Write a Blog >>
ICSE 2023
Sun 14 - Sat 20 May 2023 Melbourne, Australia
Fri 19 May 2023 16:15 - 16:30 at Meeting Room 110 - Software ecosystems Chair(s): Sebastian Baltes

The rapid growth of software supply chain attacks has attracted considerable attention to software bill of materials (SBOM). SBOM is a crucial building block to ensure the transparency of software supply chains that helps improve software supply chain security. Although there are significant efforts from academia and industry to facilitate SBOM development, it is still unclear how practitioners perceive SBOMs and what are the challenges of adopting SBOMs in practice. To bridge this gap, we performed the first empirical study to interview and survey SBOM practitioners. We applied a mixed qualitative and quantitative method for gathering data from 17 interviewees and 65 survey respondents from 15 countries across five continents to understand how practitioners perceive the SBOM field. We summarized 26 statements and grouped them into three topics on SBOM’s states of practice. Based on the study results, we derived a goal model and highlighted future directions where practitioners can put in their effort.

Fri 19 May

Displayed time zone: Hobart change

15:45 - 17:15
15:45
7m
Talk
Upstream Bug Management in Linux Distributions - An Empirical Study of Debian and Fedora Practices
Journal-First Papers
Jiahuei Lin Queen’s University Software Analysis and Intelligence Lab (SAIL), Canada, Haoxiang Zhang Centre for Software Excellence at Huawei Canada, Bram Adams Queen's University, Kingston, Ontario, Ahmed E. Hassan Queen’s University
15:52
7m
Vision and Emerging Results
Treat societally impactful scientific insights as open-source software artifacts
SEIS - Software Engineering in Society
Cynthia C. S. Liem Delft University of Technology, Andrew M. Demetriou Delft University of Technology
Pre-print
16:00
15m
Talk
Rules of Engagement: Why and How Companies Participate in OSS
Technical Track
Mariam Guizani Oregon State University, Aileen Abril Castro-Guzman Oregon State University, Anita Sarma Oregon State University, Igor Steinmacher Northern Arizona University
Pre-print
16:15
15m
Paper
An Empirical Study on Software Bill of Materials: Where We Stand and the Road Ahead
Technical Track
Boming Xia CSIRO's Data61 & University of New South Wales, Tingting Bi Data61, CSIRO, Zhenchang Xing , Qinghua Lu CSIRO’s Data61, Liming Zhu CSIRO’s Data61
Pre-print
16:30
15m
Talk
Open Source Software Onboarding as a University Course: An Experience Report
SEET - Software Engineering Education and Training
Hao He Peking University, Minghui Zhou Peking University, Qingye Wang Peking University, China, Jingyue Li Norwegian University of Science and Technology
Pre-print
16:45
15m
Talk
An Empirical Study of License Conflict in Free and Open Source Software
SEIP - Software Engineering in Practice
Xing Cui Institute of Software, Chinese Academy of Sciences, Jingzheng Wu Institute of Software, The Chinese Academy of Sciences, Yanjun Wu Institute of Software, Chinese Academy of Sciences, Xu Wang Institute of Software, Chinese Academy of Sciences, Tianyue Luo , Sheng Qu Institute of Software, Chinese Academy of Sciences, Xiang Ling Institute of Software, Chinese Academy of Sciences, Mutian Yang
17:00
7m
Talk
LicenseRec: Knowledge based Open Source License Recommendation for OSS Projects
DEMO - Demonstrations
Weiwei Xu Peking University, Xin Wu Peking University, Runzhi He Peking University, Minghui Zhou Peking University
Pre-print
17:07
7m
Talk
Will you come back to contribute? Investigating the inactivity of OSS core developers in GitHub
Journal-First Papers
Fabio Calefato University of Bari, Marco Gerosa Northern Arizona University, Giuseppe Iaffaldano University of Bari, Filippo Lanubile University of Bari, Igor Steinmacher Northern Arizona University
Link to publication DOI Pre-print