Measuring security development in information technologies (with D. Percia David, W. Lacube, S. Gillard, T. Maillart, A. Mermoud, and M. Tsesmelis)

We study security-development patterns in computer-science technologies through (i) the security attention among technologies, (ii) the relation between technological change and security development, and (iii) the effect of opinion on security development. We perform a scientometric analysis on arXiv e-prints (𝑛 = 340,569) related to 20 computer-science technology categories. Our contribution is threefold. First, we characterize both processes of technological change and security development: while most technologies follow a logistic-growth process, the security development follows an AR(1) process or a random walk with positive drift. Moreover, over the lifetime of computer-science technologies, the security development surges at a late stage. Second, we document no relation between the technological change and the security development. Third, we identify an inverse relation between security attention and experts’ opinion. Along with these results, we introduce new methods for modeling security-development patterns for broader sets of technologies.