MOBILESoft 2022
Tue 17 - Wed 18 May 2022
co-located with ICSE 2022

Vulnerable versions of third party libraries can remain a threat even after a security fix has been published. Developers are hesitant to update dependencies and could unknowingly depend on an outdated vulnerable library version. We developed SwiftDependencyChecker to make data from public vulnerability databases more accessible to Swift developers. SwiftDependencyChecker analyses dependencies declared through CocoaPods, Carthage and Swift PM, queries the NVD database, and shows warnings for used vulnerable library versions in Xcode. Preliminary evaluation of the tool showed that the vulnerability analysis is effective. General feedback from independent developers was encouraging with some improvement potential on performance for the initial analysis of a project.

Wed 18 May

Displayed time zone: Eastern Time (US & Canada) change

10:00 - 11:30
Session 5: Mobile App Qualit and Third-party Software + ClosingTechnical Papers / Plenary / Student Research Competition / Tool Demos and Mobile Apps at MOBILESoft room
Chair(s): Leonardo Mariani University of Milano-Bicocca, Ali Ouni ETS Montreal, University of Quebec
10:00
13m
Paper
SwiftDependencyChecker: Detecting Vulnerable Dependencies Declared Through CocoaPods, Carthage and Swift PM
Tool Demos and Mobile Apps
Kristiina Rahkema University of Tartu, Dietmar Pfahl University of Tartu
Pre-print Media Attached
10:13
8m
Paper
Mobile GUI test script generation from natural language descriptions using pre-trained model
Student Research Competition
Chun Li Nanjing University
10:21
20m
Paper
An empirical study of privacy labels on the Apple iOS mobile app store
Technical Papers
Gian Luca Scoccia University of L'Aquila, Marco Autili University of L'Aquila, Italy, Giovanni Stilo , Paola Inverardi University of L'Aquila
Pre-print
10:41
20m
Paper
Adoption of Third-party Libraries in Mobile Apps: A Case Study on Open-source Android Applications
Technical Papers
Aidan Polese , Yuan Tian Queens University, Kingston, Canada, Safwat Hassan Thompson Rivers University
Pre-print
11:01
19m
Other
Breakout rooms with the authors
Plenary

11:20
10m
Day closing
MOBILESoft Closing
Plenary
Leonardo Mariani University of Milano-Bicocca, Gemma Catolino Tilburg University & ​Jheronimus Academy of Data Science, Mei Nagappan University of Waterloo

Information for Participants