{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,11]],"date-time":"2026-06-11T16:04:33Z","timestamp":1781193873579,"version":"3.54.1"},"publisher-location":"Cham","reference-count":65,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783032280787","type":"print"},{"value":"9783032280794","type":"electronic"}],"license":[{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-3-032-28079-4_17","type":"book-chapter","created":{"date-parts":[[2026,6,11]],"date-time":"2026-06-11T15:33:54Z","timestamp":1781192034000},"page":"367-390","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Quantitative Symbolic Patch Impact Analysis"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4793-7859","authenticated-orcid":false,"given":"Laboni","family":"Sarker","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2053-7150","authenticated-orcid":false,"given":"Abdus","family":"Satter","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2993-1215","authenticated-orcid":false,"given":"Tevfik","family":"Bultan","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2026,6,12]]},"reference":[{"key":"17_CR1","unstructured":"Ffmpeg. https:\/\/github.com\/FFmpeg\/FFmpeg.git. Accessed 10 Mar 2025"},{"key":"17_CR2","unstructured":"Linux. https:\/\/github.com\/torvalds\/linux.git. Accessed 10 Mar 2025"},{"key":"17_CR3","unstructured":"Qemu. https:\/\/github.com\/qemu\/qemu.git. Accessed 10 Mar 2025"},{"key":"17_CR4","unstructured":"(2026). https:\/\/github.com\/laboni68\/PatchImpactAnalysis.git"},{"key":"17_CR5","doi-asserted-by":"crossref","unstructured":"Asad, M., Ganguly, K.K., Sakib, K.: Impact analysis of syntactic and semantic similarities on patch prioritization in automated program repair. In: 2019 IEEE International Conference on Software Maintenance and Evolution (ICSME), pp. 328\u2013332. IEEE (2019)","DOI":"10.1109\/ICSME.2019.00050"},{"key":"17_CR6","doi-asserted-by":"publisher","unstructured":"Asad, M., Ganguly, K.K., Sakib, K.: Impact analysis of syntactic and semantic similarities on patch prioritization in automated program repair. In: 2019 IEEE International Conference on Software Maintenance and Evolution (ICSME), pp. 328\u2013332 (2019). https:\/\/doi.org\/10.1109\/ICSME.2019.00050","DOI":"10.1109\/ICSME.2019.00050"},{"key":"17_CR7","doi-asserted-by":"publisher","unstructured":"Aydin, A., Bang, L., Bultan, T.: Automata-based model counting for string constraints, pp. 255\u2013272 (2015). https:\/\/doi.org\/10.1007\/978-3-319-21690-4_15","DOI":"10.1007\/978-3-319-21690-4_15"},{"key":"17_CR8","doi-asserted-by":"publisher","unstructured":"Backes, J., Person, S., Rungta, N., Tkachuk, O.: Regression verification using impact summaries, vol.\u00a07976 (2013). https:\/\/doi.org\/10.1007\/978-3-642-39176-7_7","DOI":"10.1007\/978-3-642-39176-7_7"},{"key":"17_CR9","doi-asserted-by":"publisher","unstructured":"Badihi, S., Akinotcho, F., Li, Y., Rubin, J.: Ardiff: scaling program equivalence checking via iterative abstraction and refinement of common code, pp. 13\u201324 (2020). https:\/\/doi.org\/10.1145\/3368089.3409757","DOI":"10.1145\/3368089.3409757"},{"key":"17_CR10","doi-asserted-by":"publisher","unstructured":"Badihi, S., Li, Y., Rubin, J.: Eqbench: a dataset of equivalent and non-equivalent program pairs, pp. 610\u2013614 (2021). https:\/\/doi.org\/10.1109\/MSR52588.2021.00084","DOI":"10.1109\/MSR52588.2021.00084"},{"key":"17_CR11","unstructured":"Baldoni, V., et al.: Latte integrale v1.7.2. http:\/\/www.math.ucdavis.edu\/~latte\/"},{"key":"17_CR12","doi-asserted-by":"crossref","unstructured":"Black, P.E., Black, P.E.: Juliet 1.3 test suite: Changes from 1.2. US Department of Commerce, National Institute of Standards and Technology (2018)","DOI":"10.6028\/NIST.TN.1995"},{"key":"17_CR13","doi-asserted-by":"crossref","unstructured":"Boland, T., Black, P.E.: Juliet 1. 1 c\/c++ and java test suite. Computer 45(10), 88\u201390 (2012)","DOI":"10.1109\/MC.2012.345"},{"issue":"6","key":"17_CR14","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1145\/2666356.2594329","volume":"49","author":"M Borges","year":"2014","unstructured":"Borges, M., Filieri, A., d\u2019Amorim, M., P\u0103s\u0103reanu, C.S., Visser, W.: Compositional solution space quantification for probabilistic software analysis. SIGPLAN Not. 49(6), 123\u2013132 (2014). https:\/\/doi.org\/10.1145\/2666356.2594329","journal-title":"SIGPLAN Not."},{"key":"17_CR15","doi-asserted-by":"publisher","unstructured":"Borges, M., Filieri, A., d\u2019Amorim, M., P\u0103s\u0103reanu, C.: Iterative distribution-aware sampling for probabilistic symbolic execution, pp. 866\u2013877 (2015). https:\/\/doi.org\/10.1145\/2786805.2786832","DOI":"10.1145\/2786805.2786832"},{"key":"17_CR16","doi-asserted-by":"publisher","unstructured":"Cadar, C., Palikareva, H.: Shadow symbolic execution for better testing of evolving software (2014). https:\/\/doi.org\/10.1145\/2591062.2591104","DOI":"10.1145\/2591062.2591104"},{"key":"17_CR17","doi-asserted-by":"crossref","unstructured":"Chen, H., Mao, Y., Wang, X., Zhou, D., Zeldovich, N., Kaashoek, M.F.: Linux kernel vulnerabilities: state-of-the-art defenses and open problems. In: Proceedings of the Second Asia-Pacific Workshop on Systems, pp. 1\u20135 (2011)","DOI":"10.1145\/2103799.2103805"},{"key":"17_CR18","unstructured":"Corporation, T.M.: Cwe category: Numeric errors. https:\/\/cwe.mitre.org\/data\/definitions\/189.html"},{"key":"17_CR19","doi-asserted-by":"publisher","unstructured":"Filieri, A., P\u0103s\u0103reanu, C.S., Visser, W., Geldenhuys, J.: Statistical symbolic execution with informed sampling. In: Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering, FSE 2014, pp. 437\u2013448. Association for Computing Machinery, New York (2014). https:\/\/doi.org\/10.1145\/2635868.2635899","DOI":"10.1145\/2635868.2635899"},{"key":"17_CR20","doi-asserted-by":"crossref","unstructured":"Filieri, A., P\u0103s\u0103reanu, C.S., Yang, G.: Quantification of software changes through probabilistic symbolic execution (n). In: 30th IEEE\/ACM International Conference on Automated Software Engineering (ASE), pp. 703\u2013708. IEEE (2015)","DOI":"10.1109\/ASE.2015.78"},{"key":"17_CR21","doi-asserted-by":"publisher","unstructured":"Geldenhuys, J., Dwyer, M.B., Visser, W.: Probabilistic symbolic execution. In: Proceedings of the 2012 International Symposium on Software Testing and Analysis, ISSTA 2012, pp. 166\u2013176. Association for Computing Machinery, New York (2012). https:\/\/doi.org\/10.1145\/2338965.2336773","DOI":"10.1145\/2338965.2336773"},{"issue":"2","key":"17_CR22","first-page":"134","volume":"1","author":"AS George","year":"2024","unstructured":"George, A.S.: When trust fails: examining systemic risk in the digital economy from the 2024 crowdstrike outage. Partners Univ. Multidisc. Res. J. 1(2), 134\u2013152 (2024)","journal-title":"Partners Univ. Multidisc. Res. J."},{"key":"17_CR23","doi-asserted-by":"crossref","unstructured":"Ghanbari, A., Marcus, A.: Patch correctness assessment in automated program repair based on the impact of patches on production and test code. In: Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, pp. 654\u2013665 (2022)","DOI":"10.1145\/3533767.3534368"},{"key":"17_CR24","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2024.112037","volume":"213","author":"J Glock","year":"2024","unstructured":"Glock, J., Pichler, J., Pinzger, M.: Pasda: a partition-based semantic differencing approach with best effort classification of undecided cases. J. Syst. Softw. 213, 112037 (2024). https:\/\/doi.org\/10.1016\/j.jss.2024.112037","journal-title":"J. Syst. Softw."},{"key":"17_CR25","doi-asserted-by":"publisher","unstructured":"Jiang, J., Xiong, Y., Zhang, H., Gao, Q., Chen, X.: Shaping program repair space with existing patches and similar code. In: Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2018, pp. 298\u2013309. Association for Computing Machinery, New York (2018). https:\/\/doi.org\/10.1145\/3213846.3213871","DOI":"10.1145\/3213846.3213871"},{"key":"17_CR26","doi-asserted-by":"publisher","unstructured":"Jiang, Z., Shi, L., Yang, G., Wang, Q.: Patuntrack: automated generating patch examples for issue reports without tracked insecure code. In: Proceedings of the 39th IEEE\/ACM International Conference on Automated Software Engineering, ASE \u201924, pp. 1\u201313. Association for Computing Machinery, New York (2024). https:\/\/doi.org\/10.1145\/3691620.3694982","DOI":"10.1145\/3691620.3694982"},{"key":"17_CR27","volume-title":"Extreme Privilege Escalation on Windows 8\/uefi Systems","author":"C Kallenberg","year":"2014","unstructured":"Kallenberg, C., Kovah, X., Butterworth, J., Cornwell, S.: Extreme Privilege Escalation on Windows 8\/uefi Systems. BlackHat, Las Vegas (2014)"},{"key":"17_CR28","unstructured":"Kawaguchi, M., Lahiri, S.K., Rebelo, H.: Conditional equivalence. Microsoft. MSR-TR-2010-119 Technical Report (2010)"},{"key":"17_CR29","doi-asserted-by":"publisher","unstructured":"Kim, S., McCamant, S.: Bit-Vector Model Counting Using Statistical Estimation, pp. 133\u2013151 (2018). https:\/\/doi.org\/10.1007\/978-3-319-89960-2_8","DOI":"10.1007\/978-3-319-89960-2_8"},{"issue":"3","key":"17_CR30","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3208952","volume":"27","author":"T Kuchta","year":"2018","unstructured":"Kuchta, T., Palikareva, H., Cadar, C.: Shadow symbolic execution for testing software patches. ACM Trans. Softw. Eng. Methodol. (TOSEM) 27(3), 1\u201332 (2018)","journal-title":"ACM Trans. Softw. Eng. Methodol. (TOSEM)"},{"key":"17_CR31","doi-asserted-by":"publisher","unstructured":"Lahiri, S., Hawblitzel, C., Kawaguchi, M., Reb\u00ealo, H.: Symdiff: a language-agnostic semantic diff tool for imperative programs (2012). https:\/\/doi.org\/10.1007\/978-3-642-31424-7_54","DOI":"10.1007\/978-3-642-31424-7_54"},{"key":"17_CR32","doi-asserted-by":"publisher","unstructured":"Le, V., Afshari, M., Su, Z.: Compiler validation via equivalence modulo inputs. ACM SIGPLAN Not. 49 (2014). https:\/\/doi.org\/10.1145\/2594291.2594334","DOI":"10.1145\/2594291.2594334"},{"key":"17_CR33","unstructured":"Lefdal, J.B., Reis\u00e6ter, D.W.: Security patch management-an overview of the patching process and its challenges in Norwegian businesses (2022)"},{"issue":"1","key":"17_CR34","doi-asserted-by":"publisher","first-page":"298","DOI":"10.1145\/2914770.2837617","volume":"51","author":"F Long","year":"2016","unstructured":"Long, F., Rinard, M.: Automatic patch generation by learning correct code. SIGPLAN Not. 51(1), 298\u2013312 (2016). https:\/\/doi.org\/10.1145\/2914770.2837617","journal-title":"SIGPLAN Not."},{"key":"17_CR35","doi-asserted-by":"publisher","unstructured":"Luu, L., Shinde, S., Saxena, P., Demsky, B.: A model counter for constraints over unbounded strings. ACM SIGPLAN Not. 49 (2014). https:\/\/doi.org\/10.1145\/2594291.2594331","DOI":"10.1145\/2594291.2594331"},{"key":"17_CR36","doi-asserted-by":"publisher","unstructured":"Machiry, A., Redini, N., Camellini, E., Kruegel, C., Vigna, G.: Spider: enabling fast patch propagation in related software repositories. In: 2020 IEEE Symposium on Security and Privacy (SP), pp. 1562\u20131579 (2020). https:\/\/doi.org\/10.1109\/SP40000.2020.00038","DOI":"10.1109\/SP40000.2020.00038"},{"key":"17_CR37","doi-asserted-by":"crossref","unstructured":"Mechtaev, S., Yi, J., Roychoudhury, A.: Angelix: scalable multiline program patch synthesis via symbolic analysis. In: Proceedings of the 38th International Conference on Software Engineering, pp. 691\u2013701 (2016)","DOI":"10.1145\/2884781.2884807"},{"key":"17_CR38","doi-asserted-by":"publisher","unstructured":"Mora, F., Li, Y., Rubin, J., Chechik, M.: Client-specific equivalence checking, pp. 441\u2013451 (2018). https:\/\/doi.org\/10.1145\/3238147.3238178","DOI":"10.1145\/3238147.3238178"},{"key":"17_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"441","DOI":"10.1007\/978-3-319-24255-2_32","volume-title":"Computer Safety, Reliability, and Security","author":"P Muntean","year":"2015","unstructured":"Muntean, P., Kommanapalli, V., Ibing, A., Eckert, C.: Automated generation of buffer overflow quick fixes using symbolic execution and SMT. In: Koornneef, F., van Gulijk, C. (eds.) SAFECOMP 2015. LNCS, vol. 9337, pp. 441\u2013456. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-24255-2_32"},{"key":"17_CR40","unstructured":"Ninh, T., Hung Nguyen, V., Shone, N., Babenko, M.: Function exclusion in automated security patch testing using chopped symbolic execution. In: 2021 18th NAFOSTED Conference on Information and Computer Science (NICS). IEEE (2022)"},{"key":"17_CR41","doi-asserted-by":"publisher","unstructured":"Niu, S., Mo, J., Zhang, Z., Lv, Z.: Overview of linux vulnerabilities. In: Proceedings of the 2nd International Conference on Soft Computing in Information Communication Technology, pp. 225\u2013228. Atlantis Press (2014). https:\/\/doi.org\/10.2991\/scict-14.2014.55","DOI":"10.2991\/scict-14.2014.55"},{"key":"17_CR42","unstructured":"OpenAI: Gpt-4o model (2023). https:\/\/platform.openai.com\/docs\/models\/gpt-4o. Accessed 18 Jan 2026"},{"key":"17_CR43","doi-asserted-by":"publisher","unstructured":"Palikareva, H., Kuchta, T., Cadar, C.: Shadow of a doubt: testing for divergences between software versions (2016). https:\/\/doi.org\/10.1145\/2884781.2884845","DOI":"10.1145\/2884781.2884845"},{"key":"17_CR44","doi-asserted-by":"publisher","unstructured":"Person, S., Dwyer, M.B., Elbaum, S., P\u0103s\u0103reanu, C.S.: Differential symbolic execution. In: Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering, SIGSOFT \u201908\/FSE-16, pp. 226\u2013237. Association for Computing Machinery, New York (2008). https:\/\/doi.org\/10.1145\/1453101.1453131","DOI":"10.1145\/1453101.1453131"},{"key":"17_CR45","doi-asserted-by":"publisher","unstructured":"Ponomarenko, A., Rubanov, V.: Automatic backward compatibility analysis of software component binary interfaces. In: 2011 IEEE International Conference on Computer Science and Automation Engineering, vol.\u00a03, pp. 167\u2013173 (2011). https:\/\/doi.org\/10.1109\/CSAE.2011.5952657","DOI":"10.1109\/CSAE.2011.5952657"},{"key":"17_CR46","unstructured":"Pulliainen, T.: Linux patch management: comparison of practical implementations (2016)"},{"key":"17_CR47","doi-asserted-by":"crossref","first-page":"20777","DOI":"10.1109\/ACCESS.2017.2676161","volume":"5","author":"W Qiang","year":"2017","unstructured":"Qiang, W., Liao, Y., Sun, G., Yang, L.T., Zou, D., Jin, H.: Patch-related vulnerability detection based on symbolic execution. IEEE Access 5, 20777\u201320784 (2017)","journal-title":"IEEE Access"},{"key":"17_CR48","unstructured":"Ramos, D.A., Engler, D.: $$\\{$$Under-Constrained$$\\}$$ symbolic execution: correctness checking for real code. In: 24th USENIX Security Symposium (USENIX Security 15), pp. 49\u201364 (2015)"},{"key":"17_CR49","doi-asserted-by":"publisher","unstructured":"Sarker, L.: Quantitative symbolic similarity analysis. In: Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2023, pp. 1549\u20131551. Association for Computing Machinery, New York (2023). https:\/\/doi.org\/10.1145\/3597926.3605238","DOI":"10.1145\/3597926.3605238"},{"key":"17_CR50","doi-asserted-by":"publisher","unstructured":"Sarker, L., Bultan, T.: Quantitative symbolic non-equivalence analysis, pp. 2452\u20132453 (2024). https:\/\/doi.org\/10.1145\/3691620.3695324","DOI":"10.1145\/3691620.3695324"},{"issue":"6","key":"17_CR51","doi-asserted-by":"crossref","first-page":"151","DOI":"10.1007\/s10664-022-10168-9","volume":"27","author":"AD Sawadogo","year":"2022","unstructured":"Sawadogo, A.D., et al.: Sspcatcher: learning to catch security patches. Empir. Softw. Eng. 27(6), 151 (2022)","journal-title":"Empir. Softw. Eng."},{"key":"17_CR52","doi-asserted-by":"crossref","unstructured":"Shafiuzzaman, M., Desai, A., Sarker, L., Bultan, T.: Stase: static analysis guided symbolic execution for uefi vulnerability signature generation. In: Proceedings of the 39th IEEE\/ACM International Conference on Automated Software Engineering, pp. 1783\u20131794 (2024)","DOI":"10.1145\/3691620.3695543"},{"key":"17_CR53","doi-asserted-by":"publisher","unstructured":"Sharma, S., Roy, S., Soos, M., Meel, K.: Ganak: a scalable probabilistic exact model counter, pp. 1169\u20131176 (2019). https:\/\/doi.org\/10.24963\/ijcai.2019\/163","DOI":"10.24963\/ijcai.2019\/163"},{"key":"17_CR54","doi-asserted-by":"publisher","unstructured":"Shoshitaishvili, Y., et al.: Sok: (state of) the art of war: offensive techniques in binary analysis, pp. 138\u2013157 (2016). https:\/\/doi.org\/10.1109\/SP.2016.17","DOI":"10.1109\/SP.2016.17"},{"key":"17_CR55","doi-asserted-by":"crossref","unstructured":"Tian, Y., Lawall, J., Lo, D.: Identifying linux bug fixing patches. In: 34th International Conference on Software Engineering (ICSE), pp. 386\u2013396. IEEE (2012)","DOI":"10.1109\/ICSE.2012.6227176"},{"key":"17_CR56","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"399","DOI":"10.1007\/978-3-319-63390-9_21","volume-title":"Computer Aided Verification","author":"M-T Trinh","year":"2017","unstructured":"Trinh, M.-T., Chu, D.-H., Jaffar, J.: Model counting for recursively-defined strings. In: Majumdar, R., Kun\u010dak, V. (eds.) CAV 2017. LNCS, vol. 10427, pp. 399\u2013418. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-63390-9_21"},{"key":"17_CR57","doi-asserted-by":"publisher","unstructured":"Trostanetski, A., Grumberg, O., Kroening, D.: Modular demand-driven analysis of semantic difference for program versions, pp. 405\u2013427 (2017). https:\/\/doi.org\/10.1007\/978-3-319-66706-5_20","DOI":"10.1007\/978-3-319-66706-5_20"},{"key":"17_CR58","doi-asserted-by":"crossref","unstructured":"Wang, X., Sun, K., Batcheller, A., Jajodia, S.: Detecting \u201c0-day\u201d vulnerability: an empirical study of secret security patch in OSS. In: 49th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 485\u2013492. IEEE (2019)","DOI":"10.1109\/DSN.2019.00056"},{"key":"17_CR59","doi-asserted-by":"crossref","unstructured":"Wang, X., Wang, S., Sun, K., Batcheller, A., Jajodia, S.: A machine learning approach to classify security patches into vulnerability types. In: 2020 IEEE Conference on Communications and Network Security (CNS), pp.\u00a01\u20139. IEEE (2020)","DOI":"10.1109\/CNS48642.2020.9162237"},{"key":"17_CR60","doi-asserted-by":"publisher","unstructured":"Wang, X., Wang, S., Sun, K., Batcheller, A., Jajodia, S.: A machine learning approach to classify security patches into vulnerability types. In: IEEE Conference on Communications and Network Security (CNS), pp.\u00a01\u20139 (2020). https:\/\/doi.org\/10.1109\/CNS48642.2020.9162237","DOI":"10.1109\/CNS48642.2020.9162237"},{"key":"17_CR61","unstructured":"Wu, B., Liu, S., Feng, R., Xie, X., Siow, J., Lin, S.W.: Enhancing security patch identification by capturing structures in commits. IEEE Trans. Dependable Secure Comput. (2022)"},{"key":"17_CR62","doi-asserted-by":"publisher","unstructured":"Xu, Z., Chen, B., Chandramohan, M., Liu, Y., Song, F.: Spain: security patch analysis for binaries towards understanding the pain and pills. In: 2017 IEEE\/ACM 39th International Conference on Software Engineering (ICSE), pp. 462\u2013472 (2017). https:\/\/doi.org\/10.1109\/ICSE.2017.49","DOI":"10.1109\/ICSE.2017.49"},{"key":"17_CR63","doi-asserted-by":"publisher","unstructured":"Yang, S., et al.: Towards practical binary code similarity detection: vulnerability verification via patch semantic analysis. ACM Trans. Softw. Eng. Methodol. 32 (2023). https:\/\/doi.org\/10.1145\/3604608","DOI":"10.1145\/3604608"},{"key":"17_CR64","doi-asserted-by":"crossref","unstructured":"Zhou, J., et al.: Finding a needle in a haystack: automated mining of silent vulnerability fixes. In: 2021 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE), pp. 705\u2013716. IEEE (2021)","DOI":"10.1109\/ASE51524.2021.9678720"},{"issue":"1","key":"17_CR65","first-page":"1","volume":"31","author":"Y Zhou","year":"2021","unstructured":"Zhou, Y., Siow, J.K., Wang, C., Liu, S., Liu, Y.: SPI: automated identification of security patches via commits. ACM Trans. Softw. Eng. Methodol. (TOSEM) 31(1), 1\u201327 (2021)","journal-title":"ACM Trans. Softw. Eng. Methodol. (TOSEM)"}],"container-title":["Lecture Notes in Computer Science","NASA Formal Methods"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-28079-4_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,6,11]],"date-time":"2026-06-11T15:34:03Z","timestamp":1781192043000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-28079-4_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026]]},"ISBN":["9783032280787","9783032280794"],"references-count":65,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-28079-4_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026]]},"assertion":[{"value":"12 June 2026","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"NFM","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"NASA Formal Methods Symposium","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Los Angeles, CA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2026","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5 May 2026","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7 May 2026","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"nfm2026","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/nfm2026.github.io\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}