Applicability of the software Security code metrics for Ethereum smart contract using Solidity

Aboua Ange Kevin N'Da*, Santiago Matalonga, Keshav Dahal

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

11 Downloads (Pure)

Abstract

The Ethereum blockchain allows, through software called smart con-tract, to automate the contract execution between multiple parties with-out requiring a trusted middle party. However, smart contracts are vul-nerable to attacks. Tools and programming practices are available to support the development of secure smart contracts. These approaches are effective to mitigate the smart contract vulnerabilities, but the unso-phisticated ecosystem of the smart contract prevents these approaches from being foolproof. Besides, the Blockchain immutability does not allow smart contracts deployed in the Blockchain to be updated. Thus, businesses and developers would develop new contracts if vulnerabili-ties were detected in their smart contracts deployed in Ethereum, which would imply new costs for the business. To support developers and businesses in the smart contract security decision makings, we investi-gate the applicability of the security code metric from non-blockchain into the smart contract domain. We use the Goal Question Metric (GQM) approach to analyze the applicability of these metrics into the smart contract domain based on metric construct and measurement. As a result, we found 15 security code metrics that can be applied to smart contract development.
Original languageEnglish
Title of host publication2021 International Conference on Deep Learning, Big Data and Blockchain (DEEP-BDB)
Publication statusAccepted/In press - 24 May 2021
Event2nd International Conference on Deep Learning, Big Data and Blockchain - Online
Duration: 23 Aug 202125 Aug 2021

Conference

Conference2nd International Conference on Deep Learning, Big Data and Blockchain
Abbreviated titleDEEP-BDB 2021
Period23/08/2125/08/21

Keywords

  • blockchain
  • smart contract
  • empirical software engineering

Fingerprint

Dive into the research topics of 'Applicability of the software Security code metrics for Ethereum smart contract using Solidity'. Together they form a unique fingerprint.

Cite this