Nudging Software Developers Toward Secure Code

被引:4
|
作者
Fischer, Felix [1 ]
Grossklags, Jens [2 ]
机构
[1] Tech Univ Munich, D-80333 Munich, Germany
[2] Tech Univ Munich, Dept Informat, D-80333 Munich, Germany
来源
IEEE SECURITY & PRIVACY | 2022年 / 20卷 / 02期
关键词
D O I
10.1109/MSEC.2022.3142337
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The prevalence of insecure code is one of the main challenges security experts are trying to solve. We study behavioral patterns among developers which largely contribute to insecure software-googling and reusing code from the Web-and apply nudge theory to harness these behaviors and help developers write more secure code.
引用
收藏
页码:76 / 79
页数:4
相关论文
共 50 条
  • [21] An empirical study on the influence of developers' experience on software test code quality
    Campos, Denivan
    Martins, Luana
    Machado, Ivan
    ACM International Conference Proceeding Series, 2022,
  • [22] Toward a readiness model for secure software coding
    Humayun, Mamoona
    Niazi, Mahmood
    Jhanjhi, Noor Zaman
    Mahmood, Sajjad
    Alshayeb, Mohammad
    SOFTWARE-PRACTICE & EXPERIENCE, 2023, 53 (04): : 1013 - 1035
  • [23] Copyrights Expression and Secure Container of Software Source Code
    Cha, ByungRae
    Park, Sun
    NCM 2008: 4TH INTERNATIONAL CONFERENCE ON NETWORKED COMPUTING AND ADVANCED INFORMATION MANAGEMENT, VOL 2, PROCEEDINGS, 2008, : 325 - 332
  • [24] SoK: Human, Organizational, and Technological Dimensions of Developers' Challenges in Engineering Secure Software
    Mokhberi, Azadeh
    Beznosov, Konstantin
    PROCEEDINGS OF THE 2021 EUROPEAN SYMPOSIUM ON USABLE SECURITY, EUROUSEC 2021, 2021, : 59 - 75
  • [25] Interviews and Observation of Blind Software Developers at Work to Understand Code Navigation Challenges
    Albusays, Khaled
    Ludi, Stephanie
    Huenerfauth, Matt
    PROCEEDINGS OF THE 19TH INTERNATIONAL ACM SIGACCESS CONFERENCE ON COMPUTERS AND ACCESSIBILITY (ASSETS'17), 2017, : 91 - 100
  • [26] Toward Multiconcern Software Development With Everything as Code
    Stirbu, Vlad
    Raatikainen, Mikko
    Rontynen, Joel
    Sokolov, Vlas
    Lehtonen, Timo
    Mikkonen, Tommi
    IEEE SOFTWARE, 2022, 39 (04) : 27 - 33
  • [27] Toward Successful Secure Software Deployment: An Empirical Study
    Alghamdi, Azzah A.
    Mahmood, Niazi
    27TH INTERNATIONAL CONFERENCE ON EVALUATION AND ASSESSMENT IN SOFTWARE ENGINEERING, EASE 2023, 2023, : 487 - 492
  • [28] Toward effective adoption of secure software development practices
    Al-Amin, Shams
    Ajmeri, Nirav
    Du, Hongying
    Berglund, Emily Z.
    Singh, Munindar P.
    SIMULATION MODELLING PRACTICE AND THEORY, 2018, 85 : 33 - 46
  • [29] Aligning XAI explanations with software developers' expectations: A case study with code smell prioritization
    Huang, Zijie
    Yu, Huiqun
    Fan, Guisheng
    Shao, Zhiqing
    Li, Mingchen
    Liang, Yuguo
    EXPERT SYSTEMS WITH APPLICATIONS, 2024, 238
  • [30] What Motivate Software Engineers to Refactor Source Code? Evidences from Professional Developers
    Wang, Yi
    2009 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE MAINTENANCE, CONFERENCE PROCEEDINGS, 2009, : 413 - 416
12345