Laurie Williams

Laurie's Google Scholar profile
Laurie's DBLP page

2020

Mahdavi-Hazaveh, R., Dremann, J., and Williams, L. : "Software Development with Feature Toggles: Practices Used by Practitioners", Empirical Software Engineering journal, to appear.
Rahman, A., Parnin, C., and Williams, L. "Security Smells in Ansible and Chef Scripts: A Replication Study", ACM Transactions on Software Engineering (TOSEM), to appear.
Rahman, R., Mahdavi-Hazaveh, R., and Williams, L. : A Literature Review on Mining Cyberthreat Intelligence from Unstructured Texts, Workshop on Deep Learning for Cyber Threat Intelligence (DL-CTI) at IEEE International Conference on Data Mining (ICDM'20), to appear
Rahman, A., Farhana, E., and Williams, L. : The 'as Code' Activities: Development Anti-patterns for Infrastructure as Code, Empirical Software Engineering journal, 25, pp. 3430- 3467, 2020
Hui Guo, Ozgur Kafali, Anne-Liz Jeukeng, Laurie Williams, Munindar P. Singh: Çorba: crowdsourcing to obtain requirements from regulations and breaches. Empirical Software Engineering 25(1): 532-561 (2020)
Christopher Theisen, Laurie Williams: Better together: Comparing vulnerability prediction models. Inf. Softw. Technol. 119 (2020)
Mehdi Mirakhorli, Matthias Galster, Laurie Williams: Understanding Software Security from Design to Deployment. ACM SIGSOFT Software Engineering Notes 45(2): 25-26 (2020)
Rahman, A., Farhana, E., Parnin, C., Laurie Williams: Gang of Eight: A Defect Taxonomy for Infrastructure as Code Scripts, International Conference on Software Engineering (ICSE) 2020, Seoul, South Korea
Rahman, R., Enck, W., Williams, L., : Do Configuration Management Tools Make Systems More Secure? An Empirical Research Plan, HotSoS 2020 Poster, Lawrenceville, KS
Williams, L. at al., Continuous Deployment Transitions at Scale, in Tools and Techniques for Software Development in Large Organizations: Emerging Research and Opportunities, Vishnu Pendyala, ed. IGI Global, 2020.

2019

Laurie Williams: Science Leaves Clues. IEEE Secur. Priv. 17(5): 4-6 (2019)
Inger Anne Tøndel, Martin Gilje Jaatun, Daniela Soares Cruzes, Laurie Williams: Collaborative security risk estimation in agile software development. Inf. Comput. Secur. 27(4) (2019)
Akond Rahman, Rezvan Mahdavi-Hezaveh, Laurie Williams: A systematic mapping study of infrastructure as code research. Inf. Softw. Technol. 108: 65-77 (2019)
Akond Rahman, Laurie Williams: Source code properties of defective infrastructure as code scripts. Inf. Softw. Technol. 112: 148-163 (2019)
Nuthan Munaiah, Akond Rahman, Justin Pelletier, Laurie Williams, Andrew Meneely: Characterizing Attacker Behavior in a Cybersecurity Penetration Testing Competition. ESEM 2019: 1-6
Akond Rahman, Laurie Williams: A bird's eye view of knowledge needs related to penetration testing. HotSoS 2019: 9:1-9:2
Nasif Imtiaz, Laurie Williams: A synopsis of static analysis alerts on open source software. HotSoS 2019: 12:1-12:3
Akond Rahman, Chris Parnin, Laurie Williams: The seven sins: security smells in infrastructure as code scripts. ICSE 2019: 164-175 ACM Distinguished Paper
Md. Rayhanur Rahman, Akond Rahman, Laurie Williams: Share, But be Aware: Security Smells in Python Gists. ICSME 2019: 536-540
Nasif Imtiaz, Brendan Murphy, Laurie Williams: How Do Developers Act on Static Analysis Alerts? An Empirical Study of Coverity Usage. ISSRE 2019: 323-333
Nasif Imtiaz, Akond Rahman, Effat Farhana, Laurie Williams: Challenges with responding to static analysis tool alerts. MSR 2019: 245-249
Rui Shu, Tianpei Xia, Laurie Williams, Tim Menzies: Better Security Bug Report Classification via Hyperparameter Optimization. CoRR abs/1905.06872 (2019)
Rezvan Mahdavi-Hezaveh, Jacob Dremann, Laurie Williams: Feature Toggle Driven Development: Practices usedby Practitioners. CoRR abs/1907.06157 (2019)
Akond Rahman, Md. Rayhanur Rahman, Chris Parnin, Laurie Williams: Security Smells in Infrastructure as Code Scripts. CoRR abs/1907.07159 (2019)
Rui Shu, Tianpei Xia, Jianfeng Chen, Laurie Williams, Tim Menzies: Improved Recognition of Security Bugs via Dual Hyperparameter Optimization. CoRR abs/1911.02476 (2019)

2018

Patrick Morrison, Rahul Pandita, Xusheng Xiao, Ram Chillarege, Laurie Williams: Are vulnerabilities discovered and resolved like other defects? Empirical Software Engineering 23(3): 1383-1421 (2018)
Morrison, P., Moye, D., Pandita, R., Williams, L. Mapping the Field of Software Development Security Metrics, Information and Software Technology, Vol 102, October 2018, pp. 146-159, https://doi.org/10.1016/j.infsof.2018.05.011.
Christopher Theisen, Nuthan Munaiah, Mahran Al-Zyoud, Jeffrey C. Carver, Andrew Meneely, Laurie Williams: Attack surface definitions: A systematic literature review. Inf. Softw. Technol. 104: 94-103 (2018)
Laurie Williams, Gary McGraw, Sammy Migues: Engineering Security Vulnerability Prevention, Detection, and Response. IEEE Softw. 35(5): 76-80 (2018)
Nuthan Munaiah, Akond Rahman, Justin Pelletier, Laurie Williams, Andrew Meneely: Characterizing Attacker Behavior in a Cybersecurity Penetration Testing Competition. ESEM 2019: 1-6
Sarah Elder, Anna Mattapallil, Laurie Williams: A comparative analysis of manual methods for analyzing security requirements in regulatory documents: POSTER. HotSoS 2018: 13:1
Christopher Theisen, Laurie Williams: How bad is it, really? an analysis of severity scores for vulnerabilities: poster. HotSoS 2018: 20:1
Hui Guo, Özgür Kafali, Anne-Liz Jeukeng, Laurie Williams, Munindar P. Singh: Toward extraction of security requirements from text: poster. HotSoS 2018: 27:1
Akond Rahman, Asif Partho, Patrick Morrison, Laurie Williams: What questions do programmers ask about configuration as code? RCoSE@ICSE 2018: 16-22
Akond Rahman, Jonathan Stallings, Laurie Williams: Defect prediction metrics for infrastructure as code scripts in DevOps. ICSE (Companion Volume) 2018: 414-415
Patrick Morrison, Tosin Daniel Oyetoyan, Laurie Williams: Identifying security issues in software development: are keywords enough? ICSE (Companion Volume) 2018: 426-427
Akond Rahman, Laurie Williams: Characterizing Defective Configuration Scripts Used for Continuous Deployment. ICST 2018: 34-45
Christopher Theisen, Hyunwoo Sohn, Dawson Tripp, Laurie Williams: BP: Profiling Vulnerabilities on the Attack Surface. SecDev 2018: 110-119
Akond Rahman, Rezvan Mahdavi-Hezaveh, Laurie Williams: Where Are The Gaps? A Systematic Mapping Study of Infrastructure as Code Research. CoRR abs/1807.04872 (2018)
Akond Rahman, Sarah Elder, Faysal Hossain Shezan, Vanessa Frost, Jonathan Stallings, Laurie Williams: Categorizing Defects in Infrastructure as Code. CoRR abs/1809.07937 (2018)
Akond Rahman, Laurie Williams: Source Code Properties of Defective Infrastructure as Code Scripts. CoRR abs/1810.09605 (2018)

2017

Kevic, K., C., Murphy, Williams, L., Beckman, J., Characterizing Experimentation in Continuous Deployment: A Case Study on Bing, International Conference on Software Engineering (ICSE) Software Engineering in Practice (SEIP) 2017, Buenos Aires, Argentina, DOI: 10.1109/ICSE-SEIP.2017.19.

Rahman, A., Partho, A., Meder, D., and Williams, L., Which Factors Influence Usage of Build Automation Tools? International Conference on Software Engineering (ICSE), 3rd International Workshop on Rapid Continuous Software Engineering (RCoSE) 2017, Buenos Aires, Argentina, pp. 20-26.
Parnin, C., Helms, E, Atlee, C., Boughton, H., Ghattas, M., Glover, A., Holman, J., Micco, J., Murphy, B., Savor, T., Stumm, M., Whitaker, S., Williams, L., Top 10 Adages in Continuous Deployment, IEEE Software, Vol. 34, Issue 3, May-June 2017, pp. 86 - 95.
Kafali, O., Jones, J., Petruso, M., Williams, L. and Singh, M., How Good is a Security Policy against Real Breaches? A HIPAA Case Study, International Conference on Software Engineering (ICSE) 2017, Buenos Aires, Argentina, DOI: 10.1109/ICSE.2017.55.
Theisen, C., Murphy, B., Kerzig, K., Williams, L., Risk-Based Attack Surface Approximation: How Much Data is Enough?, International Conference on Software Engineering (ICSE) Software Engineering in Practice (SEIP) 2017, Buenos Aires, Argentina, DOI: 10.1109/ICSE-SEIP.2017.9.
King, J., Stallings, J., Riaz, M., and Williams, L., To Log, or Not to Log: Using Heuristics to Identify Mandatory Log Events – A Controlled Experiment, Empirical Software Engineering, doi:10.1007/s10664-016-9449-1, October 2017, Volume 22, Issue 5, pp 2684–2717.
Christopher Theisen, Marcel Dunaiski, Laurie Williams, Willem Visser: Software Engineering Research at the International Conference on Software Engineering in 2016. ACM SIGSOFT Software Engineering Notes 42(4): 1-7 (2017).
Maria Riaz, Jason Tyler King, John Slankas, Laurie Williams, Fabio Massacci, Christian Quesada-López, Marcelo Jenkins:, Identifying the Implied: Findings from Three Differentiated Replications on the Use of Security Requirements Templates, Empirical Software Engineering, 10.1007/s10664-016-9481-1, August 2017, Volume 22, Issue 4, pp 2127-2178.
Morrison, P. and Williams, L., Surveying Security Practice use in Software Development, Symposium and Bootcamp on the Science of Security (HotSoS) 2017, Hanover, MD, pp. 85-94.
Burcham, M., Al-Zyoud, M., Carver, J., Alsaleh, M., Du, H., Gilani, F., Jiang, J., Rahman, A., Kafali, O., Al-Shaer, E., Williams, L., Characterizing Scientific Reporting in Security Literature: An analysis of ACM CCS and IEEE S&P Paper, Symposium and Bootcamp on the Science of Security (HotSoS) 2017, Hanover, MD, pp. 13-23.
Morrison, P. and Williams, L., Measuring Security Practice Use: A Case Study At IBM, 3rd International Workshop on Rapid Continuous Software Engineering (RCoSE) 2017, 5th International Workshop on Conducting empirical studies in industry (CESI) 2017, Buenos Aires, Argentina, DOI: 10.1109/CESI.2017.4
Rahman, A., Pradhan, P., Partho, A., and Williams, L., Predicting Android Application Security and Privacy Risk With Static Code Metrics, Short paper, 4th IEEE/ACM International Conference on Mobile Software Engineering and Systems (MobileSoft) 2017, Buenos Aires, Argentina, DOI: 10.1109/MOBILESoft.2017.14.
Rahul Pandita, Raoul Jetley, Sithu D. Sudarsan, Tim Menzies, Laurie Williams: TMAP: Discovering relevant API methods through text mining of API documentation. J. Softw. Evol. Process. 29(12) (2017)
Christopher Theisen, Ted Zhu, Kevin Oliver, Laurie Williams: Teaching Secure Software Development Through an Online Course. SecSE@ESORICS 2017: 19-33
Christopher Theisen, Marcel Dunaiski, Laurie A. Williams, Willem Visser: Writing good software engineering research papers: revisited. ICSE (Companion Volume) 2017: 402

2016

Best Paper, Savor, T., Douglas, M., Gentili, M., Williams, L., Beck, K., Stumm, M., Continuous Deployment at Facebook and OANDA, International Conference on Software Engineering (ICSE 2016) Software Engineering in Practice, Austin, TX, Companion pp. 21-30.
Rahman, A. and Williams, L., Security in DevOps: Synthesizing Practitioners Perceptions and Practices, International Workshop on Continuous Software Evolution and Delivery at the International Conference on Software Engineering (ICSE) 2016, Austin, TX, DOI: 10.1109/CSED.2016.021.
Riaz, M., Stallings, J., Singh, M., Slankas, J., and Williams, L., DIGS: A Framework for Discovering Goals for Security Requirements Engineering, International Symposium on Empirical Software Engineering and Measurement (ESEM) 2016, Ciudad Real, Spain, Article 35
Kafali, O., Singh, M., Williams, L. NANE: Identifying Misuse Cases Using Temporal Norm Enactments, International Conference on Requirements Engineering (RE 2016), Beijing, China, DOI: 10.1109/RE.2016.34.
Theisen, C., Williams, L., Oliver, K., and Murphy-Hill, E. Software Security Education at Scale, International Conference on Software Engineering (ICSE) Software Engineering Education and Training (SEET) track 2016, Austin, TX, 2016.
Riaz, M., Elder, S., and Williams, L., Prevention, Detection, and Response Patterns of Security Requirements, at Third International Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE) at Requirements Engineering (RE) 2016, DOI 10.1109/REW.2016.025.
Carver, J., Burcham, M., Kocak, S. A., Bener, A., Felderer, M., Gander, M., King, J., Markkula, J., Oivo, M., Sauerwein, C. and Williams, L., Establishing a Baseline for Measuring Advancement in the Science of Security – an Analysis of the 2015 IEEE Security & Privacy Proceedings, Symposium and Bootcamp on the Science of Security (HotSoS) 2016, Pittsburgh, PA, pp. 38-51.
Pandita. R., Kunal, T., Tung, T., ICON: Inferring Temporal Constraints from Natural Language API Descriptions, International Conference on Software Maintenance and Evolution (ICSME) 2016, Raleigh, NC DOI: 10.1109/ICSME.2016.59.
Menzies, T., Williams, L., Zimmerman, T., Perspective in Data Science for Software Engineering, Morgan Kaufmann, 2016.
Hanan Hibshi, Travis D. Breaux, Maria Riaz, Laurie Williams: A grounded analysis of experts' decision-making during security assessments. J. Cybersecur. 2(2): 147-163 (2016)
Özgür Kafali, Munindar P. Singh, Laurie Williams: Toward a normative approach for forensicability. HotSoS 2016: 65-67
Akond Ashfaque Ur Rahman, Laurie Williams: Security practices in DevOps. HotSoS 2016: 109-111
Christopher Theisen, Laurie Williams: Risk-based attack surface approximation: poster. HotSoS 2016: 121-123
Christopher Theisen, Laurie Williams: Stack traces reveal attack surfaces. Perspectives on Data Science for Software Engineering 2016: 73-76

2015

Rahman, A., Helms, E., Parnin, C., and Williams, L., Synthesizing Continuous Deployment Practices Used in Software Development, Agile 2015, Washington, DC, pp. 1-10.
Theisen, C., Herzig, K., Morrison, P., Murphy, B., and Williams, L., Approximating Attack Surfaces with Stack Traces, International Conference on Software Engineering (ICSE) Software Engineering in Practice 2015, Florence, Italy.
King, J., Pandita, R., and Williams, L., Enabling Forensics by Proposing Heuristics to Identify Mandatory Log Events, Symposium and bootcamp on the Science of Security (HotSoS 2015), Urbana-Champaign, IL, Article 6.
Morrison, P., Herzig, K., Murphy, B. and Williams, L., Challenges with Applying Vulnerability Prediction Models, Symposium and bootcamp on the Science of Security (HotSoS 2015), Urbana-Champaign, IL, Article 4.
Pandita, R., Jetley, R., Sudarsan, S., and Williams, L., Discoving Likely Mappings between APIs using Text Mining, 15th IEEE International Working Conference on Source Code Anaalysis and Manipulation (SCAM) 2015, Bremen, Germany, pp. 231 - 240.
Riaz, M., Breaux, T., and Williams, L., How Have We Evaluated Software Patterns in Problem Solving? A Systematic Mapping Study of Research Design Practices, Information and Software Technology, April 2015.
Murphy, B., Czerwonka, J., and Williams, L, Using Data to Make Decisions in Software Engineering: Providing a Method to Our Madness, in "The Art and Science of Analyzing Software Data" Bird, C., Menzies, T., and Zimmerman, T. (eds), Morgan Kaufmann, 2015.

2014

Doyle, M., Williams, L. Cohn, M., and Rubin, K., Agile Software Development in Practice, 15th International Conference on Agile Software Development (XP2014), Rome, Italy, in Springer-Verlag Berlin, Heidelberg: Springer Agile Processes in Software Engineering and Extreme Programming, pp. 32-45.
Srikanth, H. and Williams, L.,Toward the Prioritization of System Test Cases, Software Testing, Verification and Reliability, Volume 24 Issue 4, June 2014, pp.320-337 .
John Slankas, Xusheng Xiao, Laurie A. Williams, Tao Xie: Relation extraction for inferring access control rules from natural language artifacts. ACSAC 2014: 366-375
Maria Riaz, John Slankas, Jason Tyler King, Laurie A. Williams: Using templates to elicit implied security requirements from functional requirements - a controlled experiment. ESEM 2014: 22:1-22:10
Jason Tyler King, Laurie A. Williams: Log your CRUD: design principles for software logging mechanisms. HotSoS 2014: 5
JeeHyun Hwang, Laurie Williams, Mladen A. Vouk: Access control policy evolution: an empirical study. HotSoS 2014: 28
Shweta Subramani, Mladen A. Vouk, Laurie A. Williams: An analysis of Fedora security profile. HotSoS 2014: 35
JeeHyun Hwang, Da Young Lee, Laurie A. Williams, Mladen A. Vouk: Access Control Policy Evolution: An Empirical Study. ISSRE 2014: 245-254.
Hanan Hibshi, Travis D. Breaux, Maria Riaz, Laurie A. Williams: Towards a framework to measure security expertise in requirements analysis. ESPRE 2014: 13-18
Maria Riaz, Jason Tyler King, John Slankas, Laurie A. Williams: Hidden in plain sight: Automatically identifying security requirements from natural language artifacts. RE 2014: 183-192
Anthony Thyron Rivers, Mladen A. Vouk, Laurie A. Williams: On Coverage-Based Attack Profiles. SERE (Companion) 2014: 5-6

2013

Jinzenji, K., Williams, L., Hoshino, T., and Takahashi, K., An Experience Report for Software Quality Evaluation in Highly Iterative Development Methodology Using Traditional Metrics, International Symposium on Software Reliability Engineering (ISSRE) 2013, Pasadena, CA, pp, 310-319.
Murphy, B., Bird, C. Zimmerman, T., Williams, L., Nagappan, N., and Begel, A. Have Agile Techniques Been the Silver Bullet for Software Development at Microsoft?, International Symposium on Empirical Software Engineering (ESEM) 2013, Baltimore, MD, pp, 75-84.
Yonghee Shin, Laurie Williams: Can traditional fault prediction models be used for vulnerability prediction? Empirical Software Engineering 18(1): 25-59 (2013).
Andrew Austin, Casper Holmgreen, Laurie Williams: A comparison of the efficiency and effectiveness of vulnerability discovery techniques. Inf. Softw. Technol. 55(7): 1279-1288 (2013)
Patrick Morrison, Casper Holmgreen, Aaron Massey, Laurie Williams: Proposing Regulatory-Driven Automated Test Suites. AGILE 2013: 11-21
Jason Tyler King, Laurie Williams: Cataloging and Comparing Logging Mechanism Specifications for Electronic Health Record Systems. HealthTech 2013
Patrick Morrison, Casper Holmgreen, Aaron Massey, Laurie A. Williams: Proposing regulatory-driven automated test suites for electronic health record systems. SEHC@ICSE 2013: 46-49
Patrick Francis, Laurie Williams: Determining "Grim Reaper" Policies to Prevent Languishing Bugs. ICSM 2013: 436-439
Shweta Subramani, Mladen A. Vouk, Laurie A. Williams: Non-operational testing of software for security issues. ISSRE (Supplemental Proceedings) 2013: 21-22
Da Young Lee, Mladen A. Vouk, Laurie A. Williams: Using software reliability models for security assessment - Verification of assumptions. ISSRE (Supplemental Proceedings) 2013: 23-24
Brendan Murphy, Laurie A. Williams: To branch or not to branch that is the question. ISSRE (Supplemental Proceedings) 2013: 55
Sarah Smith Heckman, Laurie Williams: A comparative evaluation of static analysis actionable alert identification techniques. PROMISE 2013: 4:1-4:10
John Slankas, Laurie Williams: Access Control Policy Extraction from Unconstrained Natural Language Text. SocialCom 2013: 435-440

2012

Williams, L., After All These Years, What Do Agile Teams Think About the Agile Principles?, Communications of the ACM, Vol.55, No. 4, April 2012,pp. 71-76.
King, J., Smith, B, and Williams, L.,Modifying Without a Trace: General Audit Guidelines are Inadequate for Electronic Health Record Audit Mechanisms, 2nd ACM SIGHIT International Health Informatics Symposium (IHI) 2012, Miami, FL, USA, pp.305-314r.
Meneely, A, Smith, B. and Williams, L., Validating Software Metrics: A Spectrum of Philosophies, ACM Transactions on Software Engineering, Volume 21 Issue 4, November 2012 Article No. 24.
Jason Tyler King, Ben H. Smith, Laurie Williams: Audit Mechanisms in Electronic Health Record Systems: Protected Health Information May Remain Vulnerable to Undetected Misuse. Int. J. Comput. Model. Algorithms Medicine 3(2): 23-42 (2012)
Kumi Jinzenji, Takashi Hoshino, Laurie Williams, Kenji Takahashi: Metric-Based Quality Evaluations for Iterative Software Development Approaches Like Agile. ISSRE Workshops 2012: 54-63
John Slankas, Laurie Williams: Classifying Natural Language Sentences for Policy. POLICY 2012: 33-36
Maria Riaz, Laurie Williams: Security requirements patterns: understanding the science behind the art of pattern writing. RePa 2012: 29-34
Ben H. Smith, Laurie Williams: On the Effective Use of Security Test Patterns. SERE 2012: 108-117
Jason Tyler King, Laurie Williams: Secure Logging and Auditing in Electronic Health Records Systems: What Can We Learn from the Payment Card Industry. HealthSec 2012
Patrick Morrison, Laurie Williams: An Analysis of HIPAA Breach Data. HealthSec 2012

2011

Williams, L., Brown, G., Meltzer, A., Nagappan, N., Scrum + Engineering Practices: Experiences of Three Microsoft Teams, International Symposium on Empirical Software Engineering and Measurement (ESEM) 2011, Banff, Canada, DOI: 10.1109/ESEM.2011.65. IEEE Software Best Exerience Paper Award
Shin, Y. and Williams, L., An Initial Study on the Use of Execution Complexity Metrics as Indicators of Software Vulnerabilities, 7th International Workshop on Software Engineering for Secure Systems 2011 at the International Conference on Software Engineering, Honolulu, USA, electronic proceedings.
Helms, E. and Williams, L., Evaluating Access Control of Open Source Health Record Systems, 3rd Workshop on Software Engineering in Healthcare (SEHC) at the International Conference on Software Engineering, Honolulu, USA, electronic proceedings.
Austin, A. and Williams, L., One Technique is Not Enough: An Empirical Comparison of Vulnerability Discovery Techniques, International Symposium on Empirical Software Engineering and Meaurement (ESEM) 2011, Banff, Canada, DOI: 10.1109/ESEM.2011.18.
Smith, B. and Williams, L.,Using SQL Hotspots in a Prioritization Heuristic for Detecting Web Application Vulnerabilities, International Conference on Software Testing, Verification, and Validation (ICST) 2011, Berlin, pp. 220-229.
Shin, Y., Meneely, A., Williams, L., Osbourne, J., Evaluating Complexity, Code Churn, and Developer Activity Metrics as Indicators of Software Vulnerabilities, IEEE Transactions in Software Engineering, Volume: 37, Issue: 6, Nov.-Dec. 2011, pp. 772 - 787.
Zimmermann, T., Nagappan, N. Herzig, K., Premraj, R. and Williams, L., An Empirical Study on the Relation between Dependency Neighborhoods and Failures, International Conference on Software Testing, Verification, and Validation (ICST) 2011, Berlin, 347-356.
Williams, L., "Pair Programming", in Making Software: What Really Works, and Why We Believe It , O'Reilly Media, Inc., 2011.
Schmidt, J. Y., Antón, A., Williams, L., and Otto, P., The Role of Data Use Agreements in Specifying Legally Compliant Software Requirements, Fourth Workshop on Requirements Engineering and Law at Requirements Engineering (RE) 2011, Trento, Italy, pp. 1-4,.
Meneely, A, Rotella, P. and Williams, L., Does Adding Manpower Also Affect Quality? An Empirical Longitudinal Analysis, ACM Foundations of Software Engineering (FSE) 2011, Szeged, Hungary, pp. 81-90.
Meneely, A, Smith, B. and Williams, L., The iTrust Electronic Health Records System in Software and Systems Traceability, Huang, Jane, Gotel, Orlena, Zisman, Andrea (Eds.) ISBN: 978-1-4471-2238-8.
Meneely, A. and Williams, L., Socio-Technical Networks: Should We Trust Our Measurements?, International Conference on Software Engineering (ICSE) 2011, Honolulu, Hawaii, DOI: 10.1145/1985793.1985832.
Heckman, S. and Williams, L., Systematic Literature Review of Actionable Alert Identification Techniques for Automated Static Code Analysis, Information and Software Technology, Vol. 53, No. 4, April 2011.

2010

Williams, L., Kanban: Considered Helpful or Harmful in Software Development, Cutter Benchmark Review, Vol. 10. No 9, September 2010.
Williams, L., Rubin, K., and Cohn, M., Driving Process Improvement Via Comparative Agility Assessment, Agile 2010, Orlando, FL. pp. 3-10.
Williams, L., "Agile Software Development Methodologies and Practices ", in Advances in Computers, Volume 80, pp. 1-44, 2010.
B. Smith, A. Austin, M. Brown, J. King, J. Lankford, A. Meneely, L. Williams, Challenges for Protecting the Privacy of Health Information: Required Certification Can Leave Common Vulnerabilities Undetected, Security and Privacy in Medical and Home-care Systems (SPIMACS 2010) Workshop of ACM Computers and Communication Security 2010, Chicago, IL, pp. 1-12.
Williams, L., Meneely, A., and Shipley, G., Protection Poker: The New Software Security "Game", IEEE Security and Privacy, Vol. 8, Number 3, May/June 2010, pp. 14-20.
Meneely, A. and Williams, L., Strengthening the Empirical Analysis of the Relationship between Linus' Law and Software Security, Empirical Software Engineering and Measurement (ESEM) 2010, Bolzano-Bozen, Italy, Article 9.
Zimmermann, T., Nagappan, N. and Williams, L., , Searching for a Needle in a Haystack: Predicting Security Vulnerabilities for Windows Vista, International Conference on Software Testing, Verification, and Validation (ICST) 2010, Paris, France, pp.421-428. Test of Time Award (2020).
B. Smith, L. Williams, A. Austin, "Idea: Using System Level Testing for Revealing SQL Injection-Related Error Message Information Leaks", Lecture Notes in Computer Science, vol. 5965, Engineering Secure Software and Systems (ESSoS 2010), Pisa, Italy, pp. 192-200, 2010.
Austin, A., Smith, B., and Williams, L., Towards Improved Security Criteria for Certification of Electronic Health Record Systems, 2nd Workshop on Software Engineering in Healthcare at the International Conference on Software Engineering (ICSE) 2010, Cape Town, South Africa, electronic proceedings.
Syed, R., Robinson, B., and Williams, L. Does Hardware Configuration and Processor Load Impact Software Fault Observability?, International Conference on Software Testing, Verification, and Validation (ICST) 2010, Paris, France, pp.285-294.
Meneely, A. Cochoran, M., and Williams, L., Improving Developer Activity Metrics with Issue Tracking Annotations, Workshop on Emerging Trends in Software Metrics at the International Conference on Software Engineering (ICSE) 2010, Cape Town, South Africa, electronic proceedings.
Meneely, A. and Williams, L., On the Use of Issue Tracking Annotations for Improving Developer Activity Metrics, Advances in Software Engineering, DOI: 10.1155/2010/273080.

2009

Meneely, A. and Williams, L., Secure Open Source Collaboration: An Empirical Study of Linus' Law, ACM Computers and Communication Security (CCS) 2009, Chicago, pp. 453-462.
Heckman, S. and Wolliams, L., A Model Building Process for Identifying Actionable Static Analysis Alerts, International Conference on Software Testing, Verification, and Validation (ICST) 2009, Denver, CO, pp. 161-170.
Meneely, A. and Williams, L., On Preparing Students for Distributed Software Development with a Synchronous, Collaborative Development Platform, ACM Technical Symposium on Computer Science Education (SIGCSE) 2009, Chatanooga, TN,pp. 529-533.
Williams, L., Kudrjavets G., Nagappan, N., On the Effectiveness of Unit Test Automation at Microsoft, International Symposium on Software Reliability Engineering (ISSRE) 2009, Mysuru, India, pp. 81-89.
Smith, B. and Williams, L., On Guiding the Augmentation of an Automated Test Suite via Mutation Analysis, Empirical Software Engineering, Volume 14, Issue 3, Page 341-369, June 2009.
Smith, B. and Williams, L., Should Software Testers use Mutation Analysis to Augment a Test Set?, Journal of Systems Software, vol. 82, no. 11, pp. 1819-1832, 2009.
Stephen Thomas, Laurie Williams, Tao Xie: On automated prepared statement generation to remove SQL injection vulnerabilities. Inf. Softw. Technol. 51(3): 589-598 (2009)
Gegick, M., Rotella, P. and Williams, L., Predicting Attack-Prone Components, International Conference on Software Testing, Verification, and Validation (ICST) 2009, Denver, CO, pp. 181-190.
Williams, L., Gegick, M., and Meneely, A., Protection Poker: Structuring Software Security Risk Assessment and Knowledge Transfer, International Symposium on Engineering Secure Software and Systems (ESSoS) 2009, Leuven, Belgium, pp. 122-134 [Protection Poker tutorial]
Gegick, M., Rotella, P. and Williams, L., Toward Non-Security Failures as a Predictor of Security Faults and Failures, International Symposium on Engineering Secure Software and Systems (ESSoS) 2009, Leuven, Belgium, pp. 135-149

2008

Williams, L., Silver Bullet Security Podcast with Gary McGraw Show 033, December 22, 2008.
Gegick, M. and Williams, L., Correlating Automated Static Analysis Alert Density to Reported Vulnerabilities in Sendmail, Metricon 2.0, Boston.
Shin, Y. and Williams, L., Is Complexity Really the Enemy of Software Security?, Quality of Protection Workshop at the ACM Conference on Computers and Communications Security (CCS) 2008, Alexandria, VA, pp. 47-50.
Gegick, M., Williams, L., Osborne, J., and Vouk, M., Prioritizing Software Security Fortification through Code-Level Security Metrics, Quality of Protection Workshop at the ACM Conference on Computers and Communications Security (CCS) 2008, Alexandria, VA, pp. 31-38.
Shin, Y. and Williams, L., An Empirical Model to Predict Security Vulnerabilities Using Code Complexity Metrics, IEEE Empirical Software Engineering and Metrics (ESEM) 2008 short paper, Kaiserslautern , Germany, pp. 315-317.
Williams, L., McCrickard, S., Layman, L., Hussein, K., Eleven Guidelines for Implementing Pair Programming in the Classroom, Agile 2008 Education Track, Toronto, pp. 445-453.
Layman, L., Williams, L., Slaten, K., Berenson, S., and Vouk, M., Addressing Diverse Needs through a Balance of Agile and Plan-Driven Software Development Methodologies in the Core Software Engineering Course, International Journal on Engineering Education, Vol. 24, No. 4, pp. 659-670, July 2008.
Heckman, S. and Williams, L., On Establishing a Benchmark for Evaluating Static Analysis Alert Prioritization and Classification Techniques, Empirical Software Engineering and Metrics 2008, pp. 41-50.
Ho, C-w, Williams, L., and Robinson, B., Examining the Relationships between Performance Requirements and “Not a Problem” Defect Reports, Requirements Engineering (RE) 2008, Barcelona, Spain,
Layman, L., Williams, L., and St. Amant, L., MimEc: Intelligent User Notification of Faults in the Eclipse IDE, Cooperative and Human Aspects of Software Engineering (CHASE) workshop at the International Conference on Software Engineering (ICSE), Leipzig, Germany, pp. 73-76.
Meneely, A., Williams, L., Gehringer, E. ROSE: A Repository of Education-Friendly Open-Source Projects, ACM Innovation and Technology in Computer Science Education (ITiCSE) 2008, Madrid, Spain, pp. 7-11.
Sherriff, M. and Williams, L., Empirical Software Change Impact Analysis Using Singular Value Decomposition, International Conference on Software Testing, Verification and Validation 2008, Lillehammer, Norway, pp. 268-277.
Meneely, A., Williams, L., Snipes, W., and Osbourne, J., Predicting Failures with Developer Networks and Social Network Analysis, ACM SIGSOFT Foundations of Software Engineering (FSE) 2008, Atlanta, GA, pp. 13-23.
Nagappan, N., E. M. Maximilien, Bhat, T., and Williams, L. Realizing Quality Improvement Through Test Driven Development: Results and Experiences of Four Industrial Teams, Empirical Software Engineering, Vol. 13, No. 3, June 2008, pp. 289-302.
Smith, B.. Shin, Y. and Williams, L.,Proposing SQL Statement Coverage Metrics, 4th Intl. Workshop on Software Engineering for Secure Systems (SESS 2008) at the International Conference on Software Engineering (ICSE), Leipzig, Germany, pp. 49-56.
Michael Gegick, Laurie Williams: Ranking Attack-Prone Components with a Predictive Model. ISSRE 2008: 315-316
Laurie A. Williams, Mladen A. Vouk: Agile Software Development. Wiley Encyclopedia of Computer Science and Engineering 2008

2007

Williams, L., On the Stickiness of Agility in Software Development, Cutter Benchmark Review, Vol. 7, No. 7, pp. 5-12, July 2007.
Sanchez, J., Williams, L., and Maximilien, M., On the Sustained Use of the Test-driven Development Practice at IBM, Agile 2007, Washington, DC. pp. 5-14.
Gegick, M. and Williams, L., Toward the Use of Static Analysis Alerts for Early Indication of Vulnerability- and Attack-Prone Components, The First International Workshop on Systems Vulnerabilities (SYVUL ’07) at First International Conference on Global Defense and Business Continuity, Silicon Valley, CA, DOI: 10.1109/ICIMP.2007.46.
Thomas, S. and Williams, L., Using Automated Fix Generation to Secure SQL Statements, 3rd Intl. Workshop on Software Engineering for Secure Systems (SESS 2007) at the International Conference on Software Engineering (ISCE) 2007, Minneapolis, MN
Gegick, M. and Williams, L., On the Design of Secure Software-Intensive Systems by Use of Attack Patterns, Information and Software Technology, Vol. 49, No. 4, pp. 381-397, April 2007.
Smith, B. and Williams, L., An Empirical Study of MuJava Mutation Operators, Windsor, UK: Mutation 2007.
Sherriff, M., Lake, M., and Williams, L., Prioritization of Regression Tests Using Singular Value Decomposition with Empirical Change Records, IEEE International Symposium on Software Reliability Engineering (ISSRE) 1007, Trollhättan, Sweden, pp. 81-90.
Nagappan, N., Williams, L., Vouk, M., and Osborne, J.,Using In-Process Testing Metrics to Estimate Post-Release Field Quality of Java Programs, IEEE International Symposium on Software Reliability Engineering (ISSRE) 1007, Trollhättan, Sweden, pp. 81-90.
Meneely, A., Williams, L., and Snipes, W., System Test Case Prioritization, Using Static Metrics and System Failure Data,, IEEE International Symposium on Software Reliability Engineering (ISSRE) 1007, Trollhättan, Sweden student paper
Sherriff, M., Heckman, S., Lake, M., Williams, L., Using Grouping of Static Analysis Alerts to Identify Files Likely to Contain Field Failures, ACM SIGSOFT Foundations of Software Engineering Short Paper.
Johnson, M., Ho, C-w, Maximilien, M., and Williams, L., Incorporating Performance Testing in Test-Driven Development, IEEE Software, Vol. 24, No., 3, pp. 67-73, May/June 2007.
Williams, L., Lessons Learned from Seven Years of Pair Programming at North Carolina State University, Inroads: ACM SIGCSE Bulletin, Vol. 39, No. 4, pp. 79-83, December 2007.
Williams, L. and Layman, L., Lab Partners: If They’re Good Enough for the Natural Sciences, Why Aren’t They Good Enough for Us?, Conference of Software Engineering Education and Training (CSEET) 2007, Dublin, Ireland, pp. 72-82.
Williams, L., Layman, L., Slaten, K., Berenson, S., and Seaman, C., On the Impact of a Collaborative Pedagogy on African American Women in Software Engineering, International Conference on Software Engineering (ICSE) 2007 Educator Track, Minneapolis, MN, pp. 677-687.
Berenson, S., Williams, L., and Slaten, K., “Using Pair Programming and Agile Development Methods in a University Software Course to Develop a Model of Social Interaction” in Reconfiguring the Firewall: Recruiting Women to Information Technology Across Cultures and Continents, Burger, C., Creamer, E., and Meszaros, P. (eds.),Wellesley, MA: A K Peter, Ltd., 2007, pp. 65-76.
Ho, C-w, Williams, L., Antón, A., Improving Performance Requirements Specification from Field Failure Reports, IEEE International Requirements Engineering Conference 2007, New Delhi, India, pp. 79-88.
Layman, L., Williams, L, St. Amant, R., Toward Reducing Fault Fix Time: Understanding Developer Behavior for the Design of Automated Fault Detection Tools, Empirical Software Engineering and Metrics (ESEM) 2007, Madrid, Spain, pp. 176-185. Best Paper Award
Williams, L., Structuring Families of Industrial Case Studies in Empirical Software Engineering Issues: Critical Assessment and Future Directions, edited by Basili, V., Rombach, D., Schneider, K., Kitchenham, B., Pfahl, D., and Selby, R., Berlin: Springer LNCS 4336, p. 134, 2007.
Layman, L., Williams, L., and Slaten, K., Note to Self: Make Assignments Meaningful, ACM Technical Symposium on Computer Science Education (SIGCSE) 2007, Covington, KY, pp. 459-463.
Mark Sherriff, Sarah Smith Heckman, Mike Lake, Laurie A. Williams: Identifying fault-prone files using static analysis alerts through singular value decomposition. CASCON 2007: 276-279
Zheng, J., Williams, L., Robinson, B., Smiley, K., Regression Test Selection for Black Box Dynamic Link Library Components, 2nd Intl. Workshop on Incorporating COTS Software into Software Systems (IWICSS 2007) at the International Conference on Software Engineering (ISCE) 2007, Minneapolis, MN
Williams, L., Snipes, W., and Meneely, A., On Increasing System Test Effectiveness through a Test Case Prioritization Model Using Static Metrics and System Failure Data, Reliability Analysis of System Failure Data Workshop, Cambridge, UK, 2007
Ho, Chih-wei and Williams, L., Developing Software Performance with the Performance Refinement and Evolution Model, Workshop on Software Performance (WOSP), Buenos Aires, Argentina, pp. 133-136, 2007.
Jiang Zheng, Laurie Williams, Brian Robinson: Pallino: automation to support regression test selection for cots-based applications. ASE 2007: 224-233

2006

Prechelt, L. and Williams, L., Industry-Research Collaboration Working Group Results in Empirical Software Engineering Issues: Critical Assessment and Future Directions ,edited by Basili, V., Rombach, D., Schneider, K., Kitchenham, B., Pfahl, D., and Selby, R., Berlin: Springer LNCS 4336, p. 153-157, 2007.
Williams, L., Erdogmus, H., and Selby, R., Roadmapping Working Group 4 Results in Empirical Software Engineering Issues: Critical Assessment and Future Directions, edited by Basili, V., Rombach, D., Schneider, K., Kitchenham, B., Pfahl, D., and Selby, R., Berlin: Springer LNCS 4336, p. 134, 2007.
Ho, Chih-wei, Johnson, Michael, Williams, L., Maximilien, E. M., On Agile Performance Requirements Specification and Testing, Agile 2006, Minneapolis, ISBN 0-7695-2562-8/06, electronic proceedings, 6 pages.
Layman, L., Williams, L., Cunningham, L., Motivations and Measurements in an Agile Case Study , Journal of System Architecture, Vol. 52, No. 11, pp. 654-667, November 2006.
Layman, L., Williams, L., Damian, D., Bures, H., Essential Communication Practices for Extreme Programming in a Global Software Development Team , Information and Software Technology, Vol. 48, No., 9, pp. 781-794, September 2006.
Gegick, M., Williams, L., An Early Testing and Defense Web Application Framework for Malicious Input Attacks, Fast Abstract at the International Symposium on Software Reliability Engineering (ISSRE) 2006, Raleigh, NC, ISBN 978-0-9671473-3-3-8.
Shin, Y., Williams, L., and Xie, T., SQLUnitGen: SQL Injection Testing Using Static and Dynamic Analysis, Student Paper at the International Symposium on Software Reliability Engineering (ISSRE) 2006, Raleigh, NC, ISBN 978-0-9671473-3-3-8.
Williams, L. and Shin, Y., WIP: Exploring Security and Privacy Concepts through the Development and Testing of the iTrust Medical Records System, Frontiers in Education (FIE) 2006, San Diego, pp. S1F30-31.
Sherriff, M. and Williams, L., DevCOP: A Software Certificate Management System for Eclipse, International Symposium for Software Reliability Engineering (ISSRE) 2006, Raleigh, NC, pp. 375-384.
Heckman, S., Williams, L., Automated Adaptive Ranking and Filtering of Static Analysis Alerts, Fast Abstract at the International Symposium on Software Reliability Engineering (ISSRE) 2006, Raleigh, NC, ISBN 978-0-9671473-3-3-8
Zheng, J., Williams, L., Robinson, B., Smiley, K., Identifying Change in Dynamic Link Library COTS Components when Source Code is Not Available, Fast Abstract at the International Symposium on Software Reliability Engineering (ISSRE) 2006, Raleigh, NC, ISBN 978-0-9671473-3-3-8.
Williams, L., Debunking the Nerd Stereotype with Pair Programming (Broadening Participation in Computing Series), IEEE Computer, Vol. 31, No. 5, pp. 83-85, May 2006.
Williams, L., Layman, L., Osborne, J., Katira, N., Examining the Compatibility of Student Pair Programmers, Agile 2006, pp. 411-420.
Layman, L., Cornwell, T., and Williams, L., Personality Types, Learning Styles, and an Agile Approach to Software Engineering Education, ACM Technical Symposium on Computer Science Education (SIGCSE) 2006, Houston, TX, pp. 428-432.
Garzia, M., Hudepohl, J., Snipes, W., Lyu, M. Musa, J., Smidts, C., Williams, L., How Should Software Reliability Engineering (SRE) be Taught?, Software Engineering Notes, Vol. 31, No., 4, pp. 1-5, July 2006.
Zheng, J., Robinson, B., Williams, L., and Smiley, K., Applying Test Case Selection for COTS-based Applications, International Conference on Software Engineering (ICSE) 2006, Shanghai, pp. 512-521.
Zheng, J., Williams, L., Snipes, W., Nagappan, N., Hudepohl, J., Vouk, M., On the Value of Static Analysis Tools for Fault Detection, IEEE Transactions on Software Engineering, Vol. 32, No., 4, pp. 240-253, April 2006.
Zheng, J., Robinson, B., Williams, L., Smiley, K., A Lightweight Process for Change Identification and Regression Test Selection in Using COTS Components, International Conference on COTS-Based Software Systems, Orlando, FL, pp. 137-143.
Laurie Williams: Structuring Families of Industrial Case Studies. Empirical Software Engineering Issues 2006: 134

2005

Gegick, M. and Williams, L., Matching Attack Signatures to Security Vulnerabilities in Software-Intensive System Design, Software Engineering for Secure Systems Workshop at the International Conference on Software Engineering (ICSE) 2005, St. Louis.
Williams, L., Teaching an Active Participation Course in Software Reliability and Testing, “ How Should Software Reliability Engineering Be Taught?” Panel Paper at the IEEE International Symposium of Software Reliability Engineering 2005, Chicago, IL.
Zheng, J., Robinson, B., Williams, L., Smiley, K., An Initial Study of a Lightweight Process for Change Identification and Regression Test Selection When Source Code is Not Available , International Symposium on Software Reliability Engineering (ISSRE) 2005, Chicago, IL, pp. 225-234.
Nagappan, N., Williams, L., Osborne, J., Vouk, M., Abrahamsson, P., Providing Test Quality Feedback Using Static Source Code and Automatic Test Suite Metrics, International Symposium on Software Reliability Engineering (ISSRE) 2005, Chicago, IL, pp. 85-94.
Strom, M., Davidsson, M., Williams, L., Vouk, M., The Good Enough Reliability Tool (GERT) – Version 2 , Fast Abstract at the International Symposium on Software Reliability Engineering (ISSRE) 2005, Chicago, pp. 4.35-4.36.
Sherriff, M. and Williams, L., Certification of Code During Development to Provide an Estimate of Defect Density , Fast Abstract at the International Symposium on Software Reliability Engineering (ISSRE) 2005, Chicago, pp. 4.47-4.48.
Smith, S., Williams, L., Xu, J., Expediting Programmer AWAREness of Anomalous Code , Fast Abstract at the International Symposium on Software Reliability Engineering (ISSRE) 2005, Chicago, pp. 4.49-4.50.
Sherriff, M. and Williams, L., A Method for Validation and Verification Certificates in Eclipse, Workshop on Software Certificate Management (SoftCeMent) at Automated Software Engineering (ASE) 2005, Long Beach, CA.
Srikanth, H., Williams, L., Osborne, J., System Test Case Prioritization of New and Regression Test Cases, International Symposium on Empirical Software Engineering (ISESE) 2005, Noosa Head pp. 63-73, .
Zheng, J., Robinson, B., Williams, L., Smiley, K., A Process for Identifying Changes When Source Code is Not Available, Second International Workshop on Models and Processes for the Evaluation of Off-the-Shelf Components at the International Conference on Software Engineering (ICSE) 2005, St. Louis.
Sherriff, M., Nagappan, N., Williams, L., Vouk, M., Early Estimate of Defect Density Using an In-Process Haskell Metrics Model, First International Workshop on Advances in Model-Based Software Testing (A-MOST) at the International Conference on Software Engineering (ICSE) 2005, St. Louis.
Nagappan, N., Williams, L., Vouk, M., Osborne, J., Early Estimation of Software Quality Using In-Process Testing Metrics: A Controlled Case Study, Third Workshop on Software Quality at the International Conference on Software Engineering (ICSE) 2005, St. Louis.
Layman, L., Williams, L., Osborne, J., Berenson, S., Slaten, K., Vouk, M., How and Why Collaborative Software Development Impacts the Software Engineering Course, Frontiers in Education (FIE) 2005, pp. T4C9-T4C14.
Slaten, K., Droujkova, M., Berenson, S., Williams, L., Layman, L., Understanding Student Perceptions of Pair Programming and Agile Software Development Methodologies: Verifying a Model of Social Interaction, Agile 2005, Denver, CO, pp. 323-330.
Katira, N., Williams, L., Osborne, J., Towards Increasing the Compatibility of Student Pair Programmers , International Conference on Software Engineering (ICSE) Education Track 2005, St. Louis, MO, pp. 625-626.
Williams, L., Layman, L., Abrahamsson, P., Establishing the Essential Components of a Technology-Dependent Framework: A Strawman Framework for Industrial Case Study-Based Research, Workshop on Evidence-Based Software Engineering at the International Conference on Software Engineering (ICSE) 2005, St. Louis.
Williams, L., Smith, S., Rappa, M., Resources for Agile Software Development in the Software Engineering Course, Course Materials, Conference on Software Engineering Education and Training (CSEET) 2005, Ottawa, CA, pp. 236-238.
Rappa, M., Smith, S., Yacoub, A ., Williams, L., OpenSeminar: A Web Based Collaboration Tool for Open Educational Resources , IEEE Collaborate Com, San Jose, CA.
Hema Srikanth, Laurie Williams: On the economics of requirements-based test case prioritization. ACM SIGSOFT Software Engineering Notes 30(4): 1-3 (2005)
Kelli M. Slaten, Sarah B. Berenson, Laurie Williams, Lucas Layman, Maria A. Droujkova: Undergraduate Student Perceptions of Pair Programming and Agile Software Methodologies: Verifying a Model of Social Interaction. AGILE 2005: 323-330
alasubramaniam Ramesh, Pekka Abrahamsson, Alistair Cockburn, Kalle Lyytinen, Laurie Williams: Agile Software Development Methods: When and Why Do They Work? Business Agility and Information Technology Diffusion 2005: 371-373
Williams, L., “Software Engineering for Internet Applications” in The Practical Handbook of Internet Computing, Singh, M., ed., Chapman & Hall/CRC, invited, 2005, pp.43-1 – 43-13.

2004

Dagnino, A., Smiley, K., Srikanth , H., Antón , A., Williams, L . Experiences in Applying Agile Software Development Practices in New Product Development , International Association of Science and Technology for Development (IASTED) Software Engineering and Applications (SEA) 2004.
Layman, L., Williams, L. and Cunningham, L., Motivations and Measurements in an Agile Case Study , ACM SIGSOFT Foundation in Software Engineering Workshop Quantitative Techniques for Software Agile Processes (QTE-SWAP), Newport Beach, CA, 2004.
Layman, L., Williams, L., Cunningham, L., Exploring Extreme Programming in Context: An Industrial Case Study, Agile Development Conference 2004, p. 32-41.
Williams, L., Krebs, W., Layman, L., NCSU Technical Report, T Extreme Programming Evaluation Framework for Object-Oriented Languages – Version 1.4, TR-2004-18, June 17, 2004 .
Williams, L., Krebs, W., Layman, L., Antón, A., Toward a Framework for Evaluating Extreme Programming, Empirical Assessment in Software Engineering (EASE) 2004, pp. 11-20.
Srikanth, H., and Williams, L., Requirements-Based Test Case Prioritization , Grace Hopper Poster, 2004, Chicago, IL
Nagappan, N., Williams, L., Vouk, M., Osborne, J., Using In-Process Testing Metrics to Estimate Software Reliability: A Feasibility Study, Fast Abstract at the International Symposium on Software Reliability Engineering (ISSRE) 2004, St. Malo, France, November 2004.
Sherriff, M., Williams, L., Vouk, M., Using In-Process Metrics to Predict Defect Density in Haskell Programs , Fast Abstract at the International Symposium on Software Reliability Engineering (ISSRE) 2004, St. Malo, France, November 2004 .
Sherriff, M. and Williams, L. Tool Support for Estimating Software Reliability in Haskell Programs, Student Paper. The 15th International Symposium on Software Reliability Engineering, St-Malo, France, Nov 2-5, 2004. pp. 61-62.
Williams, L. On the Need for a Process for Making Reliable Quality Comparisons with Industrial Data, Workshop on Empirical Research in Software Testing (WERST'2004) in conjunction with the International Symposium on Software Testing and Analysis (ISSTA 2004), Boston, MA.
Nagappan, N., Williams, L., Vouk, M., Hudepohl, J., Snipes, W., A Preliminary Investigation of Automated Software Inspection , IEEE International Symposium on Software Reliability Engineering 2004, St. Malo, France, pp. 429-439.
Davidsson, M., Zheng, J., Nagappan, N., Williams, L., Vouk, M., GERT: An Empirical Reliability Estimation and Testing Feedback Tool , IEEE International Symposium on Software Reliability Engineering 2004, St. Malo, France, pp. 269-280.
Ho, C., Raha, S., Gehringer, E., Williams, L., Sangam: A Distributed Pair Programming Plug-in for Eclipse , Eclipse Technology Exchange (Workshop) at the Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA) 2004.
Williams, L., Shukla, A., Antón, A., An Initial Exploration of the Relationship Between Pair Programming and Brook's Law , Agile Development Conference 2004, pp. 11-20.
Katira, N., Williams, L., Wiebe, E., Miller, C., Balik, S., Gehringer, E., On Understanding Compatibility of Student Pair Programmers, ACM Technical Symposium on Computer Science Education (SIGCSE) 2004, Norfolk, VA, pp. 7-11.
Berenson, S., Slaten, K., Williams, L., Ho, C-w, Voice of Women in a Software Engineering Course: Reflections on Collaboration, ACM Journal of Educational Resources in Computing (JERIC), Volume 4, Issue 1, March 2004.
Ho, Chih-wei, Slaten, K., Williams, L., and Berenson, S., Work in Progress – Unexpected Student Outcome from Collaborative Agile Software Development Practices and Paired Programming in a Software Engineering Course, Frontiers in Education (FIE) 2004, Savannah, GA, pp. F2C15-16.
Ho, Chih-wei, Slaten, Kelli, Williams, L., Berenson, S., Extreme Examining the Impact of Pair Programming on Female Students , NCSU Technical Report, TR-2004-20, June 17, 2004.
Katira, N., Williams, L., Wiebe, E., Miller, C., Balik, S., Gehringer, E., On Understanding Compatibility of Student Pair Programmers, ACM Technical Symposium on Computer Science Education (SIGCSE) 2004, Norfolk, VA, pp. 7-11.
Srikanth, H., Williams, L., Wiebe, E., Miller, C., Balik, S., On Pair Rotation in the Computer Science Course , Conference on Software Engineering Education and Training (CSEET) 2004, Norfolk, VA, pp. 144-149.
George, B. and Williams,L., A Structured Experiment of Test-Driven Developmen (early version), Information and Software technology, Vol. 46, No. 5, pp 337-342, April 2004.

2003

Baheti, P., Williams, L., Dagnino, A., Cordes, A., On Identifying Defects in a Knowledge Management System, Software Engineering Knowledge Engineering (SEKE) 2003, San Francisco, pp. 385-392.
Williams, L. and Cockburn, A. Agile Software Development: It's All about Feedback and Change, IEEE Computer, Vol. 36, No., 6, pp. 83-85, June 2003.
Williams, L., The XP Programmer: The Few Minutes Programmer IEEE Software, Vol. 20, No., 3, pp. 16-20, May/June 2003.
Marchesi, M., Succi, G., Wells, D., Williams, L. (eds.), Extreme Programming Perspectives, Addison Wesley, 2003.
Nagappan, N., Williams, L., and Vouk, M., “Good Enough” Software Reliability Estimation Plug-In for Eclipse , Eclipse Technology Exchange (Workshop) at the Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA) 2003, Anaheim, CA.
Nagappan, N., Williams, L., and Vouk, M., Toward a Metric Suite for Early Software Reliability Estimation , Fast Abstract at the International Symposium on Software Reliability Engineering (ISSRE) 2003, Denver, CO.
Williams, L., Maximillien, M., and Vouk, M., Test-Driven Development as a Defect-Reduction Practice, IEEE International Symposium on Software Reliability Engineering (ISSRE) 2003, Denver, CO, pp. 34-45.
Maximillien, M. and Williams, L., Assessing Test-Driven Development at IBM, International Conference on Software Engineering 2003, Portland, OR, pp. 564-569.
Williams, Laurie and Kessler, Robert. Pair Programming Illuminated, Addison Wesley, 2003.
Stotts, D., Williams, L., Nagappan, N., Baheti, P., Jen, D., Jackson, A., Virtual Teaming: Experiments and Experiences with Distributed Pair Programming , Extreme Programming/Agile Universe 2003, New orleans, LA, pp. 129-141.
Erdogmus, H. and Williams, L. A Value-Based Analysis of Pair Programming , The Engineering Economist, Vol. 48, No. 4, pp. 283-319, 2003.
Williams, L., McDowell, C., Fernald, J., Werner, L., Nagappan, N. Building Pair Programming Knowledge Through a Family of Experiments , IEEE International Symposium on Empirical Software Engineering (ISESE) 2003, Rome, Italy, pp. 143-152.
Wiebe, E., Williams, L., Petlick, J., Nagappan, N., Balik, S., Miller, C., Ferzli, M. Pair Programming in Introductory Programming Labs , American Society for Engineering Education (ASEE) 2003.
Nagappan, N., Williams, L., Wiebe, E., Miller, C., Balik, S., Ferzli, M., Petlick, M., Pair Learning: With an Eye Toward Future Success, Extreme Programming/Agile Universe 2003, New Orleans, LA, pp. 185-198..
Nagappan, N., Williams, L., Ferzli, M., Weibe, E., Yang, K., Miller, C., Balik, S., Improving the CS1 Experience with Pair Programming, ACM Technical Symposium on Computer Science Education (SIGCSE) 2003, Reno, NV, pp. 359-362.
Baheti, P., Williams, L., Dagnino, A., Cordes, A., On Identifying Defects in a Knowledge Management System, Software Engineering Knowledge Engineering (SEKE) 2003, San Francisco, pp. 385-392.

2002

Wells, D. and Williams, L. (eds). Extreme Programming and Agile Methods - XP/Agile Universe 2002, Springer Lecture Notes in Computer Science 2418, 2002.
Lindvall, M., Basili, V., Boehm, B., Costa, P., Dangle, K., Shull, F., Tesoriero, R., Williams, L., Zelkowitz, M., Empirical Findings in Agile Methods, XP/Agile Universe 2002, Chicago, IL, Lecture Notes in Computer Science Vol. 2418, pp. 197-207.
George, B. and Williams, L., An Initial Investigation of Test-Driven Development in Industry, ACM Symposium on Applied Computing (SAC), March 2002, Melbourne, FL, pp. 1135-1139.
Williams, L., Wang, L., Vouk, M., "Good Enough" Reliability for Extreme Programming, Fast Abstract at the International Symposium on Software Reliability Engineering (ISSRE) 2002, Anapolis, VA.
Succi, G., Marchesi, M., Pedrycz,W., Williams, L., Preliminary Analysis of the Effects of Pair Programming on Job Satisfaction, Fourth International Conference on eXtreme Programming and Agile Processes in Software Engineering (XP2002).
Williams, L. and Erdogmus, H., On the Economic Feasibility of Pair Programming, International Workshop on Economics-Driven Software Engineering in conjunction with the International Conference on Software Engineering, May 2002.
Baheti, P., Williams, L., Gehringer, E., Stotts, D., and Smith, J., Distributed Pair Programming: Empirical Studies and Supporting Environments, UNC-CH Technical Report TR02-010, March 15, 2002.
Ferzli, M., Wiebe, E., Williams, L., Paired Programming Project: Focus Groups with Teaching Assistants and Students, NCSU Technical Report, TR-2002-16, November 25, 2002.
Hislop, G., Lutz, M., Naveda, J. F., McCracken, M., Mead, N., Williams, L., Integrating Agile Practices into Software Engineering Courses , Computer Science Education, Vol. 12, No., 3, pp. 169-185, Sept. 2002.
Williams, L., Wiebe, E., Yang, K., Ferzli, M., Miller, C., In Support of Pair Programming in the Introductory Computer Science Course, Computer Science Education, Vol. 12, No., 3, pp. 197-202, September 2002.
Williams, L., Yang, K., Wiebe, E., Ferzli, M., Miller, C., Pair Programming in an Introductory Computer Science Course: Initial Results and Recommendations, OOPSLA Educator's Symposium 2002, Seattle, WA, November 2002.
Baheti, P., Williams, L., Gehringer, E., Stotts, D., Exploring Pair Programming in Distributed Object-Oriented Team Projects, OOPSLA Educator's Symposium 2002, Seattle, WA, November 2002.
Shukla, Anuja and Williams, Laurie, Adapting Extreme Programming for a Core Software Engineering Course , Conference of Software Engineering Education and Training (CSEET) 2002, Covington, KY, pp. 184-190.
Borstler, J. Carrington, D. Hislop, G.W. Lisack, S. Olson, K. Williams, L. Teaching PSP: challenges and lessons learned, IEEE Software, Vol. 19, No. 5, pp. 42-48, Sept/Oct 2002.
George, B., Mansour, M., Williams, L., A multidisciplinary virtual team, 14th international conference on college teaching and learning, 2002, Jacksonville, FL.

2001

Cockburn, Alistair and Williams, Laurie .The Costs and Benefits of Pair Programming in Extreme Programming Examined. Addison Wesley, 2001.
Williams, Laurie and Upchurch, Richard. Extreme Programming for Software Engineering Education? , Proceedings of Frontiers in Education (FIE) 2001, Las Vegas, NV, pp. TD2 12-17.
Williams, Laurie, Kessler, Robert R., Experimenting with Industry's "Pair-Programming" Model in the Computer Science Classroom, Computer Science Education, Vol.. 11, No. 1, pp. 7-20, March 2001.
Williams, Laurie. Integrating Pair Programming into a Software Development Process, Conference of Software Engineering Education and Training (CSEET) 2001, Charlotte, NC, pp. 27-36.
Williams, Laurie and Upchurch, Richard. In Support of Student Pair Programming, 2001 SIGCSE Conference on Computer Science Education, Charlotte, NC, pp. 327-331,February 2001.
Williams, L. An Alternative: The Collaborative Software Process, Conference on Software Engineering Education and Training, Teaching PSP and TSPi in Universities Workshop, February 2001, Charlotte, NC.
Carter, Ryan, Anton, Annie, Dagnino, Aldo, and Williams, Laurie. Evolving Beyond Requirements Creep: A Risk-Based Evolutionary Prototyping Model. Requirements Engineering 2001, Toronto, Toronto, Canada, pp. 138-145..

2000 and earlier

Cockburn, Alistair and Williams, Laurie. The Costs and Benefits of Pair Programming, eXtreme Programming and Flexible Processes in Software Engineering XP2000.
Williams, Laurie, Kessler, Robert R., Cunningham, Ward, and Jeffries, Ron, Strengthening the Case for Pair-Programming, IEEE Software, Vol. 17, No., 4, pp. 19-25, July/Aug 2000. January 2009 update: IEEE Software 25th Anniversary Top Pick Paper; on the list of Most Cited IEEE Software Articles for a 25-year period
Williams, Laurie and Kessler, Robert R., All I Really Need to Know about Pair Programming I Learned In Kindergarten, Communications of the ACM, Vol. 43, No., 5, pp. 108-114, May 2000.
Williams, L., The Collaborative Software Process. PhD Dissertation, 2000.
Williams, Laurie and Kessler, Robert R., The Effects of “Pair-Pressure” and “Pair-Learning” on Software Engineering Education. Conference of Software Engineering Education and Training 2000, Austin, TX., pp. 59-65.
Kessler, Robert R. and Williams, Laurie, If This Is What It's Really Like, Maybe I Better Major in English: Integrating Realism into a Sophomore Software Engineering Course, Frontiers in Education (FIE) 1999, San Juan, pp. 12a 4-12.
Williams, L. But, isn't that cheating? Frontiers in Education Conference Faculty Fellow, 1999. FIE '99. 29th Annual , Volume: 2, San Juan, 1999.
Williams, Laurie, Instilling a Defect Prevention Philosophy, Frontiers in Education (FIE) 1998, Tempe, AZ, Session S4C.
Williams, Laurie, Adjusting the Instruction of the Personal Software Process to Improve Student Participation, Frontiers in Education (FIE)1997, Pittsburgh, Session T2B