Working Paper | HBS Working Paper Series | 2017

Exploring the Relationship between Architecture Coupling and Software Vulnerabilities: A Google Chrome Case

by Robert Lagerstrom, Carliss Y. Baldwin, Alan MacCormack, Dan Sturtevant and Lee Doolan

Abstract

Employing software metrics, such as size and complexity, for predicting defects has been given a lot of attention over the years and has proven very useful. However, the few studies looking at software architecture and vulnerabilities are limited in scope and findings. We explore the relationship between software vulnerabilities and component metrics (like code churn and cyclomatic complexity) as well as architecture coupling metrics (direct, indirect, and cyclic coupling). Our case is based on the Google Chromium project, an open-source project that has not yet been studied for this topic. Our findings show a strong relationship between vulnerabilities and both component level metrics and architecture coupling metrics. Unfortunately, the effects of different types of coupling are somewhat hard to distinguish.

Keywords: software; architecture; complexity; coupling; vulnerabilities; Software; Complexity; Measurement and Metrics;

Language: English Format: Print 12 pages Read Now

Citation:

Lagerstrom, Robert, Carliss Y. Baldwin, Alan MacCormack, Dan Sturtevant, and Lee Doolan. "Exploring the Relationship between Architecture Coupling and Software Vulnerabilities: A Google Chrome Case." Harvard Business School Working Paper, No. 17-078, February 2017.

About the Authors

Photo
Carliss Y. Baldwin
William L. White Professor of Business Administration, Emerita

View Profile »
View Publications »

 
Photo
Alan D. MacCormack
MBA Class of 1949 Adjunct Professor of Business Administration
Technology and Operations Management

View Profile »
View Publications »

 
Campus Map
Campus Map
Harvard Business School
Soldiers Field
Boston, MA 02163
Map & Directions
Copyright © President & Fellows of Harvard College