ISSTA 2025
Wed 25 - Sat 28 June 2025 Trondheim, Norway
co-located with FSE 2025
Fri 27 Jun 2025 11:50 - 12:05 at Cosmos Hall - Empirical Studies Chair(s): Miryung Kim

Modern software development often uses third-party libraries and frameworks to enhance productivity and reduce costs. As a result, software supply chain begins to take shape, with its potential risks gradually becoming apparent. To improve the traceability and transparency of the software supply chain and mitigate potential risks, the concept of Software Bill of Materials (SBOM) was introduced. While extensive research has been conducted on SBOMs for programming language ecosystems, there is a scarcity of research focused on Linux distributions. Given the fundamental role and complexity of Linux distributions, it is critical but challenging to generate high-quality SBOMs for them. To address this issue, this paper conducts two-phase work: 1) Through analyzing the characteristics of Linux distribution packages, we propose a multi-stage SBOM model specific to them; 2) Based on the SBOM model, we design and implement a tool for generating Linux distribution package SBOMs. The evaluation results indicate that our approach outperforms the state-of-the-art SBOM generation tool.

Fri 27 Jun

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

11:00 - 12:05
Empirical StudiesTool Demonstrations / Research Papers at Cosmos Hall
Chair(s): Miryung Kim UCLA and Amazon Web Services
11:00
25m
Talk
Fixing Outside the Box: Uncovering Tactics for Open-Source Security Issue Management
Research Papers
Lyuye Zhang Nanyang Technological University, Wu Jiahui , Chengwei Liu Nanyang Technological University, Kaixuan Li Nanyang Technological University, Xiaoyu Sun Australian National University, Australia, Lida Zhao Nanyang Technological University, Chong Wang Nanyang Technological University, Yang Liu Nanyang Technological University
DOI
11:25
25m
Talk
More Effective JavaScript Breaking Change Detection via Dynamic Object Relation Graph
Research Papers
Dezhen Kong Zhejiang University, Jiakun Liu Singapore Management University, Chao Ni Zhejiang University, David Lo Singapore Management University, Lingfeng Bao Zhejiang University
DOI
11:50
15m
Demonstration
LiPSBOMaker: A Prototype of Multi-Stage Linux Distribution Package SBOM Generator
Tool Demonstrations
Tong Qiu , Jiaxin Zhu Institute of Software at Chinese Academy of Sciences, Wei Chen Institute of Software at Chinese Academy of Sciences, Jun Wei Institute of Software at Chinese Academy of Sciences; University of Chinese Academy of Sciences

Information for Participants
Fri 27 Jun 2025 11:00 - 12:05 at Cosmos Hall - Empirical Studies Chair(s): Miryung Kim
Info for room Cosmos Hall:

This is the main event hall of Clarion Hotel, which will be used to host keynote talks and other plenary sessions. The FSE and ISSTA banquets will also happen in this room.

The room is just in front of the registration desk, on the other side of the main conference area. The two large doors with numbers “1” and “2” provide access to the Cosmos Hall.

:
:
:
: