Software Archeology @ RIT
Welcome to our blog! Here you will find news and updates from the various case studies we’re working on.
This year, we’re focusing in on two keys areas: code inspections and vulnerabilities. In particular, our main question is to ask: do code inspections truly prevent vulnerabilities, and if so, to what extent? Furthermore, what are the elements of a successful code inspection, from a socio-technical perspective? That is, how do collaboration and diversity of skillsets in developers coalesce into a good code inspection?
The case study we’ll be working is the Chromium browser. Chromium is the basis for Google Chrome, and has a massive code base with a large, active open source community. Historically, they have had a variety of vulnerabilities found and fixed. One distinguishing feature about this project, however, is that all source code changes must be inspected prior to being integrated into the system. These inspections are all logged, so this data is ripe for mining.
This project is sponsored by the Collaborative Research Experiences for Undergraduates, funded by the National Science Foundation.