• Shen Y, Gao X, Sun H and Guo Y. (2024). Understanding vulnerabilities in software supply chains. Empirical Software Engineering. 10.1007/s10664-024-10581-2. 30:1. Online publication date: 1-Feb-2025.

    https://link.springer.com/10.1007/s10664-024-10581-2

  • Papotti A, Paramitha R and Massacci F. (2024). On the acceptance by code reviewers of candidate security patches suggested by Automated Program Repair tools. Empirical Software Engineering. 10.1007/s10664-024-10506-z. 29:5. Online publication date: 1-Sep-2024.

    https://link.springer.com/10.1007/s10664-024-10506-z

  • Kulsum U, Zhu H, Xu B and d'Amorim M. A Case Study of LLM for Automated Vulnerability Repair: Assessing Impact of Reasoning and Patch Validation Feedback. Proceedings of the 1st ACM International Conference on AI-Powered Software. (103-111).

    https://doi.org/10.1145/3664646.3664770

  • Ságodi Z, Antal G, Bogenfürst B, Isztin M, Hegedűs P and Ferenc R. Reality Check: Assessing GPT-4 in Fixing Real-World Software Vulnerabilities. Proceedings of the 28th International Conference on Evaluation and Assessment in Software Engineering. (252-261).

    https://doi.org/10.1145/3661167.3661207

  • Pan Z, Hu X, Xia X, Zhan X, Lo D and Yang X. PPT4J: Patch Presence Test for Java Binaries. Proceedings of the IEEE/ACM 46th International Conference on Software Engineering. (1-12).

    https://doi.org/10.1145/3597503.3639231

  • Zhou X, Kim K, Xu B, Han D and Lo D. Out of Sight, Out of Mind: Better Automatic Vulnerability Repair by Broadening Input Ranges and Sources. Proceedings of the IEEE/ACM 46th International Conference on Software Engineering. (1-13).

    https://doi.org/10.1145/3597503.3639222

  • Bui Q, Paramitha R, Vu D, Massacci F and Scandariato R. (2023). APR4Vul: an empirical study of automatic program repair techniques on real-world Java vulnerabilities. Empirical Software Engineering. 29:1. Online publication date: 1-Jan-2024.

    https://doi.org/10.1007/s10664-023-10415-7

  • An G, Kwon M, Choi K, Yi J and Yoo S. (2023). BUGSC++: A Highly Usable Real World Defect Benchmark for C/C++ 2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE). 10.1109/ASE56229.2023.00208. 979-8-3503-2996-4. (2034-2037).

    https://ieeexplore.ieee.org/document/10298287/

  • He Y, Chen Z and Le Goues C. (2023). PreciseBugCollector: Extensible, Executable and Precise Bug-Fix Collection: Solution for Challenge 8: Automating Precise Data Collection for Code Snippets with Bugs, Fixes, Locations, and Types 2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE). 10.1109/ASE56229.2023.00163. 979-8-3503-2996-4. (1899-1910).

    https://ieeexplore.ieee.org/document/10298528/

  • Xu X, Zhu C and Li Y. (2023). Compsuite: A Dataset of Java Library Upgrade Incompatibility Issues 2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE). 10.1109/ASE56229.2023.00127. 979-8-3503-2996-4. (2098-2101).

    https://ieeexplore.ieee.org/document/10298386/

  • Wu Y, Jiang N, Pham H, Lutellier T, Davis J, Tan L, Babkin P and Shah S. How Effective Are Neural Networks for Fixing Security Vulnerabilities. Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis. (1282-1294).

    https://doi.org/10.1145/3597926.3598135