Light-touch Interventions to Improve Software Development Security

Weir, Charles Alexander Forbes and Blair, Lynne and Becker, Ingolf and Sasse, Angela and Noble, James (2018) Light-touch Interventions to Improve Software Development Security. In: Proceedings of the IEEE Cybersecurity Development Conference 2018 :. IEEE.

Preview

PDF (Light-Touch Interventions to Improve Software Development Security)
WeirSecDev2018.pdf - Accepted Version
Available under License Creative Commons Attribution.
Download (568kB)

Abstract

Many software developers still have little interest in software security. To change this, we need ‘interventions’ to development teams to motivate and help them towards security improvement. An intervention costing less than two days’ effort from a facilitator plus half a day of team effort can significantly improve that team’s software security. This case study describes how this approach was used with one commercial team, and identifies its impact using Participative Action Research. With suitable improvements, the approach has the potential to help many other development teams.

Item Type:

Contribution in Book/Report/Proceedings

Additional Information:

©2018 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.

Uncontrolled Keywords:

/dk/atira/pure/subjectarea/asjc/1700/1712

Subjects:

?? developer centered securitycase studysoftware securitysoftware developerinterventionaction researchsoftware ??

Departments:

Faculty of Science and Technology > School of Computing & Communications

ID Code:

129066

Deposited By:

ep_importer_pure

Deposited On:

22 Nov 2018 14:28

Refereed?:

Yes

Published?:

Published

Last Modified:

20 Sep 2024 00:07

URI:

https://eprints.lancs.ac.uk/id/eprint/129066