2 Search Results for "Cuellar, Jorge"

Document
DOI: 10.4230/OASIcs.ICPEC.2020.10
Cybersecurity Games for Secure Programming Education in the Industry: Gameplay Analysis

Authors: Tiago Gasiba, Ulrike Lechner, Filip Rezabek, and Maria Pinto-Albuquerque

Published in: OASIcs, Volume 81, First International Computer Programming Education Conference (ICPEC 2020)

Abstract
To minimize the possibility of introducing vulnerabilities in source code, software developers may attend security awareness and secure coding training. From the various approaches of how to raise awareness and adherence to coding standards, one promising novel approach is Cybersecurity Challenges. However, in an industrial setting, time is a precious resource, and, therefore, one needs to understand how to optimize the gaming experience of Cybersecurity Challenges and the effect of this game on secure coding skills. This work identifies the time spent solving challenges of different categories, analyzes gaming strategies in terms of a slow and fast team profile, and relates these profiles to the game success. First results indicate that the slow strategy is more successful than the fast approach. The authors also analyze the possible implications in the design and the training of secure coding in an industrial setting by means of Cybersecurity Challenges. This work concludes with a brief overview of its limitations and next steps in the study.
Cite as

Tiago Gasiba, Ulrike Lechner, Filip Rezabek, and Maria Pinto-Albuquerque. Cybersecurity Games for Secure Programming Education in the Industry: Gameplay Analysis. In First International Computer Programming Education Conference (ICPEC 2020). Open Access Series in Informatics (OASIcs), Volume 81, pp. 10:1-10:11, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2020)

Copy BibTex To Clipboard

@InProceedings{gasiba_et_al:OASIcs.ICPEC.2020.10,
  author =	{Gasiba, Tiago and Lechner, Ulrike and Rezabek, Filip and Pinto-Albuquerque, Maria},
  title =	{{Cybersecurity Games for Secure Programming Education in the Industry: Gameplay Analysis}},
  booktitle =	{First International Computer Programming Education Conference (ICPEC 2020)},
  pages =	{10:1--10:11},
  series =	{Open Access Series in Informatics (OASIcs)},
  ISBN =	{978-3-95977-153-5},
  ISSN =	{2190-6807},
  year =	{2020},
  volume =	{81},
  editor =	{Queir\'{o}s, Ricardo and Portela, Filipe and Pinto, M\'{a}rio and Sim\~{o}es, Alberto},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/OASIcs.ICPEC.2020.10},
  URN =		{urn:nbn:de:0030-drops-122977},
  doi =		{10.4230/OASIcs.ICPEC.2020.10},
  annote =	{Keywords: education, training, secure coding, industry, cybersecurity, capture-the-flag, game analysis, cybersecurity challenge}
}
Document
DOI: 10.4230/OASIcs.ICPEC.2020.11
Ranking Secure Coding Guidelines for Software Developer Awareness Training in the Industry

Authors: Tiago Gasiba, Ulrike Lechner, Jorge Cuellar, and Alae Zouitni

Published in: OASIcs, Volume 81, First International Computer Programming Education Conference (ICPEC 2020)

Abstract
Secure coding guidelines are essential material used to train and raise awareness of software developers on the topic of secure software development. In industrial environments, since developer time is costly, and training and education is part of non-productive hours, it is important to address and stress the most important topics first. In this work, we devise a method, based on publicly available real-world vulnerability databases and secure coding guideline databases, to rank important secure coding guidelines based on defined industry-relevant metrics. The goal is to define priorities for a teaching curriculum on raising cybersecurity awareness of software developers on secure coding guidelines. Furthermore, we do a small comparison study by asking computer science students from university on how they rank the importance of secure coding guidelines and compare the outcome to our results.
Cite as

Tiago Gasiba, Ulrike Lechner, Jorge Cuellar, and Alae Zouitni. Ranking Secure Coding Guidelines for Software Developer Awareness Training in the Industry. In First International Computer Programming Education Conference (ICPEC 2020). Open Access Series in Informatics (OASIcs), Volume 81, pp. 11:1-11:11, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2020)

Copy BibTex To Clipboard

@InProceedings{gasiba_et_al:OASIcs.ICPEC.2020.11,
  author =	{Gasiba, Tiago and Lechner, Ulrike and Cuellar, Jorge and Zouitni, Alae},
  title =	{{Ranking Secure Coding Guidelines for Software Developer Awareness Training in the Industry}},
  booktitle =	{First International Computer Programming Education Conference (ICPEC 2020)},
  pages =	{11:1--11:11},
  series =	{Open Access Series in Informatics (OASIcs)},
  ISBN =	{978-3-95977-153-5},
  ISSN =	{2190-6807},
  year =	{2020},
  volume =	{81},
  editor =	{Queir\'{o}s, Ricardo and Portela, Filipe and Pinto, M\'{a}rio and Sim\~{o}es, Alberto},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/OASIcs.ICPEC.2020.11},
  URN =		{urn:nbn:de:0030-drops-122988},
  doi =		{10.4230/OASIcs.ICPEC.2020.11},
  annote =	{Keywords: education, teaching, training, secure coding, industry, cybersecurity, capture-the-flag, game analysis, game design, cybersecurity challenge}
}
  • Refine by Author
  • 2 Gasiba, Tiago
  • 2 Lechner, Ulrike
  • 1 Cuellar, Jorge
  • 1 Pinto-Albuquerque, Maria
  • 1 Rezabek, Filip
  • Show More...

  • Refine by Classification
  • 2 Applied computing → E-learning
  • 2 Applied computing → Interactive learning environments
  • 2 Security and privacy → Software security engineering
  • 2 Security and privacy → Web application security

  • Refine by Keyword
  • 2 capture-the-flag
  • 2 cybersecurity
  • 2 cybersecurity challenge
  • 2 education
  • 2 game analysis
  • Show More...

  • Refine by Type
  • 2 document

  • Refine by Publication Year
  • 2 2020

Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail
© 2023-2024 Schloss Dagstuhl – LZI GmbH Imprint Privacy Contact