Security Responses in Software Development

Lopez, Tamara and Sharp, Helen and Tun, Thein and Bandara, Arosha and Levine, Mark and Nuseibeh, Bashar (2023) Security Responses in Software Development. ACM Transactions on Software Engineering and Methodology, 32 (3): 64. pp. 1-29. ISSN 1049-331X

[thumbnail of TOSEM-2021-0135.FinalSubmission]

Text (TOSEM-2021-0135.FinalSubmission)
TOSEM_2021_0135.FinalSubmission.pdf - Accepted Version
Available under License Creative Commons Attribution.
Download (3MB)

Abstract

The pressure on software developers to produce secure software has never been greater. But what does security look like in environments that do not produce security-critical software? In answer to this question, this multi-sited ethnographic study characterizes security episodes and identifies five typical behaviors in software development. Using theory drawn from information security and motivation research in software engineering, this article characterizes key ways in which individual developers form security responses to meet the demands of particular circumstances, providing a framework managers and teams can use to recognize, understand, and alter security activity in their environments.

Item Type:

Journal Article

Journal or Publication Title:

ACM Transactions on Software Engineering and Methodology

Uncontrolled Keywords:

Data Sharing Template/no

Subjects:

?? software engineeringsecuritydevelopersnosoftware ??

Departments:

Faculty of Science and Technology > Psychology

ID Code:

178578

Deposited By:

ep_importer_pure

Deposited On:

03 Nov 2022 16:45

Refereed?:

Yes

Published?:

Published

Last Modified:

31 Oct 2024 01:16

URI:

https://eprints.lancs.ac.uk/id/eprint/178578