A Decade of Reoccurring Software Weaknesses.

The Common Weakness Enumeration (CWE) community publishes an aggregate metric to calculate the 'Most Dangerous Software Errors.' However, the used equation highly biases frequency over exploitability and impact. We provide a metric to mitigate this bias and discuss the most significant software weaknesses over the last ten years.

Cyber-Physical Human Systems: Putting People in the Loop.

This article outlines the challenge to understand how to integrate people into a new generation of cyber-physical-human systems (CPHSs) and proposes a human service capability description model to help.

Defeating Buffer Overflow: A Trivial but Dangerous Bug.

The C programming language was invented more than 40 years ago. It is infamous for buffer overflows. We have learned a lot about computer science, language design, and software engineering since then. Because it is unlikely that we will stop using C any time soon, we present some ways to deal with BOF. Many of these techniques are also useful for other programing languages and other classes of vulnerabilities.