Publications
Dissertation
P. Morrison “A Security Practices Evaluation Framework”, PhD thesis, North Carolina State University, in prep.
Conference Papers
Surveying Security Practice Adherence in Software Development
P. Morrison, B. Smith, L. Williams, “Surveying Security Practice Adherence in Software Development”, 4th Symposium and Bootcamp on the Science of Security (HotSoS), Hanover, MD, 2017
Veteran Developers’ Contributions and Motivations: An Open Source Perspective
P. Morrison, R. Pandita, E. Murphy-Hill, Anne McLaughlin, “Veteran Developers’ Contributions and Motivations: An Open Source Perspective”, IEEE Symposium on Visual Languages and Human-Centric Computing 2016, Cambridge, UK.
Challenges in the Practical Use of Vulnerability Prediction Models
P. Morrison, K. Herzig, B. Murphy, L. Williams, “Challenges in the Practical Use of Vulnerability Prediction Models ”, 2nd Symposium and Bootcamp on the Science of Security (HotSoS), Urbana- Champaign, IL, 2015
Approximating Attack Surfaces with Stack Traces
Chris Theisen, Kim Herzig, Pat Morrison, Brendan Murphy, and Laurie Williams, “Approximating Attack Surfaces with Stack Traces”, in Companion Proceedings of the 37th International Conference on Software Engineering. | PDF
Proposing Regulatory-Driven Automated Test Suite
Best Paper. P. Morrison, C. Holmgreen, A. Massey, L. Williams, “Proposing Regulatory-Driven Automated Test Suites”, Agile 2013, Nashville, TN, 2013 pp 11-21.
Workshop Papers
Measuring Security Practice Use: A Case Study at IBM
P. Morrison, B. Smith, L. Williams, “Measuring Security Practice Use: A Case Study at IBM”, Proceedings of the 5th International Workshop on Conducting Empirical Studies in Industry (CESI 2017), Buenos Aires, Argentina, 2017
A Security Practices Evaluation Framework
P. Morrison “A Security Practices Evaluation Framework”, Doctoral Symposium, International Conference on Software Engineering, Software Engineering in Practice track, Florence, Italy, 2015 pp. 935-938
Is Programming Knowledge Related to Age? An Exploration of StackOverflow
P. Morrison, E. Murphy-Hill, “Is Programming Knowledge Related to Age? An Exploration of StackOverflow”, 10th Working Conference on Mining Software Repositories, Mining Challenge Track, San Francisco, CA, 2013. Pp 69-72.
Proposing Regulatory-Driven Automated Test Suites for Electronic Health Record Systems
P. Morrison, L. Williams, C. Holmgreen, A. Massey, “Proposing Regulatory-Driven Automated Test Suites for Electronic Health Record Systems”, 3rd Workshop on Software Engineering in Health Care, International Conference on Software Engineering (ICSE) 2013, San Francisco, CA, 2013 pp. 46-49
Stat! – An Interactive Analytics Environment for Big Data
M. Barnett, B. Chandramouli, R. DeLine, S. Drucker, D. Fisher, J. Goldstein, J. Platt, P. Morrison, “Stat! – An Interactive Analytics Environment for Big Data”, ACM SIGMOD International Conference on Management of Data, New York, NY, June 2013 pp. 1013-1016
An Analysis of HIPAA Breach Data
P. Morrison, L. Williams, “An Analysis of HIPAA Breach Data”, HealthSec ’12 Proceedings of the 3rd USENIX conference on Health Security and Privacy, Bellevue, WA, 2012
The Credentials pattern
P. Morrison and E.B.Fernandez, “The Credentials pattern”, Proceedings of the 13th Conference on Pattern Languages of Programs, PLoP 2006, Portland, OR, October 21-23, 2006,
Securing the Broker pattern
P. Morrison and E.B.Fernandez, “Securing the Broker pattern”, Proceedings of the 11th European Conf. on Pattern Languages of Programs (EuroPLoP 2006), Irsee, Germany, July 5-9, 2006.
Book Chapters
The Credentials Pattern
P. Morrison, E.B. Fernandez, “The Credentials Pattern”, “Security Patterns in Practice: Designing Secure Architectures Using Software Patterns”, Wiley, 2013.
Securing the Broker pattern
P. Morrison and E.B.Fernandez, “Securing the Broker pattern”, “Security Patterns in Practice: Designing Secure Architectures Using Software Patterns”, Wiley, 2013.
Other
Model-Driven Architecture and the Secure Systems Methodology
P. Morrison, “Model-Driven Architecture and the Secure Systems Methodology”, Master’s Thesis, Florida Atlantic University, 2007
Work In Progress
Are Vulnerabilities Discovered and Resolved like Other Defects?
P. Morrison, R. Pandita, X. Xiao, R. Chillarege, L. Williams, “Are Vulnerabilities Discovered and Resolved like Other Defects?”, submitted to ‘Empirical Software Engineering’
A Systematic Mapping Study of Security Metrics for Software Development
P. Morrison, D. Moye, R. Pandita, L. Williams, “A Systematic Mapping Study of Security Metrics for Software Development”, in preparation for ‘Information and Software Technology’.