DeepAI AI Chat
Log In Sign Up

A Grounded Theory of the Role of Coordination in Software Security Patch Management

by   Nesara Dissanayake, et al.
The University of Adelaide

Several disastrous security attacks can be attributed to delays in patching software vulnerabilities. While researchers and practitioners have paid significant attention to automate vulnerabilities identification and patch development activities of software security patch management, there has been relatively little effort dedicated to gain an in-depth understanding of the socio-technical aspects, e.g., coordination of interdependent activities of the patching process and patching decisions, that may cause delays in applying security patches. We report on a Grounded Theory study of the role of coordination in security patch management. The reported theory consists of four inter-related dimensions, i.e., causes, breakdowns, constraints, and mechanisms. The theory explains the causes that define the need for coordination among interdependent software and hardware components and multiple stakeholders' decisions, the constraints that can negatively impact coordination, the breakdowns in coordination, and the potential corrective measures. This study provides potentially useful insights for researchers and practitioners who can carefully consider the needs of and devise suitable solutions for supporting the coordination of interdependencies involved in security patch management.


page 1

page 2

page 3

page 4


An Empirical Study of Automation in Software Security Patch Management

Several studies have shown that automated support for different activiti...

A Case Study on Software Vulnerability Coordination

Context: Coordination is a fundamental tenet of software engineering. Co...

Enacting Coordination Processes

With the rise of data-centric process management paradigms, interdepende...

Coordination Technology for Active Support Networks: Context, Needfinding, and Design

Coordination is a key problem for addressing goal-action gaps in many hu...

Understanding confounding effects in linguistic coordination: an information-theoretic approach

We suggest an information-theoretic approach for measuring stylistic coo...