{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,5]],"date-time":"2025-11-05T06:46:17Z","timestamp":1762325177455,"version":"3.37.3"},"reference-count":84,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2021,12,1]],"date-time":"2021-12-01T00:00:00Z","timestamp":1638316800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,12,1]],"date-time":"2021-12-01T00:00:00Z","timestamp":1638316800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"funder":[{"name":"Cyber Security Cooperative Research Centre","award":["FND000689"],"award-info":[{"award-number":["FND000689"]}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Empir Software Eng"],"published-print":{"date-parts":[[2022,1]]},"DOI":"10.1007\/s10664-021-10054-w","type":"journal-article","created":{"date-parts":[[2021,12,1]],"date-time":"2021-12-01T03:03:46Z","timestamp":1638327826000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":20,"title":["An empirical study of developers\u2019 discussions about security challenges of different programming languages"],"prefix":"10.1007","volume":"27","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-5011-6587","authenticated-orcid":false,"given":"Roland","family":"Croft","sequence":"first","affiliation":[]},{"given":"Yongzheng","family":"Xie","sequence":"additional","affiliation":[]},{"given":"Mansooreh","family":"Zahedi","sequence":"additional","affiliation":[]},{"given":"M. Ali","family":"Babar","sequence":"additional","affiliation":[]},{"given":"Christoph","family":"Treude","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,12,1]]},"reference":[{"key":"10054_CR1","doi-asserted-by":"crossref","unstructured":"Acar Y, Backes M, Fahl S, Kim D, Mazurek ML, Stransky C (2016) You get where you\u2019re looking for: The impact of information sources on code security. In: 2016 IEEE symposium on security and privacy (SP). pp 289\u2013305","DOI":"10.1109\/SP.2016.25"},{"key":"10054_CR2","doi-asserted-by":"publisher","first-page":"74","DOI":"10.1016\/j.infsof.2018.02.005","volume":"98","author":"A Agrawal","year":"2018","unstructured":"Agrawal A, Fu W, Menzies T (2018) What is wrong with topic modeling? and how to fix it using search-based software engineering. Inf Softw Technol 98:74\u201388","journal-title":"Inf Softw Technol"},{"key":"10054_CR3","doi-asserted-by":"publisher","first-page":"190","DOI":"10.1108\/DTA-07-2017-0054","volume":"52","author":"A Ahmad","year":"2017","unstructured":"Ahmad A, Feng C, Ge S, Yousif A (2017) A survey on mining stack overflow: Question and answering (q&a) community. Data Technol Appl 52:190\u2013247","journal-title":"Data Technol Appl"},{"key":"10054_CR4","doi-asserted-by":"crossref","unstructured":"Ahmed S, Bagherzadeh M (2018) What do concurrency developers ask about? a large-scale study using stack overflow. In: Proceedings of the 12th ACM\/IEEE international symposium on empirical software engineering and measurement. pp 1\u201310","DOI":"10.1145\/3239235.3239524"},{"key":"10054_CR5","doi-asserted-by":"crossref","unstructured":"Allamanis M, Sutton C (2013) Why, when, and what: analyzing stack overflow questions by topic, type, and code. In: 2013 10th working conference on mining software repositories (MSR). IEEE, pp 53\u201356","DOI":"10.1109\/MSR.2013.6624004"},{"key":"10054_CR6","doi-asserted-by":"crossref","unstructured":"Bagherzadeh M, Khatchadourian R (2019) Going big: a large-scale study on what big data developers ask. In: Proceedings of the 2019 27th ACM joint meeting on european software engineering conference and symposium on the foundations of software engineering. pp 432\u2013442","DOI":"10.1145\/3338906.3338939"},{"key":"10054_CR7","doi-asserted-by":"crossref","unstructured":"Bajaj K, Pattabiraman K, Mesbah A (2014) Mining questions asked by web developers. In: Proceedings of the 11th working conference on mining software repositories. pp 112\u2013121","DOI":"10.1145\/2597073.2597083"},{"key":"10054_CR8","doi-asserted-by":"crossref","unstructured":"Bangash AA, Sahar H, Chowdhury S, Wong AW, Hindle A, Ali K (2019) What do developers know about machine learning: a study of ml discussions on stackoverflow, IEEE","DOI":"10.1109\/MSR.2019.00052"},{"issue":"2","key":"10054_CR9","doi-asserted-by":"publisher","first-page":"74","DOI":"10.1109\/MSP.2005.45","volume":"3","author":"S Barnum","year":"2005","unstructured":"Barnum S, McGraw G (2005) Knowledge for software security. IEEE Secur Privacy 3(2):74\u201378","journal-title":"IEEE Secur Privacy"},{"issue":"3","key":"10054_CR10","doi-asserted-by":"publisher","first-page":"619","DOI":"10.1007\/s10664-012-9231-y","volume":"19","author":"A Barua","year":"2014","unstructured":"Barua A, Thomas SW, Hassan AE (2014) What are developers talking about? an analysis of topics and trends in stack overflow. Empir Softw Eng 19 (3):619\u2013654","journal-title":"Empir Softw Eng"},{"key":"10054_CR11","doi-asserted-by":"crossref","unstructured":"Bayati S, Heidary M (2016) Information security in software engineering, analysis of developers communications about security in social q&a website. In: Pacific-Asia workshop on intelligence and security informatics. Springer, pp 193\u2013202","DOI":"10.1007\/978-3-319-31863-9_14"},{"issue":"3","key":"10054_CR12","doi-asserted-by":"publisher","first-page":"2258","DOI":"10.1007\/s10664-019-09758-x","volume":"25","author":"S Beyer","year":"2020","unstructured":"Beyer S, Macho C, Di Penta M, Pinzger M (2020) What kind of questions do developers ask on stack overflow? a comparison of automated approaches to classify posts into question categories. Empir Softw Eng 25(3):2258\u20132301","journal-title":"Empir Softw Eng"},{"key":"10054_CR13","doi-asserted-by":"crossref","unstructured":"Bhattacharya P, Neamtiu I (2011) Assessing programming language impact on development and maintenance: A study on c and c++, IEEE","DOI":"10.1145\/1985793.1985817"},{"issue":"Jan","key":"10054_CR14","first-page":"993","volume":"3","author":"DM Blei","year":"2003","unstructured":"Blei DM, Ng AY, Jordan MI (2003) Latent dirichlet allocation. J Mach Learn Res 3(Jan):993\u20131022","journal-title":"J Mach Learn Res"},{"key":"10054_CR15","doi-asserted-by":"crossref","unstructured":"Borges H, Brito R, Valente MT (2019) Beyond textual issues: Understanding the usage and impact of github reactions. In: Proceedings of the XXXIII Brazilian symposium on software engineering. pp 397\u2013406","DOI":"10.1145\/3350768.3350788"},{"key":"10054_CR16","doi-asserted-by":"crossref","unstructured":"Cabot J, Izquierdo JLC, Cosentino V, Rolandi B (2015) Exploring the use of labels to categorize issues in open-source software projects, IEEE","DOI":"10.1109\/SANER.2015.7081875"},{"key":"10054_CR17","doi-asserted-by":"crossref","unstructured":"Campbell JC, Zhang C, Xu Z, Hindle A, Miller J (2013) Deficient documentation detection a methodology to locate deficient project documentation using topic analysis, IEEE","DOI":"10.1109\/MSR.2013.6624005"},{"issue":"4","key":"10054_CR18","doi-asserted-by":"publisher","first-page":"471","DOI":"10.1145\/6041.6042","volume":"17","author":"L Cardelli","year":"1985","unstructured":"Cardelli L, Wegner P (1985) On understanding types, data abstraction, and polymorphism. ACM Comput Surv (CSUR) 17(4):471\u2013523","journal-title":"ACM Comput Surv (CSUR)"},{"key":"10054_CR19","doi-asserted-by":"crossref","unstructured":"Chakraborty P, Shahriyar R, Iqbal A, Uddin G (2021) How do developers discuss and support new programming languages in technical q&a site? an empirical study of go, swift, and rust in stack overflow. Inf Softw Technol: 106603","DOI":"10.1016\/j.infsof.2021.106603"},{"key":"10054_CR20","doi-asserted-by":"crossref","unstructured":"Chen M, Fischer F, Meng N, Wang X, Grossklags J (2019) How reliable is the crowdsourced knowledge of security implementation?, IEEE","DOI":"10.1109\/ICSE.2019.00065"},{"issue":"5","key":"10054_CR21","doi-asserted-by":"publisher","first-page":"1843","DOI":"10.1007\/s10664-015-9402-8","volume":"21","author":"TH Chen","year":"2016","unstructured":"Chen TH, Thomas SW, Hassan AE (2016) A survey on the use of topic models when mining software repositories. Empir Softw Eng 21(5):1843\u20131919","journal-title":"Empir Softw Eng"},{"key":"10054_CR22","unstructured":"Cifuentes C, Bierman G (2019) What is a secure programming language?. In: 3rd Summit on advances in programming languages (SNAPL 2019), Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik"},{"key":"10054_CR23","volume-title":"Sampling techniques","author":"WG Cochran","year":"2007","unstructured":"Cochran WG (2007) Sampling techniques. Wiley, Hoboken"},{"issue":"1","key":"10054_CR24","doi-asserted-by":"publisher","first-page":"37","DOI":"10.1177\/001316446002000104","volume":"20","author":"J Cohen","year":"1960","unstructured":"Cohen J (1960) A coefficient of agreement for nominal scales. Educ Psychol Meas 20(1):37\u201346","journal-title":"Educ Psychol Meas"},{"key":"10054_CR25","doi-asserted-by":"crossref","unstructured":"Croft R, Newlands D, Chen Z, Babar MA (2021) An empirical study of rule-based and learning-based approaches for static application security testing. arXiv:2107.01921","DOI":"10.1145\/3475716.3475781"},{"key":"10054_CR26","doi-asserted-by":"crossref","unstructured":"Decan A, Mens T, Constantinou E (2018) On the impact of security vulnerabilities in the npm package dependency network. In: Proceedings of the 15th international conference on mining software repositories. pp 181\u2013191","DOI":"10.1145\/3196398.3196401"},{"key":"10054_CR27","doi-asserted-by":"crossref","unstructured":"Dhurjati D, Kowshik S, Adve V, Lattner C (2003) Memory safety without runtime checks or garbage collection. In: Proceedings of the 2003 ACM SIGPLAN conference on language, compiler, and tool for embedded systems. pp 69\u201380","DOI":"10.1145\/780731.780743"},{"issue":"3","key":"10054_CR28","doi-asserted-by":"publisher","first-page":"89","DOI":"10.1111\/j.1468-0394.2005.00299.x","volume":"22","author":"S Fincher","year":"2005","unstructured":"Fincher S, Tenenberg J (2005) Making sense of card sorting data. Expert Syst 22(3):89\u201393","journal-title":"Expert Syst"},{"key":"10054_CR29","doi-asserted-by":"crossref","unstructured":"Fischer F, B\u00f6ttinger K, Xiao H, Stransky C, Acar Y, Backes M, Fahl S (2017) Stack overflow considered harmful? the impact of copy&paste on android application security. In: 2017 IEEE symposium on security and privacy (SP). IEEE, pp 121\u2013136","DOI":"10.1109\/SP.2017.31"},{"key":"10054_CR30","doi-asserted-by":"crossref","unstructured":"Gkortzis A, Mitropoulos D, Spinellis D (2018) Vulinoss: a dataset of security vulnerabilities in open-source systems. In: Proceedings of the 15th International conference on mining software repositories. pp 18\u201321","DOI":"10.1145\/3196398.3196454"},{"issue":"1","key":"10054_CR31","first-page":"112","volume":"23","author":"D Grossman","year":"2005","unstructured":"Grossman D, Hicks M, Jim T, Morrisett G (2005) Cyclone: A type-safe dialect of c. C\/C++ Users J 23(1):112\u2013139","journal-title":"C\/C++ Users J"},{"key":"10054_CR32","doi-asserted-by":"crossref","unstructured":"Han J, Shihab E, Wan Z, Deng S, Xia X (2020), What do programmers discuss about deep learning frameworks. Empir Softw Eng","DOI":"10.1007\/s10664-020-09819-6"},{"issue":"5","key":"10054_CR33","doi-asserted-by":"publisher","first-page":"1335","DOI":"10.1007\/s10664-013-9289-1","volume":"19","author":"S Hanenberg","year":"2014","unstructured":"Hanenberg S, Kleinschmager S, Robbes R, Tanter \u00c9 , Stefik A (2014) An empirical study on the impact of static typing on software maintainability. Empir Softw Eng 19(5):1335\u20131382","journal-title":"Empir Softw Eng"},{"key":"10054_CR34","doi-asserted-by":"crossref","unstructured":"Hata H, Treude C, Kula RG, Ishio T (2019) 9.6 million links in source code comments: Purpose, evolution, and decay, IEEE","DOI":"10.1109\/ICSE.2019.00123"},{"key":"10054_CR35","doi-asserted-by":"crossref","unstructured":"Horschig S, Mattis T, Hirschfeld R (2018) Do java programmers write better python? studying off-language code quality on github. In: Conference companion of the 2nd international conference on art, science, and engineering of programming. pp 127\u2013134","DOI":"10.1145\/3191697.3214341"},{"key":"10054_CR36","unstructured":"Howell DC (2012) Statistical methods for psychology. Cengage Learning"},{"key":"10054_CR37","doi-asserted-by":"publisher","unstructured":"Hussain MM, Mahmud I (2019) pymannkendall: a python package for non parametric mann kendall family of trend tests. https:\/\/doi.org\/10.21105\/joss.01556, vol 4, p 1556","DOI":"10.21105\/joss.01556"},{"key":"10054_CR38","doi-asserted-by":"crossref","unstructured":"Kalliamvakou E, Gousios G, Blincoe K, Singer L, German DM, Damian D (2014) The promises and perils of mining github. In: Proceedings of the 11th working conference on mining software repositories (MSR 2014), pp 92\u2013101","DOI":"10.1145\/2597073.2597074"},{"issue":"1","key":"10054_CR39","doi-asserted-by":"crossref","first-page":"e95","DOI":"10.1002\/spy2.95","volume":"3","author":"AA Khwaja","year":"2020","unstructured":"Khwaja AA, Murtaza M, Ahmed HF (2020) A security feature framework for programming languages to minimize application layer vulnerabilities. Secur Privacy 3(1):e95","journal-title":"Secur Privacy"},{"key":"10054_CR40","doi-asserted-by":"crossref","unstructured":"Kleinschmager S, Robbes R, Stefik A, Hanenberg S, Tanter E (2012) Do static type systems improve the maintainability of software systems? an empirical study, IEEE","DOI":"10.1109\/ICPC.2012.6240483"},{"key":"10054_CR41","doi-asserted-by":"crossref","unstructured":"Knight WR (1966) A computer method for calculating kendall\u2019s tau with ungrouped data. http:\/\/www.jstor.org\/stable\/2282833, vol 61, pp 436\u2013439","DOI":"10.1080\/01621459.1966.10480879"},{"key":"10054_CR42","doi-asserted-by":"crossref","unstructured":"Kochhar PS, Wijedasa D, Lo D (2016) A large scale study of multiple programming languages and code quality. In: 2016 IEEE 23rd International conference on software analysis, evolution, and reengineering (SANER), IEEE, vol 1, pp 563\u2013573","DOI":"10.1109\/SANER.2016.112"},{"key":"10054_CR43","doi-asserted-by":"publisher","unstructured":"Le THM, Hin D, Croft R, Babar MA (2020) Puminer: Mining security posts from developer question and answer websites with pu learning. In: Proceedings of the 17th international conference on mining software repositories. Association for Computing Machinery, New York. https:\/\/doi.org\/10.1145\/3379597.3387443, pp 350\u2013361","DOI":"10.1145\/3379597.3387443"},{"key":"10054_CR44","doi-asserted-by":"crossref","unstructured":"Le THM, Croft R, Hin D, Babar MA (2021) A large-scale study of security vulnerability support on developer q&a websites. In: Evaluation and assessment in software engineering. pp 109\u2013118","DOI":"10.1145\/3463274.3463331"},{"key":"10054_CR45","doi-asserted-by":"crossref","unstructured":"Linares-V\u00e1squez M, Dit B, Poshyvanyk D (2013) An exploratory analysis of mobile development issues using stack overflow, IEEE","DOI":"10.1109\/MSR.2013.6624014"},{"key":"10054_CR46","doi-asserted-by":"crossref","unstructured":"Lopez T, Tun TT, Bandara A, Levine M, Nuseibeh B, Sharp H (2018) An investigation of security conversations in stack overflow: perceptions of security and community involvement. In: Proceedings of the 1st international workshop on security awareness from design to deployment. pp 26\u201332","DOI":"10.1145\/3194707.3194713"},{"key":"10054_CR47","doi-asserted-by":"crossref","unstructured":"Lopez T, Tun T, Bandara A, Mark L, Nuseibeh B, Sharp H (2019) An anatomy of security conversations in stack overflow. In: 2019 IEEE\/ACM 41st international conference on software engineering: software engineering in society (ICSE-SEIS). IEEE, pp 31\u201340","DOI":"10.1109\/ICSE-SEIS.2019.00012"},{"issue":"3","key":"10054_CR48","doi-asserted-by":"publisher","first-page":"23","DOI":"10.1109\/MITP.2018.032501745","volume":"20","author":"LO Mailloux","year":"2018","unstructured":"Mailloux LO, Grimaila M (2018) Advancing cybersecurity: The growing need for a cyber-resiliency workforce. IT Professional 20(3):23\u201330","journal-title":"IT Professional"},{"key":"10054_CR49","doi-asserted-by":"crossref","unstructured":"Mantyla MV, Claes M, Farooq U (2018) Measuring lda topic stability from clusters of replicated runs. In: Proceedings of the 12th ACM\/IEEE international symposium on empirical software engineering and measurement. pp 1\u20134","DOI":"10.1145\/3239235.3267435"},{"key":"10054_CR50","unstructured":"Martin A, Rashid A, Chivers H, Danezis G, Schneider S, Lupu E (2019) The cyber security body of knowledge. University of Bristol. https:\/\/www.cybok.org\/"},{"key":"10054_CR51","doi-asserted-by":"crossref","unstructured":"Massacci F, Nguyen VH (2010) Which is the right source for vulnerability studies? an empirical analysis on mozilla firefox. In: Proceedings of the 6th international workshop on security measurements and metrics. pp 1\u20138","DOI":"10.1145\/1853919.1853925"},{"key":"10054_CR52","doi-asserted-by":"publisher","DOI":"10.1201\/9780429466335","volume-title":"Handbook of applied cryptography","author":"AJ Menezes","year":"2018","unstructured":"Menezes AJ, Van Oorschot PC, Vanstone SA (2018) Handbook of applied cryptography. CRC press, Boca Raton"},{"issue":"10","key":"10054_CR53","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2544173.2509515","volume":"48","author":"LA Meyerovich","year":"2013","unstructured":"Meyerovich LA, Rabkin AS (2013) Empirical analysis of programming language adoption. SIGPLAN Not 48(10):1\u201318. https:\/\/doi.org\/10.1145\/2544173.2509515","journal-title":"SIGPLAN Not"},{"key":"10054_CR54","unstructured":"Mimno D, Wallach HM, Talley E, Leenders M, McCallum A (2011) Optimizing semantic coherence in topic models. In: Proceedings of the conference on empirical methods in natural language processing. Association for Computational Linguistics. pp 262\u2013272"},{"issue":"9","key":"10054_CR55","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1109\/62.793447","volume":"14","author":"D Naiditch","year":"1999","unstructured":"Naiditch D (1999) Selecting a programming language for your project. IEEE Trans Aerosp Electron Syst 14(9):11\u201314","journal-title":"IEEE Trans Aerosp Electron Syst"},{"key":"10054_CR56","doi-asserted-by":"crossref","unstructured":"Nguyen VH, Massacci F (2013) The (un) reliability of nvd vulnerable versions data: An empirical experiment on google chrome vulnerabilities. In: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security. pp 493\u2013498","DOI":"10.1145\/2484313.2484377"},{"key":"10054_CR57","doi-asserted-by":"publisher","unstructured":"Nothman J, Qin H, Yurchak R (2018) Stop word lists in free open-source software packages. In: Proceedings of workshop for NLP open source software (NLP-OSS). Association for Computational Linguistics, Melbourne, pp 7\u201312. https:\/\/doi.org\/10.18653\/v1\/W18-2502. https:\/\/www.aclweb.org\/anthology\/W18-2502","DOI":"10.18653\/v1\/W18-2502"},{"key":"10054_CR58","doi-asserted-by":"crossref","unstructured":"Panichella A, Dit B, Oliveto R, Di Penta M, Poshynanyk D, De Lucia A (2013) How to effectively use topic models for software engineering tasks? an approach based on genetic algorithms, IEEE","DOI":"10.1109\/ICSE.2013.6606598"},{"issue":"302","key":"10054_CR59","doi-asserted-by":"publisher","first-page":"157","DOI":"10.1080\/14786440009463897","volume":"50","author":"K Pearson","year":"1900","unstructured":"Pearson K (1900) X. on the criterion that a given system of deviations from the probable in the case of a correlated system of variables is such that it can be reasonably supposed to have arisen from random sampling. London, Edinburgh Dublin Philos Mag J Sci 50(302):157\u2013175","journal-title":"London, Edinburgh Dublin Philos Mag J Sci"},{"key":"10054_CR60","volume-title":"Types and programming languages","author":"BC Pierce","year":"2002","unstructured":"Pierce BC, Benjamin C (2002) Types and programming languages. MIT press, Cambridge"},{"key":"10054_CR61","doi-asserted-by":"crossref","unstructured":"Pletea D, Vasilescu B, Serebrenik A (2014) Security and emotion: sentiment analysis of security discussions on github. In: Proceedings of the 11th working conference on mining software repositories. ACM, pp 348\u2013351","DOI":"10.1145\/2597073.2597117"},{"key":"10054_CR62","unstructured":"Rafter D (2019) 2019 data breaches: 4 billion records breached so far. [Online; accessed 01-June-2020]"},{"key":"10054_CR63","doi-asserted-by":"crossref","unstructured":"Rahman MM, Roy CK (2014) An insight into the pull requests of github. In: Proceedings of the 11th working conference on mining software repositories. pp 364\u2013367","DOI":"10.1145\/2597073.2597121"},{"key":"10054_CR64","doi-asserted-by":"publisher","unstructured":"Ray B, Posnett D, Filkov V, Devanbu P (2014) A large scale study of programming languages and code quality in github. In: Proceedings of the 22Nd ACM SIGSOFT international symposium on foundations of software engineering (FSE 2014). ACM, New York. https:\/\/doi.org\/10.1145\/2635868.2635922, pp 155\u2013165","DOI":"10.1145\/2635868.2635922"},{"issue":"3","key":"10054_CR65","doi-asserted-by":"publisher","first-page":"1192","DOI":"10.1007\/s10664-015-9379-3","volume":"21","author":"C Rosen","year":"2016","unstructured":"Rosen C, Shihab E (2016) What are mobile developers asking about? a large scale study using stack overflow. Empir Softw Eng 21(3):1192\u20131223","journal-title":"Empir Softw Eng"},{"key":"10054_CR66","volume-title":"Secure coding in C and C++","author":"RC Seacord","year":"2005","unstructured":"Seacord RC (2005) Secure coding in C and C++. Pearson Education, London"},{"key":"10054_CR67","volume-title":"Concepts of programming languages","author":"RW Sebesta","year":"2012","unstructured":"Sebesta RW (2012) Concepts of programming languages. Pearson Education, Inc., London"},{"key":"10054_CR68","unstructured":"Sestoft P (2005) Java performance: Reducing time and space consumption"},{"issue":"3","key":"10054_CR69","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2187671.2187673","volume":"44","author":"H Shahriar","year":"2012","unstructured":"Shahriar H, Zulkernine M (2012) Mitigating program security vulnerabilities: Approaches and challenges. ACM Comput Surv (CSUR) 44(3):1\u201346","journal-title":"ACM Comput Surv (CSUR)"},{"issue":"1","key":"10054_CR70","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1007\/s00766-004-0194-4","volume":"10","author":"G Sindre","year":"2005","unstructured":"Sindre G, Opdahl AL (2005) Eliciting security requirements with misuse cases. Req Eng 10(1):34\u201344","journal-title":"Req Eng"},{"issue":"2","key":"10054_CR71","doi-asserted-by":"publisher","first-page":"465","DOI":"10.32604\/cmc.2019.07818","volume":"61","author":"Y Tian","year":"2019","unstructured":"Tian Y, Ng W, Cao J, McIntosh S (2019) Geek talents: Who are the top experts on github and stack overflow? Comput Mater Contin 61(2):465\u2013479. https:\/\/doi.org\/10.32604\/cmc.2019.07818. http:\/\/www.techscience.com\/cmc\/v61n2\/33484","journal-title":"Comput Mater Contin"},{"key":"10054_CR72","doi-asserted-by":"crossref","unstructured":"Treude C, Wagner M (2019) Predicting good configurations for github and stack overflow topic models. In: 2019 IEEE\/ACM 16th International conference on mining software repositories (MSR). pp 84\u201395","DOI":"10.1109\/MSR.2019.00022"},{"key":"10054_CR73","doi-asserted-by":"publisher","unstructured":"Vasilescu B, Filkov V, Serebrenik A (2013) Stackoverflow and github: Associations between software development and crowdsourced knowledge. In: 2013 International conference on social computing. pp 188\u2013195. https:\/\/doi.org\/10.1109\/SocialCom.2013.35","DOI":"10.1109\/SocialCom.2013.35"},{"key":"10054_CR74","doi-asserted-by":"crossref","unstructured":"Venson E, Alfayez R, MF GM, Rejane F, Boehm B (2019) The impact of software security practices on development effort: An initial survey. In: 2019 ACM\/IEEE international symposium on empirical software engineering and measurement (ESEM). IEEE, pp 1\u201312","DOI":"10.1109\/ESEM.2019.8870153"},{"key":"10054_CR75","doi-asserted-by":"crossref","unstructured":"Verdi M, Sami A, Akhondali J, Khomh F, Uddin G, Motlagh AK (2020), An empirical study of c++ vulnerabilities in crowd-sourced code examples. IEEE Trans Softw Eng","DOI":"10.1109\/TSE.2020.3023664"},{"key":"10054_CR76","unstructured":"Wan Z, Xia X, Hassan AE (2019) What is discussed about blockchain? a case study on the use of balanced lda and the reference architecture of a domain to capture online discussions about blockchain platforms across the stack exchange communities. IEEE Trans Softw Eng"},{"key":"10054_CR77","doi-asserted-by":"crossref","unstructured":"Wessel M, Steinmacher I, Wiese I, Gerosa MA (2019) Should i stale or should i close? an analysis of a bot that closes abandoned issues and pull requests, IEEE","DOI":"10.1109\/BotSE.2019.00018"},{"key":"10054_CR78","doi-asserted-by":"crossref","unstructured":"Xiong Y, Meng Z, Shen B, Yin W (2017) Mining developer behavior across github and stackoverflow. In: SEKE. pp 578\u2013583","DOI":"10.18293\/SEKE2017-062"},{"key":"10054_CR79","doi-asserted-by":"crossref","unstructured":"Yang L, Li X, Yu Y (2017) Vuldigger: A just-in-time and cost-aware tool for digging vulnerability-contributing changes. In: GLOBECOM 2017-2017 IEEE global communications conference. IEEE, pp 1\u20137","DOI":"10.1109\/GLOCOM.2017.8254428"},{"issue":"5","key":"10054_CR80","doi-asserted-by":"publisher","first-page":"910","DOI":"10.1007\/s11390-016-1672-0","volume":"31","author":"XL Yang","year":"2016","unstructured":"Yang XL, Lo D, Xia X, Wan ZY, Sun JL (2016) What security questions do developers ask? a large-scale study of stack overflow posts. J Comput Sci Technol 31(5):910\u2013924. https:\/\/doi.org\/10.1007\/s11390-016-1672-0","journal-title":"J Comput Sci Technol"},{"key":"10054_CR81","doi-asserted-by":"crossref","unstructured":"Zahedi M, Ali Babar M, Treude C (2018) An empirical study of security issues posted in open source projects. In: Proceedings of the 51st Hawaii international conference on system sciences","DOI":"10.24251\/HICSS.2018.686"},{"key":"10054_CR82","doi-asserted-by":"crossref","unstructured":"Zhang H, Wang S, Li H, Chen THP, Hassan AE (2021) A study of c\/c++ code weaknesses on stack overflow. IEEE Trans Softw Eng","DOI":"10.1109\/TSE.2021.3058985"},{"key":"10054_CR83","unstructured":"Zhang J, Li F, Hao D, Wang M, Tang H, Zhang L, Harman M (2019) A study of bug resolution characteristics in popular programming languages. IEEE Trans Softw Eng"},{"key":"10054_CR84","doi-asserted-by":"crossref","unstructured":"Zou J, Xu L, Guo W, Yan M, Yang D, Zhang X (2015) Which non-functional requirements do developers focus on? an empirical study on stack overflow using topic analysis. In: 2015 IEEE\/ACM 12th working conference on mining software repositories, IEEE. pp 446\u2013449","DOI":"10.1109\/MSR.2015.60"}],"container-title":["Empirical Software Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10664-021-10054-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10664-021-10054-w\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10664-021-10054-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,11,13]],"date-time":"2023-11-13T12:00:26Z","timestamp":1699876826000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10664-021-10054-w"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,12,1]]},"references-count":84,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2022,1]]}},"alternative-id":["10054"],"URL":"https:\/\/doi.org\/10.1007\/s10664-021-10054-w","relation":{},"ISSN":["1382-3256","1573-7616"],"issn-type":[{"type":"print","value":"1382-3256"},{"type":"electronic","value":"1573-7616"}],"subject":[],"published":{"date-parts":[[2021,12,1]]},"assertion":[{"value":"24 September 2021","order":1,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"1 December 2021","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"Not applicable.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"<!--Emphasis Type='Bold' removed-->Conflict of Interests"}}],"article-number":"27"}}