My name is Dr. Danielle Gonzalez (She/Her). I am a Software Engineer at Microsoft. I have a PhD from Rochester Institute of Technology and was a 2019 Microsoft Research PhD Fellow. You can find me on Twitter and Mastodon as dngonza. Email: firstname dot lastname at microsoft dot com

Research Interests

Topics of my prior work and ongoing interest are:

  • Secure Software Design and Development
  • Creating Tools for Developers
  • Human Factors in SE / Behavioral SE
  • Mining Software Repositories
  • Security Unit & Integration Testing (dissertation topic)
  • Vulnerability Management

I conduct mixed-methods empirical software engineering research driven by analysis of engineering artifacts and processes to produce actionable resources and insights for developers and teams. I have a special interest in developing techniques to analyze sociotechnical factors of software engineering and creating tools for developers that incorporate these factors.


Danielle Gonzalez, Paola Peralta Perez, Mehdi Mirakhorli. “Barriers to Shift-Left Security: The Unique Pain Points of Writing Automated Tests Involving Security Controls.” In Proceedings of the 15th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM). 2021. Paper

Danielle Gonzalez, Thomas Zimmermann, Patrice Godefroid, Max Schäfer. “Anomalicious: Automated Detection of Anomalous and Potentially Malicious Commits on GitHub" In Proceedings of the 43rd IIEEE/ACM International Conference on Software Engineering (SEiP Track), May 23–29, 2021. Paper, Preprint, Recorded Talk

NOTICE: ⚠️ I have received many requests for the code and data used for the Anomalicious project. Unfortunately, these cannot be shared due to Microsoft licensing. Please stop emailing me about this! 🙃

Devjeet Roy, Ziyi Zhang, Maggie Ma, Venera Arnaoudova, Annibale Panichella, Sebastiano Panichella, Danielle Gonzalez, and Mehdi Mirakhorli. “DeepTC-Enhancer: Improving the Readability of Automatically Generated Tests." In Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering, September 21–25, 2020. ACM, New York, NY, USA, 12 pages. 2020. Preprint, Paper, Supplement

Danielle Gonzalez, Thomas Zimmermann, and Nachiappan Nagappan. “The State of the ML-universe: 10 Years of Artificial Intelligence & Machine Learning Software Development on GitHub." In Proceedings of the 17th International Conference on Mining Software Repositories, pp. 431-442. 2020. Paper, Preprint, Recorded Talk, Supplement

Danielle Gonzalez, Michael Rath, and Mehdi Mirakhorli. “Did You Remember To Test Your Tokens?." In Proceedings of the 17th International Conference on Mining Software Repositories, pp. 232-242. 2020. Paper, Preprint, Recorded Talk, Supplement

Danielle Gonzalez, Fawaz Alhenaki, and Mehdi Mirakhorli. “Architectural security weaknesses in industrial control systems (ICS) an empirical study based on disclosed software vulnerabilities." In Proceedings of the 2019 IEEE International Conference on Software Architecture (ICSA), pp. 31-40. IEEE, 2019. Paper, IEEE Software Blog Post, Slides, Supplement

Danielle Gonzalez, Holly Hastings, and Mehdi Mirakhorli. “Automated Characterization of Software Vulnerabilities." In Proceedings of the 2019 IEEE International Conference on Software Maintenance and Evolution (ICSME), pp. 135-139. IEEE, 2019. Paper, Preprint

Danielle Gonzalez, Suzanne Prentice, and Mehdi Mirakhorli. “A fine-grained approach for automated conversion of JUnit assertions to English." In Proceedings of the 4th ACM SIGSOFT International Workshop on NLP for Software Engineering, pp. 14-17. 2018. Paper, Preprint, Tool

Danielle Gonzalez, Joanna CS Santos, Andrew Popovich, Mehdi Mirakhorli, and Mei Nagappan. “A large-scale study on the usage of testing patterns that address maintainability attributes: patterns for ease of modification, diagnoses, and comprehension." In Proceedings of the IEEE/ACM 14th International Conference on Mining Software Repositories (MSR), pp. 391-401. IEEE, 2017. Paper, Preprint

Danielle Gonzalez, Andrew Popovich, and Mehdi Mirakhorli. “TestEX: A Search Tool for Finding and Retrieving Example Unit Tests from Open Source Projects." In Proceedings of the 2016 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW), pp. 153-159. IEEE, 2016. Paper, Demo Video

Zogaan, Waleed, Ibrahim Mujhid, Joanna CS Santos, Danielle Gonzalez, and Mehdi Mirakhorli. “Automated training-set creation for software architecture traceability problem." Empirical Software Engineering 22, no. 3 (2017): 1028-1062. Paper