Empirical Software Engineering

Papers
(The median citation count of Empirical Software Engineering is 4. The table below lists those papers that are above that threshold based on CrossRef citation counts [max. 250 papers]. The publications cover those that have been published in the past four years, i.e., from 2022-06-01 to 2026-06-01.)
ArticleCitations
Introduction to the special issue on program comprehension104
TestEvoViz: visualizing genetically-based test coverage evolution88
Consensus task interaction trace recommender to guide developers’ software navigation88
Shaky structures: The wobbly world of causal graphs in software analytics80
Underproduction analysis of open source software71
The human experience of comprehending source code in virtual reality66
Security by documentation? characterizing GitHub SECURITY.md policy and their adoption in Python libraries55
The design space of lockfiles across package managers51
(In)Security of mobile apps in developing countries: a systematic literature review50
Seeing the invisible: test prioritization for object detection system45
Optimal priority assignment for real-time systems: a coevolution-based approach42
Can static analysis tools find more defects?41
Understanding the characteristics and the role of visual issue reports40
Fuzzing-based mutation testing of C/C++ software in cyber-physical systems40
Evaluating software user feedback classifier performance on unseen apps, datasets, and metadata39
An empirical study on the effectiveness of large language models for SATD identification and classification38
More than React: Investigating the Role of Emoji Reaction in GitHub Pull Requests38
Mitigating omitted variable bias in empirical software engineering37
On the adoption and effects of source code reuse on defect proneness and maintenance effort37
Does the first response matter for future contributions? A study of first contributions35
Bugs in machine learning-based systems: a faultload benchmark35
Evaluating few-shot and contrastive learning methods for code clone detection34
Toward effective secure code reviews: an empirical study of security-related coding weaknesses33
A study of documentation for software architecture33
The impact of the COVID-19 pandemic on women’s contribution to public code32
Automated test generation for Scratch programs32
Developers’ perception matters: machine learning to detect developer-sensitive smells32
Cross-status communication and project outcomes in OSS development32
Automatic prediction of rejected edits in Stack Overflow31
On the emergence of testing strategies: A socio-technical grounded theory30
The impact of class imbalance techniques on crashing fault residence prediction models30
BTLink : automatic link recovery between issues and commits based on pre-trained BERT model29
Evaluating the impact of flaky simulators on testing autonomous driving systems29
App review driven collaborative bug finding27
Deep learning techniques to detect cybersecurity attacks: a systematic mapping study26
Output format biases in the evaluation of large language models for code translation26
Maintaining shared understanding of non-functional requirements in small companies using continuous software engineering25
Towards cost-benefit evaluation for continuous software engineering activities24
Analyzing and mitigating (with LLMs) the security misconfigurations of Helm charts from Artifact Hub24
What causes exceptions in machine learning applications? Mining machine learning-related stack traces on Stack Overflow24
Testing the past: can we still run tests in past snapshots for Java projects?24
Collaboration failure analysis in cyber-physical system-of-systems using context fuzzy clustering24
Deep learning based identification of inconsistent method names: How far are we?24
The Influence of Code Comments on the Perceived Helpfulness of Stack Overflow Posts23
Smells in system user interactive tests23
A fine-grained taxonomy of code review feedback in TypeScript projects23
The effect of stereotypes on perceived competence of indigenous software practitioners: a study of dress style in professional photos22
Indentation and reading time: a randomized control trial on the differences between generated indented and non-indented if-statements22
An empirical study of untangling patterns of two-class dependency cycles22
AI support for data scientists: An empirical study on workflow and alternative code recommendations22
A grounded theory of community package maintenance organizations22
A Comprehensive Study of the Lifecycle of Dormant npm Packages21
How far are we with automated machine learning? characterization and challenges of AutoML toolkits21
On combining commit grouping and build skip prediction to reduce redundant continuous integration activity21
An empirical evaluation of a novel domain-specific language – modelling vehicle routing problems with Athos21
A configurable method for benchmarking scalability of cloud-native applications21
An empirical study of the impact of log parsers on the performance of log-based anomaly detection21
Why android app testing falls short: empirical insights from open-source projects and a practitioner survey20
JNFuzz-Droid: a lightweight fuzzing and taint analysis framework for native code of Android applications20
Code reviews in open source projects : how do gender biases affect participation and outcomes?19
How far are app secrets from being stolen? a case study on android19
Static detection of equivalent mutants in real-time model-based mutation testing19
Securing dependencies: A comprehensive study of Dependabot’s impact on vulnerability mitigation19
Scalable hierarchical protocol format inference via feature-heuristic message delimiter19
Quantifying adoption: A SEM study of quantum software technology in software development18
Real world projects, real faults: evaluating spectrum based fault localization techniques on Python projects18
Experimental comparison of features, analyses, and classifiers for Android malware detection18
Understanding practitioners’ reasoning and requirements for efficient tool support in technical debt management18
Advantages and disadvantages of (dedicated) model transformation languages18
The well-being of software engineers: a systematic literature review and a theory17
Lightweight dynamic build batching algorithms for continuous integration17
Patterns of multi-container composition for service orchestration with Docker Compose17
A large-scale empirical study of commit message generation: models, datasets and evaluation17
A metrics-based approach for selecting among various refactoring candidates17
Systematic Evaluation of Deep Learning Models for Log-based Failure Prediction16
An empirical study on the potential of word embedding techniques in bug report management tasks16
ContractFull: a rapid and comprehensive static analysis tool for Ethereum smart contracts16
Engineering recommender systems for modelling languages: concept, tool and evaluation16
Validation of an analyzability model for quantum software: a family of experiments16
Local software buildability across Java versions16
Language usage analysis for EMF metamodels on GitHub15
LineFlowDP: A Deep Learning-Based Two-Phase Approach for Line-Level Defect Prediction15
Common challenges of deep reinforcement learning applications development: an empirical study15
Enhanced SQL error messages facilitate faster error fixing15
Software testing in the machine learning era15
Mastering uncertainty in performance estimations of configurable software systems15
What kinds of contracts do ML APIs need?15
What really changes when developers intend to improve their source code: a commit-level study of static metric value and static analysis warning changes15
Securing LLM-in-the-loop software for empirical study of risks, mitigations, and utility trade-offs in a safety-critical case15
Tools and benchmarks evolve: what is their impact on parameter tuning in SBSE experiments?15
Software product line testing: a systematic literature review15
OpTrans: enhancing binary code similarity detection with function inlining re-optimization14
On the Investigation of Empirical Contradictions - Aggregated Results of Local Studies on Readability and Comprehensibility of Source Code14
Comparing effectiveness and efficiency of Interactive Application Security Testing (IAST) and Runtime Application Self-Protection (RASP) tools in a large java-based system14
RAG-Driven multiple assertions generation with large language models14
When less is more: on the value of “co-training” for semi-supervised software defect predictors14
Can the configuration of static analyses make resolving security vulnerabilities more effective? - A user study14
Semantic matching in GUI test reuse14
Prioritizing test cases for deep learning-based video classifiers14
Test smells 20 years later: detectability, validity, and reliability14
An investigation of online and offline learning models for online Just-in-Time Software Defect Prediction14
Preface to the Special Issue on Security Testing for Complex Software Systems Special Issue 1239 Editorial14
Is GitHub’s Copilot as bad as humans at introducing vulnerabilities in code?14
DRECT: A search-based developer recommendation approach for software crowdsourcing platforms14
Exploring the black box: analysing explainable AI challenges and best practices through stack exchange discussions13
Challenges and practices of deep learning model reengineering: A case study on computer vision13
Program transformation landscapes for automated program modification using Gin13
Classifier or prompt: A case study on legal requirements traceability13
Test schedule generation for acceptance testing of mission-critical satellite systems13
Meta-enhanced code: leveraging structural and functional features for precise cross-modal code search13
Defect prediction using deep learning with Network Portrait Divergence for software evolution13
Toward granular search-based automatic unit test case generation13
SmartFast: an accurate and robust formal analysis tool for Ethereum smart contracts13
Applying bayesian data analysis for causal inference about requirements quality: a controlled experiment13
Semantically-enhanced topic recommendation systems for software projects13
Towards understanding the challenges of bug localization in deep learning systems13
Correction to: Examining ownership models in software teams13
Studying the explanations for the automated prediction of bug and non-bug issues using LIME and SHAP13
Measuring SES-related traits relating to technology usage: Two validated surveys13
Which design decisions in AI-enabled mobile applications contribute to greener AI?13
An exploratory study on fine-tuning large language models for secure code generation13
An empirical study of testing practices in open source AI agent frameworks and agentic applications13
On the spread and evolution of dead methods in Java desktop applications: an exploratory study12
On detection latencies of network intrusion detectors – discussion and application12
DDImage: an image reduction based approach for automatically explaining black-box classifiers12
A zero-shot framework for cross-project vulnerability detection in source code12
A multi-model framework for semantically enhancing detection of quality-related bug report descriptions12
CsmithEdge: more effective compiler testing by handling undefined behaviour less conservatively11
What have we learned? A conceptual framework on New Zealand software professionals and companies’ response to COVID-1911
Experimental Evaluation of a Checklist-Based Inspection Technique to Verify the Compliance of Software Systems with the Brazilian General Data Protection Law11
Automated detection of algorithm debt in deep learning frameworks: an empirical study11
Implicit security requirements classification with large language models using the OWASP application security verification standard: a shift-left approach11
Fixing Dockerfile smells: an empirical study11
CyberSAGE: The cyber security argument graph evaluation tool11
Identifying performance-sensitive configurations in software systems with LLM-based agents11
Modeling function-level interactions for file-level bug localization11
Styler: learning formatting conventions to repair Checkstyle violations11
KPIRoot+: An efficient integrated framework for anomaly detection and root cause analysis in large-scale cloud systems11
Unveiling overlooked performance variance in serverless computing11
Demystifying API misuses in deep learning applications11
When uncertainty leads to unsafety: Empirical insights into the role of uncertainty in unmanned aerial vehicle safety11
APR4Vul: an empirical study of automatic program repair techniques on real-world Java vulnerabilities11
Seeing confusion through a new lens: on the impact of atoms of confusion on novices’ code comprehension11
A controlled experiment on the impact of microtasking on programming11
A fine-grained evaluation of mutation operators to boost mutation testing for deep learning systems11
A fine-grained data set and analysis of tangling in bug fixing commits11
How challenging it is to identify real code authors: an empirical study11
Static analysis driven enhancements for comprehension in machine learning notebooks11
Learning to Predict Code Review Completion Time In Modern Code Review11
Cross-project defect prediction via semantic and syntactic encoding11
Towards automatic labeling of exception handling bugs: A case study of 10 years bug-fixing in Apache Hadoop11
Understanding and effectively mitigating code review anxiety10
Investigating cross-market android apps: Security, protection, and components10
Studying differentiated code to support smart contract update10
Explainable automated debugging via large language model-driven scientific debugging10
From guidelines to practice: assessing Android app developer compliance with google’s security recommendations10
A qualitative study of developers’ discussions of their problems and joys during the early COVID-19 months10
Navigating fairness: practitioners’ understanding, challenges, and strategies in AI/ML development10
Model vs system level testing of autonomous driving systems: a replication and extension study10
Automatic bi-modal question title generation for Stack Overflow with prompt learning10
Agile software development one year into the COVID-19 pandemic10
Predicting merge conflicts considering social and technical assets10
Detecting data manipulation errors in android applications using scene-guided exploration10
Towards understanding quality challenges of the federated learning for neural networks: a first look from the lens of robustness10
ComPass: Contrastive Learning for Automated Patch Correctness Assessment in Program Repair10
Story points changes in agile iterative development10
Studying the characteristics of AIOps projects on GitHub10
Assessing the exposure of software changes10
Detecting API compatibility issues of android applications based on screen transition graphs10
Empirically evaluating flaky test detection techniques combining test case rerunning and machine learning models10
Transformer-based code model with compressed hierarchy representation10
Silent bugs in deep learning frameworks: an empirical study of Keras and TensorFlow10
A qualitative study on refactorings induced by code review10
Refactoring practices in the context of data-intensive systems10
An empirical study on developers’ shared conversations with ChatGPT in GitHub pull requests and issues10
Hyperfuzzing: black-box security hypertesting with a grey-box fuzzer9
Can search-based testing with pareto optimization effectively cover failure-revealing test inputs?9
An empirical study of the systemic and technical migration towards microservices9
Decoupling in AI ethics: Learning how to walk the talk9
GenCode: A generic data augmentation framework for boosting deep learning-based code understanding9
What characteristics make ChatGPT effective for software issue resolution? An empirical study of task, project, and conversational signals in GitHub issues9
IRJIT: A simple, online, information retrieval approach for just-in-time software defect prediction9
How programmers find online learning resources9
Understanding refactorings in Elixir functional language9
On the assignment of commits to releases9
Can generative AI bridge the gap? A quasi-experimental study of non-programmers with AI vs. programmers without AI9
An efficient model maintenance approach for MLOps9
Developers and generative AI: A study of self-admitted usage in open source projects9
Leveraging large language models for sentiment analysis in GitHub pull request discussions9
The whos, whats, and whys of issues related to personal data and data protection in open-source projects on GitHub9
Peer-aided repairer: empowering large language models to repair advanced student assignments9
Software selection in large-scale software engineering: A model and criteria based on interactive rapid reviews9
“What really happened to my models?” Extending co-evolution with cross-layer traceability in metamodel-model histories9
Evaluating pre-trained models for user feedback analysis in software engineering: a study on classification of app-reviews9
Extracting enhanced artificial intelligence model metadata from software repositories9
Industrial adoption of machine learning techniques for early identification of invalid bug reports9
Come for syntax, stay for speed, write secure code: an empirical study of security weaknesses in Julia programs9
Toward a theory on programmer’s block inspired by writer’s block9
Correction to: Why do companies create and how do they succeed with a vendor-led open source foundation9
CMF-Vul: Advancing automated vulnerability detection via contrastive multimodal fusion and challenge-driven representation learning9
Investigating user feedback from a crowd in requirements management in software ecosystems8
Machine learning-based test smell detection8
Multi-granular software annotation using file-level weak labelling8
A comprehensive study of machine learning techniques for log-based anomaly detection8
ROBUST: 221 bugs in the Robot Operating System8
A multi-objective effort-aware approach for early code review prediction and prioritization8
On the suitability of hugging face hub for empirical studies8
Continuance use of AI coding assistants among South Korean Industry Developers: A survey case study with large language models8
Software reconfiguration in robotics8
What makes a code review useful to OpenDev developers? An empirical investigation8
Quality issues in machine learning software systems8
Deep learning approaches for bad smell detection: a systematic literature review8
Correction to: Utilization of pre-trained language models for adapter-based knowledge transfer in software engineering8
Improving hardware/software interface management in systems of systems through documentation as code8
On the acceptance by code reviewers of candidate security patches suggested by Automated Program Repair tools8
A longitudinal explanatory case study of coordination in a very large development programme: the impact of transitioning from a first- to a second-generation large-scale agile development method8
Quantum circuit mutants: Empirical analysis and recommendations8
The making of accessible Android applications: an empirical study on the state of the practice8
Correction to: Advantages and disadvantages of (dedicated) model transformation languages8
Does code review speed matter for practitioners?8
SparseCoder: Advancing source code analysis with sparse attention and learned token pruning8
Automated detection, categorisation and developers’ experience with the violations of honesty in mobile apps8
“I see models being a whole other thing”: an empirical study of pre-trained model naming conventions and a tool for enhancing naming consistency8
Bringing it home: successful backsourcing of software development in the public sector8
A multi-language perspective on the robustness of LLM code generation8
Ethics in AI through the practitioner’s view: a grounded theory literature review8
Just-in-Time crash prediction for mobile apps8
WIA-SZZ: Work item aware SZZ8
Peer code review in research software development: The research software engineer perspective7
Less is more: usefulness of data flow diagrams and large language models for security threat validation7
Guiding principles for mixed methods research in software engineering7
A systematic review on smart contracts security design patterns7
eBPF-Guard: a detection method for container escape via multi-level monitoring and enhanced analysis model7
Opportunities and security risks of technical leverage: A replication study on the NPM ecosystem7
An eye tracking study assessing source code readability rules for program comprehension7
Integrating human values in software development using a human values dashboard7
Immutable in principle, upgradeable by design: exploratory study of smart contract upgradeability7
LegiCode: A blockchain-legal LLM framework for real-time compliance in smart contract generation7
The role of psychological safety in promoting software quality in agile teams7
Cross-project defect prediction based on transfer graph convolutional network7
Predicting Post-release Defects with Knowledge Units (KUs) of Programming Languages: An Empirical Study7
Investigating developers’ perception on software testability and its effects7
Do I really need all this work to find vulnerabilities?7
Developer discussion topics on the adoption and barriers of low code software development platforms7
Technical leverage analysis in the Python ecosystem7
Design smells in multi-language systems and bug-proneness: a survival analysis7
Vulnerabilities in infrastructure as code: what, how many, and who?7
MPDA: a data augmentation approach to improve deep learning for software vulnerability detection7
Detection, classification and prevalence of self-admitted aging debt7
Detecting outdated code element references in software repository documentation7
0.71241188049316