Applicability of the software security code metrics for Ethereum smart contract using solidity

Aboua Ange Kevin N'Da*, Santiago Matalonga, Keshav Dahal

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Citation (Scopus)
108 Downloads (Pure)

Abstract

The Ethereum blockchain allows, through software called smart contract, to automate the contract execution between multiple parties without requiring a trusted middle party. However, smart contracts are vulnerable to attacks. Tools and programming practices are available to support the development of secure smart contracts. These approaches are effective to mitigate the smart contract vulnerabilities, but the unsophisticated ecosystem of the smart contract prevents these approaches from being foolproof. Besides, the Blockchain immutability does not allow smart contracts deployed in the Blockchain to be updated. Thus, businesses and developers would develop new contracts if vulnerabilities were detected in their smart contracts deployed in Ethereum, which would imply new costs for the business. To support developers and businesses in the smart contract security decision makings, we investigate the applicability of the security code metric from non-blockchain into the smart contract domain. We use the Goal Question Metric (GQM) approach to analyze the applicability of these metrics into the smart contract domain based on metric construct and measurement. As a result, we found 15 security code metrics that can be applied to smart contract development.
Original languageEnglish
Title of host publicationThe International Conference on Deep Learning, Big Data and Blockchain, Deep-BDB 2021
EditorsIrfan Awan, Salima Benbernou, Muhammad Younas, Markus Aleksy
PublisherSpringer
Pages106-119
Number of pages14
ISBN (Print)9783030843366
DOIs
Publication statusPublished - 2022
Event2nd International Conference on Deep Learning, Big Data and Blockchain - Online
Duration: 23 Aug 202125 Aug 2021

Publication series

NameLecture Notes in Networks and Systems
Volume309
ISSN (Print)2367-3370
ISSN (Electronic)2367-3389

Conference

Conference2nd International Conference on Deep Learning, Big Data and Blockchain
Abbreviated titleDEEP-BDB 2021
Period23/08/2125/08/21

Keywords

  • blockchain
  • smart contract
  • empirical software engineering

Fingerprint

Dive into the research topics of 'Applicability of the software security code metrics for Ethereum smart contract using solidity'. Together they form a unique fingerprint.

Cite this