AutoMetric: Towards Measuring Open-Source Software Quality Metrics Automatically (AST 2023)

Who

Taejun Lee, Heewon Park, Heejo Lee

Track

AST 2023

Time Zone

The program is currently displayed in (GMT+10:00) Hobart.

Use conference time zone: (GMT+10:00) HobartSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Mon 15 May 2023 13:45 - 14:07 at Meeting Room 107 - Metrics and Benchmarks

Abstract

These days, a significant portion of open-source software (OSS) is necessary to develop a software. There has been a few measurement that can verify safety of OSS, but technologies for automation are insufficient. To address this problem, we propose AutoMetric, an automatic tool for measuring security metrics of OSS in repository level. Using AutoMetric which only collects repository address of the project, it is possible to inspect many projects at once regardless of its size and scope. AutoMetric contains five metrics: Mean Time to Update (MU), Mean Time to Commit (MC), Number of Contributors (NC), Inactive Period (IP), and Branch Protection (BP). These indicators can be calculated quickly even if the source code changes. By comparing metrics in AutoMetric with 2,675 reported vulnerabilities in GitHub Advisory Database (GAD), the result shows that the more frequent updates and commits and the shorter the inactivity period, the more vulnerabilities were found.

Taejun Lee

Korea University

South Korea

Heewon Park

Korea University

South Korea

Heejo Lee

Korea University

South Korea

Time Zone

The program is currently displayed in (GMT+10:00) Hobart.

Use conference time zone: (GMT+10:00) HobartSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Mon 15 May
Displayed time zone: Hobart change

13:45 - 15:15	Metrics and BenchmarksAST 2023 at Meeting Room 107

13:45 22m Talk		AutoMetric: Towards Measuring Open-Source Software Quality Metrics Automatically AST 2023 Taejun Lee Korea University, Heewon Park Korea University, Heejo Lee Korea University
14:07 22m Talk		Learning to Learn to Predict Performance Regressions in Production at Meta AST 2023 Moritz Beller Meta Platforms, Inc., USA, Hongyu Li Liquido, Vivek Nair Meta Platforms, Inc., Vijayaraghavan Murali Meta Platforms, Inc., Imad Ahmad Meta Platforms, Inc., Jürgen Cito TU Wien, Drew Carlson Ex-Meta Platforms, Inc., Gareth Ari Aye Meta Platforms, Inc., Wes Dyer Meta Platforms, Inc. Pre-print
14:30 22m Talk		SourceWarp: A scalable, SCM-driven testing and benchmarking approach to support data-driven and agile decision making for CI/CD tools and DevOps platforms AST 2023 Julian Thome GitLab Inc., James Johnson --, Isaac Dawson GitLab Inc., Dinesh Bolkensteyn GitLab Inc., Michael Henriksen GitLab Inc., Mark Art GitLab Inc.
14:52 22m Talk		Structural Test Input Generation for 3-Address Code Coverage Using Path-Merged Symbolic Execution AST 2023 Soha Hussein University of Minnesota, USA / Ain Shams University, Egypt, Stephen McCamant University of Minnesota, USA, Elena Sherman Boise State University, Vaibhav Sharma Amazon, Michael Whalen Amazon Web Services and the University of Minnesota