A survey on developer-centred security
Software developers are key players in the security ecosystem as they produce code that
runs on millions of devices. Yet we continue to see insecure code being developed and …
runs on millions of devices. Yet we continue to see insecure code being developed and …
Do you really code? designing and evaluating screening questions for online surveys with programmers
A Danilova, A Naiakshina… - 2021 IEEE/ACM 43rd …, 2021 - ieeexplore.ieee.org
Recruiting professional programmers in sufficient numbers for research studies can be
challenging because they often cannot spare the time, or due to their geographical …
challenging because they often cannot spare the time, or due to their geographical …
Recruiting participants with programming skills: A comparison of four crowdsourcing platforms and a CS student mailing list
Reliably recruiting participants with programming skills is an ongoing challenge for empirical
studies involving software development technologies, often leading to the use of …
studies involving software development technologies, often leading to the use of …
Benefits and drawbacks of adopting a secure programming language: Rust as a case study
Programming languages such as Rust and Go were developed to combat common and
potentially devastating memory safety-related vulnerabilities. But adoption of new, more …
potentially devastating memory safety-related vulnerabilities. But adoption of new, more …
A Narrative Review of Factors Affecting the Implementation of Privacy and Security Practices in Software Development
Privacy and security are complex topics, raising a variety of considerations and
requirements that can be challenging to implement in software development. Determining …
requirements that can be challenging to implement in software development. Determining …
[PDF][PDF] The cyber security body of knowledge
D Basin - University of Bristol, ch. Formal Methods for, 2021 - cybok.org
The CyBOK project would like to understand how the CyBOK is being used and its uptake.
The project would like organisations using, or intending to use, CyBOK for the purposes of …
The project would like organisations using, or intending to use, CyBOK for the purposes of …
How does usable security (not) end up in software products? results from a qualitative interview study
For software to be secure in practice, users need to be willing and able to appropriately use
security features. These features are usually implemented by software professionals during …
security features. These features are usually implemented by software professionals during …
Understanding security mistakes developers make: Qualitative analysis from build it, break it, fix it
Secure software development is a challenging task requiring consideration of many possible
threats and mitigations. This paper investigates how and why programmers, despite a …
threats and mitigations. This paper investigates how and why programmers, despite a …
On conducting security developer studies with cs students: Examining a password-storage study with cs students, freelancers, and company developers
A Naiakshina, A Danilova, E Gerlitz… - Proceedings of the 2020 …, 2020 - dl.acm.org
Ecological validity is a major concern in usable security studies with developers. Many
studies are conducted with computer science (CS) students out of convenience, since …
studies are conducted with computer science (CS) students out of convenience, since …
Security responses in software development
The pressure on software developers to produce secure software has never been greater.
But what does security look like in environments that do not produce security-critical …
But what does security look like in environments that do not produce security-critical …