vulnerability prediction? Empir. Softw. Eng. 18(1): 25-59 (2013) - [j41]Andrew Austin, Casper Holmgreen, Laurie A. Williams:
A comparison of the efficiency and effectiveness of vulnerability discovery techniques. Inf. Softw. Technol. 55(7): 1279-1288 (2013) - [c122]Patrick Morrison, Casper Holmgreen, Aaron Massey, Laurie A. Williams:
Proposing Regulatory-Driven Automated Test Suites. AGILE 2013: 11-21 - [c121]Brendan Murphy, Christian Bird, Thomas Zimmermann, Laurie A. Williams, Nachiappan Nagappan, Andrew Begel:
Have Agile Techniques been the Silver Bullet for Software Development at Microsoft? ESEM 2013: 75-84 - [c120]Patrick Morrison, Casper Holmgreen, Aaron Massey, Laurie A. Williams:
Proposing regulatory-driven automated test suites for electronic health record systems. SEHC@ICSE 2013: 46-49 - [c119]Patrick Francis, Laurie A. Williams:
Determining "Grim Reaper" Policies to Prevent Languishing Bugs. ICSM 2013: 436-439 - [c118]Shweta Subramani, Mladen A. Vouk, Laurie A. Williams:
Non-operational testing of software for security issues. ISSRE (Supplemental Proceedings) 2013: 21-22 - [c117]Da Young Lee, Mladen A. Vouk, Laurie A. Williams:
Using software reliability models for security assessment - Verification of assumptions. ISSRE (Supplemental Proceedings) 2013: 23-24 - [c116]Brendan Murphy, Laurie A. Williams:
To branch or not to branch that is the question. ISSRE (Supplemental Proceedings) 2013: 55 - [c115]Kumi Jinzenji, Takashi Hoshino, Laurie A. Williams, Kenji Takahashi:
An experience report for software quality evaluation in highly iterative development methodology using traditional metrics. ISSRE 2013: 310-319 - [c114]Sarah Smith Heckman, Laurie A. Williams:
A comparative evaluation of static analysis actionable alert identification techniques. PROMISE 2013: 4:1-4:10 - [c113]John Slankas, Laurie A. Williams:
Access Control Policy Extraction from Unconstrained Natural Language Text. SocialCom 2013: 435-440 - [c112]Jason Tyler King, Laurie A. Williams:
Cataloging and Comparing Logging Mechanism Specifications for Electronic Health Record Systems. HealthTech 2013 - 2012
- [j40]Laurie A. Williams:
What agile teams think of agile principles. Commun. ACM 55(4): 71-76 (2012) - [j39]Jason Tyler King, Ben H. Smith, Laurie A. Williams:
Audit Mechanisms in Electronic Health Record Systems: Protected Health Information May Remain Vulnerable to Undetected Misuse. Int. J. Comput. Model. Algorithms Medicine 3(2): 23-42 (2012) - [j38]Andrew Meneely, Ben H. Smith, Laurie A. Williams:
Validating software metrics: A spectrum of philosophies. ACM Trans. Softw. Eng. Methodol. 21(4): 24:1-24:28 (2012) - [c111]Jason Tyler King, Ben H. Smith, Laurie A. Williams:
Modifying without a trace: general audit guidelines are inadequate for open-source electronic health record audit mechanisms. IHI 2012: 305-314 - [c110]Kumi Jinzenji, Takashi Hoshino, Laurie A. Williams, Kenji Takahashi:
Metric-Based Quality Evaluations for Iterative Software Development Approaches Like Agile. ISSRE Workshops 2012: 54-63 - [c109]John Slankas, Laurie A. Williams:
Classifying Natural Language Sentences for Policy. POLICY 2012: 33-36 - [c108]Maria Riaz, Laurie A. Williams:
Security requirements patterns: understanding the science behind the art of pattern writing. RePa 2012: 29-34 - [c107]Ben H. Smith, Laurie A. Williams:
On the Effective Use of Security Test Patterns. SERE 2012: 108-117 - [c106]Jason Tyler King, Laurie A. Williams:
Secure Logging and Auditing in Electronic Health Records Systems: What Can We Learn from the Payment Card Industry. HealthSec 2012 - [c105]Patrick Morrison, Laurie A. Williams:
An Analysis of HIPAA Breach Data. HealthSec 2012 - 2011
- [j37]Sarah Smith Heckman, Laurie A. Williams:
A systematic literature review of actionable alert identification techniques for automated static code analysis. Inf. Softw. Technol. 53(4): 363-387 (2011) - [j36]Yonghee Shin, Andrew Meneely, Laurie A. Williams, Jason A. Osborne:
Evaluating Complexity, Code Churn, and Developer Activity Metrics as Indicators of Software Vulnerabilities. IEEE Trans. Software Eng. 37(6): 772-787 (2011) - [c104]Andrew Austin, Laurie A. Williams:
One Technique is Not Enough: A Comparison of Vulnerability Discovery Techniques. ESEM 2011: 97-106 - [c103]Laurie A. Williams, Gabe Brown, Adam Meltzer, Nachiappan Nagappan:
Scrum + Engineering Practices: Experiences of Three Microsoft Teams. ESEM 2011: 463-471 - [c102]Yonghee Shin, Laurie A. Williams:
An initial study on the use of execution complexity metrics as indicators of software vulnerabilities. SESS@ICSE 2011: 1-7 - [c101]Eric Helms, Laurie A. Williams:
Evaluating access control of open source electronic health record systems. SEHC@ICSE 2011: 63-70 - [c100]Andrew Meneely, Laurie A. Williams:
Socio-technical developer networks: should we trust our measurements? ICSE 2011: 281-290 - [c99]Ben H. Smith, Laurie A. Williams:
Using SQL Hotspots in a Prioritization Heuristic for Detecting All Types of Web Application Vulnerabilities. ICST 2011: 220-229 - [c98]Thomas Zimmermann, Nachiappan Nagappan, Kim Herzig, Rahul Premraj, Laurie A. Williams:
An Empirical Study on the Relation between Dependency Neighborhoods and Failures. ICST 2011: 347-356 - [c97]Laurie A. Williams:
Seven habits of highly impactful empirical software engineers. PROMISE 2011: 1 - [c96]Jessica Young Schmidt, Annie I. Antón, Laurie A. Williams, Paul N. Otto:
The role of data use agreements in specifying legally compliant software requirements. RELAW 2011: 1-4 - [c95]Andrew Meneely, Pete Rotella, Laurie A. Williams:
Does adding manpower also affect quality?: an empirical, longitudinal analysis. SIGSOFT FSE 2011: 81-90 - [p2]Laurie A. Williams:
Pair Programming. Making Software 2011: 311-328 - [e3]James Walden, Laurie A. Williams:
Third International Workshop on Security Measurements and Metrics, Metrisec@ESEM 2011, Banff, Alberta, Canada, September 21, 2011. IEEE 2011, ISBN 978-1-4673-1245-5 [contents] - 2010
- [j35]Laurie A. Williams:
Agile Software Development Methodologies and Practices. Adv. Comput. 80: 1-44 (2010) - [j34]Andrew Meneely, Laurie A. Williams:
On the Use of Issue Tracking Annotations for Improving Developer Activity Metrics. Adv. Softw. Eng. 2010: 273080:1-273080:9 (2010) - [j33]Laurie A. Williams:
Guest editorial: Special issue on software reliability engineering. Empir. Softw. Eng. 15(4): 321-322 (2010) - [j32]Laurie A. Williams, Andrew Meneely, Grant Shipley:
Protection Poker: The New Software Security "Game";. IEEE Secur. Priv. 8(3): 14-20 (2010) - [c94]Laurie A. Williams, Kenny Rubin, Mike Cohn:
Driving Process Improvement via Comparative Agility Assessment. AGILE 2010: 3-10 - [c93]Andrew Meneely, Laurie A. Williams:
Strengthening the empirical analysis of the relationship between Linus' Law and software security. ESEM 2010 - [c92]Ben H. Smith, Laurie A. Williams, Andrew Austin:
Idea: Using System Level Testing for Revealing SQL Injection-Related Error Message Information Leaks. ESSoS 2010: 192-200 - [c91]Andrew Austin, Ben H. Smith, Laurie A. Williams:
Towards improved security criteria for certification of electronic health record systems. SEHC@ICSE 2010: 68-73 - [c90]Andrew Meneely, Mackenzie Corcoran, Laurie A. Williams:
Improving developer activity metrics with issue tracking annotations. WETSoM 2010: 75-80 - [c89]Raza Abbas Syed, Brian Robinson, Laurie A. Williams:
Does Hardware Configuration and Processor Load Impact Software Fault Observability? ICST 2010: 285-294 - [c88]Thomas Zimmermann, Nachiappan Nagappan, Laurie A. Williams:
Searching for a Needle in a Haystack: Predicting Security Vulnerabilities for Windows Vista. ICST 2010: 421-428 - [r2]Laurie A. Williams:
Pair Programming. Encyclopedia of Software Engineering 2010: 651-659
2000 – 2009
- 2009
- [j31]Ben H. Smith, Laurie A. Williams:
On guiding the augmentation of an automated test suite via mutation analysis. Empir. Softw. Eng. 14(3): 341-369 (2009) - [j30]Stephen Thomas, Laurie A. Williams, Tao Xie:
On automated prepared statement generation to remove SQL injection vulnerabilities. Inf. Softw. Technol. 51(3): 589-598 (2009) - [j29]Ben H. Smith, Laurie A. Williams:
Should software testers use mutation analysis to augment a test set? J. Syst. Softw. 82(11): 1819-1832 (2009) - [j28]William Everett, James J. Cusick, Laurie A. Williams:
John D. Musa. IEEE Softw. 26(5): 102 (2009) - [c87]Andrew Meneely, Laurie A. Williams:
Secure open source collaboration: an empirical study of linus' law. CCS 2009: 453-462 - [c86]Laurie A. Williams, Michael Gegick, Andrew Meneely:
Protection Poker: Structuring Software Security Risk Assessment and Knowledge Transfer. ESSoS 2009: 122-134 - [c85]Michael Gegick, Pete Rotella, Laurie A. Williams:
Toward Non-security Failures as a Predictor of Security Faults and Failures. ESSoS 2009: 135-149 - [c84]Sarah Smith Heckman, Laurie A. Williams:
A Model Building Process for Identifying Actionable Static Analysis Alerts. ICST 2009: 161-170 - [c83]Michael Gegick, Pete Rotella, Laurie A. Williams:
Predicting Attack-prone Components. ICST 2009: 181-190 - [c82]Laurie A. Williams, Gunnar Kudrjavets, Nachiappan Nagappan:
On the Effectiveness of Unit Test Automation at Microsoft. ISSRE 2009: 81-89 - [c81]Andrew Meneely, Laurie A. Williams:
On preparing students for distributed software development with a synchronous, collaborative development platform. SIGCSE 2009: 529-533 - 2008
- [j27]Nachiappan Nagappan, E. Michael Maximilien, Thirumalesh Bhat, Laurie A. Williams:
Realizing quality improvement through test driven development: results and experiences of four industrial teams. Empir. Softw. Eng. 13(3): 289-302 (2008) - [c80]Laurie A. Williams, D. Scott McCrickard, Lucas Layman, Khaled Hussein:
Eleven Guidelines for Implementing Pair Programming in the Classroom. AGILE 2008: 445-452 - [c79]Michael Gegick, Laurie A. Williams, Jason A. Osborne, Mladen A. Vouk:
Prioritizing software security fortification throughcode-level metrics. QoP 2008: 31-38 - [c78]Yonghee Shin, Laurie A. Williams:
Is complexity really the enemy of software security? QoP 2008: 47-50 - [c77]Sarah Smith Heckman, Laurie A. Williams:
On establishing a benchmark for evaluating static analysis alert prioritization and classification techniques. ESEM 2008: 41-50 - [c76]Yonghee Shin, Laurie A. Williams:
An empirical model to predict security vulnerabilities using code complexity metrics. ESEM 2008: 315-317 - [c75]Ben H. Smith, Yonghee Shin, Laurie A. Williams:
Proposing SQL statement coverage metrics. SESS 2008: 49-56 - [c74]Lucas Layman, Laurie A. Williams, Robert St. Amant:
MimEc: intelligent user notification of faults in the eclipse IDE. CHASE 2008: 73-76 - [c73]Mark Sherriff, Laurie A. Williams:
Empirical Software Change Impact Analysis using Singular Value Decomposition. ICST 2008: 268-277 - [c72]Michael Gegick, Laurie A. Williams:
Ranking Attack-Prone Components with a Predictive Model. ISSRE 2008: 315-316 - [c71]Andrew Meneely, Laurie A. Williams, Edward F. Gehringer:
ROSE: a repository of education-friendly open-source projects. ITiCSE 2008: 7-11 - [c70]Steven Fraser, Djenana Campara, Robert Gleichauf, Harriet Pearson, Peter P. Swire, Laurie A. Williams:
Privacy and security: what are you doing to keep the community safe? OOPSLA Companion 2008: 801-804 - [c69]Chih-Wei Ho, Laurie A. Williams, Brian Robinson:
Examining the Relationships between Performance Requirements and "Not a Problem" Defect Reports. RE 2008: 135-144 - [c68]Andrew Meneely, Laurie A. Williams, Will Snipes, Jason A. Osborne:
Predicting failures with developer networks and social network analysis. SIGSOFT FSE 2008: 13-23 - [p1]Laurie A. Williams, Mladen A. Vouk:
Agile Software Development. Wiley Encyclopedia of Computer Science and Engineering 2008 - [e2]Hossein Saiedian, Laurie A. Williams:
Proceedings 21st Conference on Software Engineering Education and Training, CSEET 2008, 14-17 April 2008, Charleston, South Carolina, USA. IEEE Computer Society 2008, ISBN 978-0-7695-3144-1 [contents] - 2007
- [j26]Michael Gegick, Laurie A. Williams:
On the design of more secure software-intensive systems by use of attack patterns. Inf. Softw. Technol. 49(4): 381-397 (2007) - [j25]Laurie A. Williams:
Lessons learned from seven years of pair programming at North Carolina State University. ACM SIGCSE Bull. 39(4): 79-83 (2007) - [j24]Michael J. Johnson, Chih-Wei Ho, E. Michael Maximilien, Laurie A. Williams:
Incorporating Performance Testing in Test-Driven Development. IEEE Softw. 24(3): 67-73 (2007) - [c67]Julio Cesar Sanchez, Laurie A. Williams, E. Michael Maximilien:
On the Sustained Use of a Test-Driven Development Practice at IBM. AGILE 2007: 5-14 - [c66]Mark Sherriff, Sarah Smith Heckman, Mike Lake, Laurie A. Williams:
Identifying fault-prone files using static analysis alerts through singular value decomposition. CASCON 2007: 276-279 - [c65]Laurie A. Williams, Lucas Layman:
Lab Partners: If They're Good Enough for the Natural Sciences, Why Aren't They Good Enough for Us? CSEE&T 2007: 72-82 - [c64]Lucas Layman, Laurie A. Williams, Robert St. Amant:
Toward Reducing Fault Fix Time: Understanding Developer Behavior for the Design of Automated Fault Detection Tools. ESEM 2007: 176-185 - [c63]Stephen Thomas, Laurie A. Williams:
Using Automated Fix Generation to Secure SQL Statements. SESS@ICSE 2007: 9 - [c62]Laurie A. Williams, Lucas Layman, Kelli M. Slaten, Sarah B. Berenson, Carolyn B. Seaman:
On the Impact of a Collaborative Pedagogy on African American Millennial Students in Software Engineering. ICSE 2007: 677-687 - [c61]Mark Sherriff, Mike Lake, Laurie A. Williams:
Prioritization of Regression Tests using Singular Value Decomposition with Empirical Change Records. ISSRE 2007: 81-90 - [c60]Nachiappan Nagappan, Laurie A. Williams, Mladen A. Vouk, Jason A. Osborne:
Using In-Process Testing Metrics to Estimate Post-Release Field Quality. ISSRE 2007: 209-214 - [c59]Jiang Zheng, Laurie A. Williams, Brian Robinson:
Pallino: automation to support regression test selection for cots-based applications. ASE 2007: 224-233 - [c58]Chih-Wei Ho, Laurie A. Williams, Annie I. Antón:
Improving Performance Requirements Specifications from Field Failure Reports. RE 2007: 79-88 - [c57]Lucas Layman, Laurie A. Williams, Kelli M. Slaten:
Note to self: make assignments meaningful. SIGCSE 2007: 459-463 - [c56]Mark Sherriff, Sarah Smith Heckman, J. Michael Lake, Laurie A. Williams:
Using groupings of static analysis alerts to identify files likely to contain field failures. ESEC/SIGSOFT FSE 2007: 565-568 - [c55]Chih-Wei Ho, Laurie A. Williams:
Developing software performance with the performance refinement and evolution model. WOSP 2007: 133-136 - 2006
- [j23]Laurie A. Williams:
Debunking the Nerd Stereotype with Pair Programming. Computer 39(5): 83-85 (2006) - [j22]Lucas Layman, Laurie A. Williams, Daniela E. Damian, Hynek Bures:
Essential communication practices for Extreme Programming in a global software development team. Inf. Softw. Technol. 48(9): 781-794 (2006) - [j21]Lucas Layman, Laurie A. Williams, Lynn Cunningham:
Motivations and measurements in an agile case study. J. Syst. Archit. 52(11): 654-667 (2006) - [j20]Mario Garzia, John P. Hudepohl, Will Snipes, Michael R. Lyu, John D. Musa, Carol S. Smidts, Laurie A. Williams:
How should software reliability engineering (SRE) be taught? ACM SIGSOFT Softw. Eng. Notes 31(4): 1-5 (2006) - [j19]Jiang Zheng, Laurie A. Williams, Nachiappan Nagappan, Will Snipes, John P. Hudepohl, Mladen A. Vouk:
On the Value of Static Analysis for Fault Detection in Software. IEEE Trans. Software Eng. 32(4): 240-253 (2006) - [c54]Chih-Wei Ho, Michael J. Johnson, Laurie A. Williams, E. Michael Maximilien:
On Agile Performance Requirements Specification and Testing. AGILE 2006: 47-52 - [c53]Laurie A. Williams, Lucas Layman, Jason A. Osborne, Neha Katira:
Examining the Compatibility of Student Pair Programmers. AGILE 2006: 411-420 - [c52]Laurie A. Williams:
Structuring Families of Industrial Case Studies. Empirical Software Engineering Issues 2006: 134 - [c51]Lutz Prechelt, Laurie A. Williams:
Industry-Research Collaboration Working Group Results . Empirical Software Engineering Issues 2006: 153-157 - [c50]Laurie A. Williams, Hakan Erdogmus, Richard W. Selby:
Roadmapping Working Group 4 Results. Empirical Software Engineering Issues 2006: 181-183 - [c49]Jiang Zheng, Brian Robinson, Laurie A. Williams, Karen Smiley:
A Lightweight Process for Change Identification and Regression Test Selection in Using COTS Components. ICCBSS 2006: 137-143 - [c48]Jiang Zheng, Brian Robinson, Laurie A. Williams, Karen Smiley:
Applying regression test selection for COTS-based applications. ICSE 2006: 512-522 - [c47]Mark Sherriff, Laurie A. Williams:
DevCOP: A Software Certificate Management System for Eclipse. ISSRE 2006: 375-384 - [c46]Lucas Layman, Travis Cornwell, Laurie A. Williams:
Personality types, learning styles, and an agile approach to software engineering education. SIGCSE 2006: 428-432 - 2005
- [j18]Michael Gegick, Laurie A. Williams:
Matching attack patterns to security vulnerabilities in software-intensive system designs. ACM SIGSOFT Softw. Eng. Notes 30(4): 1-7 (2005) - [j17]Nachiappan Nagappan, Laurie A. Williams, Mladen A. Vouk, Jason A. Osborne:
Early estimation of software quality using in-process testing metrics: a controlled case study. ACM SIGSOFT Softw. Eng. Notes 30(4): 1-7 (2005) - [j16]Mark Sherriff, Nachiappan Nagappan, Laurie A. Williams, Mladen A. Vouk:
Early estimation of defect density using an in-process Haskell metrics model. ACM SIGSOFT Softw. Eng. Notes 30(4): 1-6 (2005) - [j15]Hema Srikanth, Laurie A. Williams:
On the economics of requirements-based test case prioritization. ACM SIGSOFT Softw. Eng. Notes 30(4): 1-3 (2005) - [j14]Laurie A. Williams, Lucas Layman, Pekka Abrahamsson:
On establishing the essential components of a technology-dependent framework: a strawman framework for industrial case study-based research. ACM SIGSOFT Softw. Eng. Notes 30(4): 1-5 (2005) - [j13]Jiang Zheng, Brian Robinson, Laurie A. Williams, Karen Smiley:
A process for identifying changes when source code is not available. ACM SIGSOFT Softw. Eng. Notes 30(4): 1-4 (2005) - [c45]Kelli M. Slaten, Sarah B. Berenson, Laurie A. Williams, Lucas Layman, Maria A. Droujkova:
Undergraduate Student Perceptions of Pair Programming and Agile Software Methodologies: Verifying a Model of Social Interaction. AGILE 2005: 323-330 - [c44]Mark Sherriff, Nachiappan Nagappan, Laurie A. Williams, Mladen A. Vouk:
Early estimation of defect density using an in-process Haskell metrics model. A-MOST 2005 - [c43]Michael Rappa, Sarah E. Smith, Alex Yacoub, Laurie A. Williams:
OpenSeminar: Web-based Collaboration Tool for Open Educational Resources. CollaborateCom 2005 - [c42]Laurie A. Williams:
Debunking the Geek Stereotype with Software Engineering Education. CSEE&T 2005: 4 - [c41]Laurie A. Williams, Sarah E. Smith, Michael Rappa:
Resources for Agile Software Development in the Software Engineering Course. CSEE&T 2005: 236-238 - [c40]Michael Gegick, Laurie A. Williams:
Matching attack patterns to security vulnerabilities in software-intensive system designs. SESS@ICSE 2005: 1-7 - [c39]Nachiappan Nagappan, Laurie A. Williams, Mladen A. Vouk, Jason A. Osborne:
Early estimation of software quality using in-process testing metrics: a controlled case study. WoSQ@ICSE 2005: 46-52 - [c38]Neha Katira, Laurie A. Williams, Jason A. Osborne:
Towards increasing the compatibility of student pair programmers. ICSE 2005: 625-626 - [c37]Balasubramaniam Ramesh, Pekka Abrahamsson, Alistair Cockburn, Kalle Lyytinen, Laurie A. Williams:
Agile Software Development Methods: When and Why Do They Work? Business Agility and Information Technology Diffusion 2005: 371-373 - [c36]Hema Srikanth, Laurie A. Williams, Jason A. Osborne:
System test case prioritization of new and regression test cases. ISESE 2005: 64-73 - [c35]John D. Musa, Laurie A. Williams:
How Should Software Reliability Engineering Be Taught? ISSRE 2005: 3 - [c34]Laurie A. Williams:
Teaching an Active-Participation University Course in Software Reliability and Testing. ISSRE 2005: 5 - [c33]Nachiappan Nagappan, Laurie A. Williams, Jason A. Osborne, Mladen A. Vouk, Pekka Abrahamsson:
Providing Test Quality Feedback Using Static Source Code and Automatic Test Suite Metrics. ISSRE 2005: 85-94 - [c32]Jiang Zheng, Brian Robinson, Laurie A. Williams, Karen Smiley:
An Initial Study of a Lightweight Process for Change Identification and Regression Test Selection When Source Code Is Not Available. ISSRE 2005: 225-234 - 2004
- [j12]Boby George, Laurie A. Williams:
A structured experiment of test-driven development. Inf. Softw. Technol. 46(5): 337-342 (2004) - [j11]Sarah B. Berenson, Kelli M. Slaten, Laurie A. Williams, Chih-Wei Ho:
Voices of women in a software engineering course: reflections on collaboration. ACM J. Educ. Resour. Comput. 4(1): 3 (2004) - [j10]Laurie A. Williams:
On the need for a process for making reliable quality comparisons with industrial data. ACM SIGSOFT Softw. Eng. Notes 29(5): 1-4 (2004) - [c31]Laurie A. Williams, Anuja Shukla, Annie I. Antón:
An Initial Exploration of the Relationship Between Pair Programming and Brooks' Law. Agile Development Conference 2004: 11-20 - [c30]Lucas Layman, Laurie A. Williams, Lynn Cunningham:
Exploring Extreme Programming in Context: An Industrial Case Study. Agile Development Conference 2004: 32-41 - [c29]Hema Srikanth, Laurie A. Williams, Eric N. Wiebe, Carol Miller, Suzanne Balik:
On Pair Rotation in the Computer Science Course. CSEE&T 2004: 144-149 - [c28]Chih-Wei Ho, Somik Raha, Edward F. Gehringer, Laurie A. Williams:
Sangam: a distributed pair programming plug-in for Eclipse. eTX 2004: 73-77 - [c27]Aldo Dagnino, Karen Smiley, Hema Srikanth, Annie I. Antón, Laurie A. Williams:
Experiences in applying agile software development practices in new product development. IASTED Conf. on Software Engineering and Applications 2004: 501-506 - [c26]Martin Davidsson, Jiang Zheng, Nachiappan Nagappan, Laurie A. Williams, Mladen A. Vouk:
GERT: An Empirical Reliability Estimation and Testing Feedback Tool. ISSRE 2004: 269-280 - [c25]Nachiappan Nagappan, Laurie A. Williams, John P. Hudepohl, Will Snipes, Mladen A. Vouk:
Preliminary Results On Using Static Analysis Tools For Software Inspection. ISSRE 2004: 429-439 - [c24]Neha Katira, Laurie A. Williams, Eric N. Wiebe, Carol Miller, Suzanne Balik, Edward F. Gehringer:
On understanding compatibility of student pair programmers. SIGCSE 2004: 7-11 - [c23]Joe Bergin, James Caristi, Yael Dubinsky, Orit Hazzan, Laurie A. Williams:
Teaching software development methods: the case of extreme programming. SIGCSE 2004: 448-449 - [r1]Laurie A. Williams:
Software Engineering for Internet Applications. The Practical Handbook of Internet Computing 2004 - 2003
- [b1]Laurie A. Williams, Robert R. Kessler:
Pair Programming Illuminated. Addison Wesley 2003, ISBN 978-0-201-74576-4, pp. I-XXI, 1-265 - [j9]Laurie A. Williams, Alistair Cockburn:
Guest Editors' Introduction: Agile Software Development: It's about Feedback and Change. Computer 36(6): 39-43 (2003) - [j8]Laurie A. Williams:
Guest Editor's Introduction: The XP Programmer-The Few-Minutes Programmer. IEEE Softw. 20(3): 16-20 (2003) - [c22]E. Michael Maximilien, Laurie A. Williams:
Assessing Test-Driven Development at IBM. ICSE 2003: 564-569 - [c21]Laurie A. Williams, Charlie McDowell, Nachiappan Nagappan, Julian Fernald, Linda L. Werner:
Building Pair Programming Knowledge through a Family of Experiments. ISESE 2003: 143-153 - [c20]Laurie A. Williams, E. Michael Maximilien, Mladen A. Vouk:
Test-Driven Development as a Defect-Reduction Practice. ISSRE 2003: 34-48 - [c19]Nachiappan Nagappan, Laurie A. Williams, Mladen A. Vouk:
"Good enough" software reliability estimation plug-in for Eclipse. eTX 2003: 30-34 - [c18]Boby George, Laurie A. Williams:
An Initial Investigation of Test Driven Development in Industry. SAC 2003: 1135-1139 - [c17]Prashant Baheti, Laurie A. Williams, Aldo Dagnino, Andrew Cordes:
On Identifying Deficiencies in a Knowledge Management System. SEKE 2003: 385-392 - [c16]Nachiappan Nagappan, Laurie A. Williams, Miriam Ferzli, Eric N. Wiebe, Kai Yang, Carol Miller, Suzanne Balik:
Improving the CS1 experience with pair programming. SIGCSE 2003: 359-362 - [c15]P. David Stotts, Laurie A. Williams, Nachiappan Nagappan, Prashant Baheti, Dennis Jen, Anne Jackson:
Virtual Teaming: Experiments and Experiences with Distributed Pair Programming. XP/Agile Universe 2003: 129-141 - [c14]Nachiappan Nagappan, Laurie A. Williams, Eric N. Wiebe, Carol Miller, Suzanne Balik, Miriam Ferzli, Julie Petlick:
Pair Learning: With an Eye Toward Future Success. XP/Agile Universe 2003: 185-198 - [c13]Grigori Melnik, Laurie A. Williams, Adam Geras:
International Workshop on Empirical Evaluation of Agile Methods ("The Data Workshop"). XP/Agile Universe 2003: 211 - 2002
- [j7]Laurie A. Williams, James E. Tomayko:
Agile Software Development. Comput. Sci. Educ. 12(3): 167-168 (2002) - [j6]Gregory W. Hislop, Michael J. Lutz, J. Fernando Naveda, W. Michael McCracken, Nancy R. Mead, Laurie A. Williams:
Integrating Agile Practices into Software Engineering Courses. Comput. Sci. Educ. 12(3): 169-185 (2002) - [j5]Laurie A. Williams, Eric N. Wiebe, Kai Yang, Miriam Ferzli, Carol Miller:
In Support of Pair Programming in the Introductory Computer Science Course. Comput. Sci. Educ. 12(3): 197-212 (2002) - [j4]Jürgen Börstler, David A. Carrington, Gregory W. Hislop, Susan K. Lisack, Keith Olson, Laurie A. Williams:
Teaching the PSP: Challenges and Lessons Learned. IEEE Softw. 19(5): 42-48 (2002) - [c12]Anuja Shukla, Laurie A. Williams:
Adapting Extreme Programming for a Core Software Engineering Course. CSEE&T 2002: 184-191 - [c11]Laurie A. Williams, Michael J. Lutz, Gregory W. Hislop, Michael McCracken, Nancy R. Mead, J. Fernando Naveda:
Workshop 3: Integrating Agile Practices into Software Engineering Courses. CSEE&T 2002: 263-264 - [c10]Mikael Lindvall, Victor R. Basili, Barry W. Boehm, Patricia Costa, Kathleen Coleman Dangle, Forrest Shull, Roseanne Tesoriero Tvedt, Laurie A. Williams, Marvin V. Zelkowitz:
Empirical Findings in Agile Methods. XP/Agile Universe 2002: 197-207 - [c9]Laurie A. Williams, Robert R. Kessler:
Pair Programming: Experience the Difference. XP/Agile Universe 2002: 271-272 - [c8]P. David Stotts, Laurie A. Williams:
Distributed Pair Programming. XP/Agile Universe 2002: 283 - [c7]Grigori Melnik, Laurie A. Williams, Adam Geras:
Empirical Evaluation of Agile Processes. XP/Agile Universe 2002: 286 - [e1]Don Wells, Laurie A. Williams:
Extreme Programming and Agile Methods - XP/Agile Universe 2002, Second XP Universe and First Agile Universe Conference Chicago, IL, USA, August 4-7, 2002, Proceedings. Lecture Notes in Computer Science 2418, Springer 2002, ISBN 3-540-44024-0 [contents] - 2001
- [j3]Laurie A. Williams, Robert R. Kessler:
Experiments with Industry's "Pair-Programming" Model in the Computer Science Classroom. Comput. Sci. Educ. 11(1): 7-20 (2001) - [c6]Laurie A. Williams:
Integrating Pair Programming into a Software Development Process. CSEE&T 2001: 27- - [c5]Ryan A. Carter, Annie I. Antón, Laurie A. Williams, Aldo Dagnino:
Evolving Beyond Requirements Creep: A Risk-Based Evolutionary Prototyping Model. RE 2001: 94-101 - [c4]Laurie A. Williams, Richard L. Upchurch:
In support of student pair-programming. SIGCSE 2001: 327-331 - [c3]Carolee Stewart-Gardiner, David G. Kay, Joyce Currie Little, Joseph D. Chase, John Fendrich, Laurie A. Williams, Ursula Wolz:
Collaboration vs plagiarism in computer science programming courses. SIGCSE 2001: 406-407 - 2000
- [j2]Laurie A. Williams, Robert R. Kessler:
All I Really Need to Know About Pair Programming I Learned in Kindergarten. Commun. ACM 43(5): 108-114 (2000) - [j1]Laurie A. Williams, Robert R. Kessler, Ward Cunningham, Ron Jeffries:
Strengthening the Case for Pair Programming. IEEE Softw. 17(4): 19-25 (2000) - [c2]Laurie A. Williams, Robert R. Kessler:
The Effects of "Pair-Pressure" and "Pair-Learning" on Software Engineering Education. CSEE&T 2000: 59-65 - [c1]Steven Fraser, Kent L. Beck, Ward Cunningham, Ron Crocker, Martin Fowler, Linda Rising, Laurie A. Williams:
Hacker or hero? - extreme programming today (panel session). OOPSLA Addendum 2000: 5-7
Coauthor Index
aka: Patrick J. Morrison
aka: Akond Rahman
aka: Md. Rayhanur Rahman
aka: Benjamin H. Smith
manage site settings
To protect your privacy, all features that rely on external API calls from your browser are turned off by default. You need to opt-in for them to become active. All settings here will be stored as cookies with your web browser. For more information see our F.A.Q.
Unpaywalled article links
Add open access links from to the list of external document links (if available).
Privacy notice: By enabling the option above, your browser will contact the API of unpaywall.org to load hyperlinks to open access articles. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Unpaywall privacy policy.
Archived links via Wayback Machine
For web page which are no longer available, try to retrieve content from the of the Internet Archive (if available).
Privacy notice: By enabling the option above, your browser will contact the API of archive.org to check for archived content of web pages that are no longer available. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Internet Archive privacy policy.
Reference lists
Add a list of references from , , and to record detail pages.
load references from crossref.org and opencitations.net
Privacy notice: By enabling the option above, your browser will contact the APIs of crossref.org, opencitations.net, and semanticscholar.org to load article reference information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the Crossref privacy policy and the OpenCitations privacy policy, as well as the AI2 Privacy Policy covering Semantic Scholar.
Citation data
Add a list of citing articles from and to record detail pages.
load citations from opencitations.net
Privacy notice: By enabling the option above, your browser will contact the API of opencitations.net and semanticscholar.org to load citation information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the OpenCitations privacy policy as well as the AI2 Privacy Policy covering Semantic Scholar.
OpenAlex data
Load additional information about publications from .
Privacy notice: By enabling the option above, your browser will contact the API of openalex.org to load additional information. Although we do not have any reason to believe that your call will be tracked, we do not have any control over how the remote server uses your data. So please proceed with care and consider checking the information given by OpenAlex.
last updated on 2025-01-13 02:01 CET by the dblp team
all metadata released as open data under CC0 1.0 license
see also: Terms of Use | Privacy Policy | Imprint