%0 Book Section %B Open Source Software: Mobile Open Source Technologies %D 2014 %T When Are OSS Developers More Likely to Introduce Vulnerable Code Changes? A Case Study %A Bosu, Amiangshu %A Carver, JeffreyC. %A Hafiz, Munawar %A Hilley, Patrick %A Janni, Derek %E Corral, Luis %E Sillitti, Alberto %E Succi, Giancarlo %E Vlasenko, Jelena %E Wasserman, AnthonyI. %K FOSS %K open source %K OSS %K security %K vulnerability %X We analyzed peer code review data of the Android Open Source Project (AOSP) to understand whether code changes that introduce security vulnerabilities, referred to as vulnerable code changes (VCC), occur at certain intervals. Using a systematic manual analysis process, we identified 60 VCCs. Our results suggest that AOSP developers were more likely to write VCCs prior to AOSP releases, while during the post-release period they wrote fewer VCCs. %B Open Source Software: Mobile Open Source Technologies %S IFIP Advances in Information and Communication Technology %I Springer Berlin Heidelberg %V 427 %P 234-236 %@ 978-3-642-55127-7 %U http://dx.doi.org/10.1007/978-3-642-55128-4_37 %R 10.1007/978-3-642-55128-4_37