Identifying security vulnerabilities in software is a critical task that requires significant human effort. Currently, vulnerability discovery is often the responsibility of software testers before release and white-hat hackers (often within bug bounty programs) afterward. This arrangement can be ad-hoc and far from ideal; for example, if testers could identify more vulnerabilities, software would be more secure at release time. Thus far, however, the processes used by each group -and how they compare to and interact with each other -have not been well studied. This paper takes a first step toward better understanding, and eventually improving, this ecosystem: we report on a semi-structured interview study (n=25) with both testers and hackers, focusing on how each group finds vulnerabilities, how they develop their skills, and the challenges they face. The results suggest that hackers and testers follow similar processes, but get different results due largely to differing experiences and therefore different underlying knowledge of security concepts. Based on these results, we provide recommendations to support improved security training for testers, better communication between hackers and developers, and smarter bug bounty policies to motivate hacker participation.1 The way people think and the perspectives and previous experiences they bring to bear on a problem [24, pg. 40-65].
Density functional theory (DFT) was used to examine the mechanisms of hydrogen activation and spillover on anatase TiO 2 -supported Ag single-atom catalysts. Stable structures of Ag were proposed on the (001) facet, considered a more catalytically active surface, and ( 101), a more stable facet. Surface oxygen vacancies (O vac ) were more favorably formed in the presence of Ag single atoms, reducing the energy of O vac formation by 0.5 eV on (001) and 0.9 eV on (101). Ag single atoms adsorbed on TiO 2 ( 001) and ( 101) surfaces promote H 2 dissociative adsorption through a heterolytic mechanism, with an average activation barrier of 0.26 eV. Finally, reaction energies were calculated that corroborate experimental results of continuous hydrogen spillover from Ag to the TiO 2 support.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.