Software reliability: measurement, prediction, application
Software reliability: measurement, prediction, application
Two case studies of open source software development: Apache and Mozilla
ACM Transactions on Software Engineering and Methodology (TOSEM)
Have things changed now?: an empirical study of bug characteristics in modern open source software
Proceedings of the 1st workshop on Architectural and system support for improving software dependability
Information Systems Frontiers
On Reliability Analysis of Open Source Software - FEDORA
ISSRE '08 Proceedings of the 2008 19th International Symposium on Software Reliability Engineering
Towards a unifying approach in understanding security problems
ISSRE'09 Proceedings of the 20th IEEE international conference on software reliability engineering
Hi-index | 0.00 |
Existing studies on problem reports in open source projects focus primarily on the analysis of the general category of problem reports, or limit their attention to observations on the number of security problem reports. To evaluate the security of a project, it is necessary to know not only how many security problem reports are logged but also how many are reported and how promptly they are corrected etc. In this paper, we study publicly disclosed security problem reports from eight releases of Fedora, nine releases of Ubuntu, four releases of RedHat Enterprise Linux (RHEL) and two releases of Suse Linux distributions, analyse and discuss which type of problem reports and how frequently they are reported, and how promptly they are corrected. Overall, Fedora and Suse show good results with high and medium severity security problem reports resolved without a backlog. On the other hand, RHEL and Ubuntu show less positive results with presence of backlogs.