Analysis of IT Security aspects in Open Source Software Development
Betreuer/inProf. Dr. Oliver Hinz
ProfessorProf. Dr. Oliver Hinz
Starttermin ab sofort
KurzbeschreibungScope of the thesis depends on type of work (Bachelor- or Masterthesis) The goal of this thesis is to find out more about the economic impact of IT Security issues on developed open source software. As a first step a SourceForge database analysis should deliver necessary data to get a deeper knowledge into the relation of IT Security issues during software development and their impact on the developed product and its maintenance. Exemplary variables to retrieve are security bugs, security feature requests, etc. Also a comparison of developed software and vulnerability databases could provide valuable insights. In this thesis security relevant information should be retrieved from the SourceForge database and their impact on the development process and the deployment should be analyzed. Questions to analyze include: Are relations detectable between security issues and product usage, upgrades and extension mechanisms? Are security relevant trends detectable in development processes? Are there significant differences traceable between different kinds of software? Etc.

Thorough research on open source development and IT Security
Analyze the SourceForge database
Implement a mechanism to retrieve relevant data
Scientifically justify your procedure
Analyze the data and draw conclusions

High motivation and creativity
Good knowledge of and interest in IT Security
Good programing skills
Good experience with reading research papers
EinstiegsliteraturKevin Crowston, Kangning Wei, James Howison, and Andrea Wiggins. 2008. Free/Libre open-source software development: What we know and what we do not know. ACM Comput. Surv. 44, 2, Article 7 (March 2008).
Flore Barcellini, Françoise Détienne, Jean-Marie Burkhardt, and Warren Sack. 2008. A socio-cognitive analysis of online design discussions in an Open Source Software community. Interact. Comput. 20, 1 (January 2008), 141-165.
Eric von Hippel and Georg von Krogh. 2003. Open Source Software and the "Private-Collective" Innovation Model: Issues for Organization Science. Organization Science 14, 2 (March 2003), 209-223.
Walt Scacchi, Thomas A. Alspaugh. Processes in Securing Open Architecture Software Systems, Proc. 2013 Intern. Conf. Software and System Processes, May 2013, San Francisco, CA.