Faculty & Research
Publications
Publications

Exploring the Relationship between Architecture Coupling and Software Vulnerabilities: A Google Chrome Case

By: Robert Lagerstrom, Carliss Y. Baldwin, Alan MacCormack, Dan Sturtevant and Lee Doolan
  • Format:Print
  • | Language:English
  • | Pages:12
ShareBar

Abstract

Employing software metrics, such as size and complexity, for predicting defects has been given a lot of attention over the years and has proven very useful. However, the few studies looking at software architecture and vulnerabilities are limited in scope and findings. We explore the relationship between software vulnerabilities and component metrics (like code churn and cyclomatic complexity) as well as architecture coupling metrics (direct, indirect, and cyclic coupling). Our case is based on the Google Chromium project, an open-source project that has not yet been studied for this topic. Our findings show a strong relationship between vulnerabilities and both component level metrics and architecture coupling metrics. Unfortunately, the effects of different types of coupling are somewhat hard to distinguish.

Keywords

Architecture; Coupling; Vulnerabilities; Software; Complexity; Measurement and Metrics

Citation

Lagerstrom, Robert, Carliss Y. Baldwin, Alan MacCormack, Dan Sturtevant, and Lee Doolan. "Exploring the Relationship between Architecture Coupling and Software Vulnerabilities: A Google Chrome Case." Harvard Business School Working Paper, No. 17-078, February 2017.

About The Authors

Carliss Y. Baldwin

More Publications

Alan D. MacCormack

Technology and Operations Management
More Publications

More from the Authors