By Jeffrey Day
Raúl Aranovich, an associate professor of linguistics at UC Davis, is using his knowledge of language structure and theory on a project to identify programmers most likely to write vulnerable code.
“There’s this big debate whether an author leaves a quantitative fingerprint on his or her work. It could be from things like average sentence length or how many adverbs you include in your writing or your speech,” Aranovich said.
“We are looking at open-source software communities where developers collaborate online. Because all collaboration is online there’s a lot of language involved, and also a lot of code that’s being exchanged. We’re trying to see what the social dynamics of programmers are around their style for coding and their linguistic style. Once we identify these linguistic profiles within the group and we understand the group dynamics then we can find which programmers are more prone to writing vulnerable code.”