“…Minh Le et al [14] analyse developers' Security Vulnerabilities (SVs) discussions on two major Q&A websites, SO and Security StackExchange (SSE). Using topic modeling, they examined 71,329 SV posts to identify 13 main discussion topics.…”
Section: Mining Software Issues Across Qanda Repositoriesmentioning
confidence: 99%
“…Method: Drawing from the work of [40,41,14], we utilized average values of (P1) views, (P2) score, (P3) favorite count, and (P4) comments to gauge the popularity of developers' topics. Concurrently, we computed three metrics-(D1) percentage of accepted answers, (D2) median duration (minutes) to receive an accepted answer since creation, and (D3) average percentage of answers to views-to assess topic difficulty.…”
Section: Research Questionsmentioning
confidence: 99%
“…Latent Dirichlet Allocation (LDA) [20] is among the most popular unsupervised topic modeling algorithms frequently employed to extract topics from text corpus [36]. It has been used in different other domains [45,46], such as continuous software engineering [12], Docker development [13], requirements engineering [47], and security vulnerability [14]. Following the work of Mansooreh et al [12], we define a question's title, body, and corresponding answers as one input document for the LDA model and output the number of frequently occurring topics identified in the text corpus.…”
Section: Topic Modellingmentioning
confidence: 99%
“…Recently, researchers have used supervised (deep & machine learning) and unsupervised learning (topic Modelling) techniques to analyze a wide range of software development-related issues encountered by developers on Q&A websites [11]. These studies have proposed automated methods to extract developers' discussion posts on various topics, such as challenges in continuous software engineering [12], identifying challenges in Docker development [13], security vulnerability [14], software bug detection [15], developers' communications and their implications [16], non-functional requirements [17], design patterns [18], and software maintenance and evolution [19]. Nonetheless, we have not found any research that specifically investigates developers' discussions on Q&A platforms with a focus on software development approaches.…”
Due to the consequences of global software development (GSD), the traditional approaches of software development evolved into lightweight agile methods. The agile methods got overwhelming response from software development companies due to their obvious support to GSD. In this regard, limited research work has been presented on software process evolution and process paradigm shift in context of GSD. Most of the work presented on GSD mainly focus on the companies in Europe, America, Australia and other western countries. Existing research work highlight the standard benefits and challenges of GSD but do not investigate its effect on software development processes and associated reasons causing the affect particularly in Malaysian software development companies. The research work presented in this paper addresses this issue and investigates the effects of GSD on software processes, software process evolution and paradigm shift and finds the current software processes being used in Malaysian companies. Also, it further determines the GSD factors and reasons behind the change and selection of a software development process. GSD factors affecting the software processes have been termed as challenges. Structured interviews have been conducted to collect qualitative data from industry professionals involved in GSD. General inductive approach has been used for qualitative data analysis and findings. The results show that after GSD, Malaysian companies are mostly following agile methods. The traditional and ad-hoc approaches used before GSD have been replaced by the lightweight agile methodologies. Few of the companies are still following ad-hoc approaches mainly due to size of the project and company as most of the Malaysian companies are small and medium size. The research is significant that it provides clear insight into software process paradigm in Malaysian companies. The outcome of the research provides foundations for the standardization of software processes, process improvement, selection and quality enhancement approaches in Malaysian companies.
“…Minh Le et al [14] analyse developers' Security Vulnerabilities (SVs) discussions on two major Q&A websites, SO and Security StackExchange (SSE). Using topic modeling, they examined 71,329 SV posts to identify 13 main discussion topics.…”
Section: Mining Software Issues Across Qanda Repositoriesmentioning
confidence: 99%
“…Method: Drawing from the work of [40,41,14], we utilized average values of (P1) views, (P2) score, (P3) favorite count, and (P4) comments to gauge the popularity of developers' topics. Concurrently, we computed three metrics-(D1) percentage of accepted answers, (D2) median duration (minutes) to receive an accepted answer since creation, and (D3) average percentage of answers to views-to assess topic difficulty.…”
Section: Research Questionsmentioning
confidence: 99%
“…Latent Dirichlet Allocation (LDA) [20] is among the most popular unsupervised topic modeling algorithms frequently employed to extract topics from text corpus [36]. It has been used in different other domains [45,46], such as continuous software engineering [12], Docker development [13], requirements engineering [47], and security vulnerability [14]. Following the work of Mansooreh et al [12], we define a question's title, body, and corresponding answers as one input document for the LDA model and output the number of frequently occurring topics identified in the text corpus.…”
Section: Topic Modellingmentioning
confidence: 99%
“…Recently, researchers have used supervised (deep & machine learning) and unsupervised learning (topic Modelling) techniques to analyze a wide range of software development-related issues encountered by developers on Q&A websites [11]. These studies have proposed automated methods to extract developers' discussion posts on various topics, such as challenges in continuous software engineering [12], identifying challenges in Docker development [13], security vulnerability [14], software bug detection [15], developers' communications and their implications [16], non-functional requirements [17], design patterns [18], and software maintenance and evolution [19]. Nonetheless, we have not found any research that specifically investigates developers' discussions on Q&A platforms with a focus on software development approaches.…”
Due to the consequences of global software development (GSD), the traditional approaches of software development evolved into lightweight agile methods. The agile methods got overwhelming response from software development companies due to their obvious support to GSD. In this regard, limited research work has been presented on software process evolution and process paradigm shift in context of GSD. Most of the work presented on GSD mainly focus on the companies in Europe, America, Australia and other western countries. Existing research work highlight the standard benefits and challenges of GSD but do not investigate its effect on software development processes and associated reasons causing the affect particularly in Malaysian software development companies. The research work presented in this paper addresses this issue and investigates the effects of GSD on software processes, software process evolution and paradigm shift and finds the current software processes being used in Malaysian companies. Also, it further determines the GSD factors and reasons behind the change and selection of a software development process. GSD factors affecting the software processes have been termed as challenges. Structured interviews have been conducted to collect qualitative data from industry professionals involved in GSD. General inductive approach has been used for qualitative data analysis and findings. The results show that after GSD, Malaysian companies are mostly following agile methods. The traditional and ad-hoc approaches used before GSD have been replaced by the lightweight agile methodologies. Few of the companies are still following ad-hoc approaches mainly due to size of the project and company as most of the Malaysian companies are small and medium size. The research is significant that it provides clear insight into software process paradigm in Malaysian companies. The outcome of the research provides foundations for the standardization of software processes, process improvement, selection and quality enhancement approaches in Malaysian companies.
“…Whilst some of our topics overlap with the existing security-related LDA research (Yang et al 2016;Zahedi et al 2018;Le et al 2020a), our overall taxonomy differs substantially as we avoid technology specific topics and ensure generalizability for comparison. Furthermore, due to the consideration of programming language our analyzed posts differ substantially.…”
Section: Topic Modelling Of Software Engineeringmentioning
Given programming languages can provide different types and levels of security support, it is critically important to consider security aspects while selecting programming languages for developing software systems. Inadequate consideration of security in the choice of a programming language may lead to potential ramifications for secure development. Whilst theoretical analysis of the supposed security properties of different programming languages has been conducted, there has been relatively little effort to empirically explore the actual security challenges experienced by developers. We have performed a large-scale study of the security challenges of 15 programming languages by quantitatively and qualitatively analysing the developers' discussions from Stack Overflow and GitHub. By leveraging topic modelling, we have derived a taxonomy of 18 major security challenges for 6 topic categories. We have also conducted comparative analysis to understand how the identified challenges vary regarding the different programming languages and data sources. Our findings suggest that the challenges and their characteristics differ substantially for different programming languages and data sources, i.e., Stack Overflow and GitHub. The findings provide evidence-based insights and understanding of security challenges related to different programming languages to software professionals (i.e., practitioners or researchers). The reported taxonomy of security challenges can assist both practitioners and researchers in better understanding and traversing the secure development landscape. This study highlights the importance of the choice of technology, e.g., programming language, in secure software engineering. Hence, the findings are expected to motivate practitioners to consider the potential impact of the choice of programming languages on software security.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.