{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,3]],"date-time":"2026-03-03T00:49:56Z","timestamp":1772498996816,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":53,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,6,29]],"date-time":"2020-06-29T00:00:00Z","timestamp":1593388800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,6,29]]},"DOI":"10.1145\/3379597.3387465","type":"proceedings-article","created":{"date-parts":[[2020,9,19]],"date-time":"2020-09-19T02:12:49Z","timestamp":1600481569000},"page":"409-419","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":28,"title":["The Impact of a Major Security Event on an Open Source Project"],"prefix":"10.1145","author":[{"given":"James","family":"Walden","sequence":"first","affiliation":[{"name":"Northern Kentucky University, Highland Heights, KY"}]}],"member":"320","published-online":{"date-parts":[[2020,9,18]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Nimrod Aviram Sebastian Schinzel Juraj Somorovsky Nadia Heninger Maik Dankel Jens Steube Luke Valenta David Adrian J Alex Halderman Viktor Dukhovni etal 2016. {DROWN}: Breaking {TLS} Using SSLv2. In 25th {USENIX} Security Symposium ({USENIX} Security 16). 689--706.  Nimrod Aviram Sebastian Schinzel Juraj Somorovsky Nadia Heninger Maik Dankel Jens Steube Luke Valenta David Adrian J Alex Halderman Viktor Dukhovni et al. 2016. {DROWN}: Breaking {TLS} Using SSLv2. In 25th {USENIX} Security Symposium ({USENIX} Security 16). 689--706."},{"key":"e_1_3_2_1_2_1","unstructured":"Bob Beck. 2014. LibreSSL: The first 30 Days and where we go from here. Presentation at the BSDCan Ottowa Canada.  Bob Beck. 2014. LibreSSL: The first 30 Days and where we go from here. Presentation at the BSDCan Ottowa Canada."},{"key":"e_1_3_2_1_3_1","volume-title":"OpenSSL Blog","author":"Caswell Matt","year":"2015"},{"key":"e_1_3_2_1_4_1","unstructured":"Russ Cox. 2008. Lessons from the Debian\/OpenSSL Fiasco. Online.  Russ Cox. 2008. Lessons from the Debian\/OpenSSL Fiasco. Online."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/362929.362947"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2663716.2663755"},{"key":"e_1_3_2_1_7_1","volume-title":"Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace","author":"Foundation The Linux","year":"2014"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/32.106988"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/602461.602482"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1002\/smr.1615"},{"key":"e_1_3_2_1_11_1","unstructured":"Google. [n.d.]. Google Style Guides. https:\/\/google.github.io\/styleguide\/  Google. [n.d.]. Google Style Guides. https:\/\/google.github.io\/styleguide\/"},{"key":"e_1_3_2_1_12_1","unstructured":"Maurice Howard Halstead etal 1977. Elements of software science. Vol. 7. Elsevier New York.  Maurice Howard Halstead et al. 1977. Elements of software science. Vol. 7. Elsevier New York."},{"key":"e_1_3_2_1_13_1","volume-title":"OpenSSL after Heartbleed. Presentation at the RSA Conference","author":"Hudson Tim"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1159733.1159765"},{"key":"e_1_3_2_1_15_1","volume-title":"A Practical Guide to Regression Discontinuity. MDRC","author":"Jacob Robin","year":"2012"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/APSEC.2016.025"},{"key":"e_1_3_2_1_17_1","volume-title":"Why do software assurance tools have problems finding bugs like heartbleed. Continuous Software Assurance Marketplace 22","author":"Kupsch James A","year":"2014"},{"key":"e_1_3_2_1_18_1","volume-title":"https:\/\/www.imperialviolet.org\/2015\/10\/17\/boringssl.html","author":"Langley Adam","year":"2015"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.5555\/646195.681473"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1002\/smr.1855"},{"key":"e_1_3_2_1_21_1","unstructured":"Steve Marquess. 2014. Of Money Responsibility and Pride. http:\/\/veridicalsystems.com\/blog\/of-money-responsibility-and-pride\/  Steve Marquess. 2014. Of Money Responsibility and Pride. http:\/\/veridicalsystems.com\/blog\/of-money-responsibility-and-pride\/"},{"key":"e_1_3_2_1_22_1","unstructured":"Robert C Martin. 2009. Clean code: a handbook of agile software craftsmanship. Pearson Education.  Robert C Martin. 2009. Clean code: a handbook of agile software craftsmanship. Pearson Education."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1976.233837"},{"key":"e_1_3_2_1_24_1","volume-title":"27th Annual NASA Goddard\/IEEE Software Engineering Workshop, 2002. Proceedings. IEEE, 51--57","author":"Menzies Tim","year":"2002"},{"key":"e_1_3_2_1_25_1","volume-title":"Data mining static code attributes to learn defect predictors","author":"Menzies Tim","year":"2006"},{"key":"e_1_3_2_1_26_1","first-page":"81","article-title":"Improving open source software maintenance","volume":"50","author":"Midha Vishal","year":"2010","journal-title":"Journal of Computer Information Systems"},{"key":"e_1_3_2_1_27_1","unstructured":"Damien Miller. 2005. Secure Portability. https:\/\/www.openbsd.org\/papers\/portability.pdf  Damien Miller. 2005. Secure Portability. https:\/\/www.openbsd.org\/papers\/portability.pdf"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2786805.2786834"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1002\/smr.564"},{"key":"e_1_3_2_1_30_1","volume-title":"Code Conventions for the Java Programming Languages. https:\/\/www.oracle.com\/technetwork\/java\/javase\/documentation\/codeconventions-139411","year":"1999"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2004.1274044"},{"key":"e_1_3_2_1_32_1","unstructured":"Quarkslab. 2019. OpenSSL Security Assessment. https:\/\/ostif.org\/wp-content\/uploads\/2019\/01\/18-04-720-REP_v1.2.pdf  Quarkslab. 2019. OpenSSL Security Assessment. https:\/\/ostif.org\/wp-content\/uploads\/2019\/01\/18-04-720-REP_v1.2.pdf"},{"key":"e_1_3_2_1_33_1","volume-title":"Quasi-Experimentation: A Guide to Design and Analysis","author":"Reichardt Charles S"},{"key":"e_1_3_2_1_34_1","volume-title":"Android shipments in 2014 exceed 1 billion for first time. CNET","author":"Reisinger Don","year":"2015"},{"key":"e_1_3_2_1_35_1","volume-title":"Beyond Reformatting: More Code Cleanup. OpenSSL Blog","author":"Salz Rich","year":"2015"},{"key":"e_1_3_2_1_36_1","volume-title":"Hello GitHub. OpenSSL Blog","author":"Salz Rich","year":"2016"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2010.81"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3236024.3264598"},{"key":"e_1_3_2_1_40_1","volume-title":"Proceedings of the","author":"Spencer Henry","year":"1992"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/2884781.2884799"},{"key":"e_1_3_2_1_42_1","unstructured":"OpenSSL Project Team. 2015. OpenSSL Coding Style. (2015). https:\/\/www.openssl.org\/policies\/codingstyle.html  OpenSSL Project Team. 2015. OpenSSL Coding Style. (2015). https:\/\/www.openssl.org\/policies\/codingstyle.html"},{"key":"e_1_3_2_1_43_1","volume-title":"https:\/\/web.archive.org\/web\/20150905203707\/https:\/\/www.openssl.org\/policies\/roadmap.html","author":"Project Team SSL","year":"2016"},{"key":"e_1_3_2_1_44_1","volume-title":"https:\/\/www.openssl.org\/policies\/omc-bylaws.html","author":"Project Team SSL","year":"2017"},{"key":"e_1_3_2_1_45_1","unstructured":"OpenSSL Project Team. 2017. Policy for OpenSSL Committers. (2017). https:\/\/www.openssl.org\/policies\/committers.html  OpenSSL Project Team. 2017. Policy for OpenSSL Committers. (2017). https:\/\/www.openssl.org\/policies\/committers.html"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3180155.3180209"},{"key":"e_1_3_2_1_47_1","unstructured":"Guido van Rossum Barry Warsaw and Nick Coghlan. 2001. PEP 8 - Style Guide for Python Code. https:\/\/www.python.org\/dev\/peps\/pep-0008\/  Guido van Rossum Barry Warsaw and Nick Coghlan. 2001. PEP 8 - Style Guide for Python Code. https:\/\/www.python.org\/dev\/peps\/pep-0008\/"},{"key":"e_1_3_2_1_48_1","volume-title":"OpenSSL Case Study Replication Package (MSR","author":"Walden James","year":"2020"},{"key":"e_1_3_2_1_49_1","unstructured":"David Wheeler. [n.d.]. Core Infrastructure Initiative (CII) Best-Practices Badge Criteria. https:\/\/www.ida.org\/-\/media\/feature\/publications\/c\/co\/core-infrastructure-initiative-cii-bestpractices-badge-criteria\/d-8054.ashx  David Wheeler. [n.d.]. Core Infrastructure Initiative (CII) Best-Practices Badge Criteria. https:\/\/www.ida.org\/-\/media\/feature\/publications\/c\/co\/core-infrastructure-initiative-cii-bestpractices-badge-criteria\/d-8054.ashx"},{"key":"e_1_3_2_1_50_1","volume-title":"How to Prevent the next Heartbleed. Online","author":"Wheeler David A","year":"2014"},{"key":"e_1_3_2_1_51_1","volume-title":"International Cryptographic Module Conference, Ottowa, Ontario. https:\/\/icmconference.org\/wp-content\/uploads\/G12b-White.pdf","author":"White Kenneth","year":"2016"},{"key":"e_1_3_2_1_52_1","volume-title":"Proceedings of the International Workshop on Foundations of Unanticipated Software Evolution. 1--15","author":"Wu Jingwei","year":"2004"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.5555\/3155562.3155575"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSME.2019.00011"}],"event":{"name":"MSR '20: 17th International Conference on Mining Software Repositories","location":"Seoul Republic of Korea","acronym":"MSR '20","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering","IEEE CS","SIGAI ACM Special Interest Group on Artificial Intelligence","SIGKDD ACM Special Interest Group on Knowledge Discovery in Data"]},"container-title":["Proceedings of the 17th International Conference on Mining Software Repositories"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3379597.3387465","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3379597.3387465","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:41:20Z","timestamp":1750200080000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3379597.3387465"}},"subtitle":["The Case of OpenSSL"],"short-title":[],"issued":{"date-parts":[[2020,6,29]]},"references-count":53,"alternative-id":["10.1145\/3379597.3387465","10.1145\/3379597"],"URL":"https:\/\/doi.org\/10.1145\/3379597.3387465","relation":{},"subject":[],"published":{"date-parts":[[2020,6,29]]},"assertion":[{"value":"2020-09-18","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}