Understanding the Usage of IT-Security Games in the Industry and Its Mapping to Job Profiles

Authors Tilman Dewes , Tiago Gasiba , Thomas Schreck



PDF
Thumbnail PDF

File

OASIcs.ICPEC.2022.3.pdf
  • Filesize: 0.67 MB
  • 12 pages

Document Identifiers

Author Details

Tilman Dewes
  • Siemens AG, München, Germany
Tiago Gasiba
  • Siemens AG, München, Germany
Thomas Schreck
  • Hochschule für angewandte Wissenschaften München, Germany

Cite AsGet BibTex

Tilman Dewes, Tiago Gasiba, and Thomas Schreck. Understanding the Usage of IT-Security Games in the Industry and Its Mapping to Job Profiles. In Third International Computer Programming Education Conference (ICPEC 2022). Open Access Series in Informatics (OASIcs), Volume 102, pp. 3:1-3:12, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2022)
https://doi.org/10.4230/OASIcs.ICPEC.2022.3

Abstract

Due to the increasing dependency on IT systems in both the private and industrial sectors, IT security training is becoming increasingly important. One way to teach IT security topics is through serious games, which besides being fun to play, impart knowledge on certain topics. As these games are more and more used in the industrial environment, this paper aims to develop a mapping between industrial roles and the games to show which game fits how well for the training of an industrial role. In doing so, an evaluation of the games was established that allows for comparability across the different roles. Thus, the research question which serious games is suitable for which industrial role could be addressed. Further results of the work are an ontology, which contains the essential characteristics of serious games for this work, a collection of industrial roles with their required IT-skills and a collection of serious games with an evaluation of the level of support of IT-skills.

Subject Classification

ACM Subject Classification
  • Applied computing → Learning management systems
  • Security and privacy → Software security engineering
  • Applied computing → Distance learning
  • Applied computing → E-learning
Keywords
  • Serious Games
  • IT-Security
  • Industrial Roles
  • Mapping
  • Ontology

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads

References

  1. Kristian Beckers and Sebastian Pape. A Serious Game for Eliciting Social Engineering Security Requirements. In 2016 IEEE 24th International Requirements Engineering Conference (RE), pages 16-25, 2016. URL: https://doi.org/10.1109/RE.2016.39.
  2. Bundesamt für Sicherheit in der Informationstechnik. Die Lage der IT-Sicherheit in Deutschland 2021. BSI, 2021. Google Scholar
  3. Polona Caserman, Katrin Hoffmann, Philipp Müller, Marcel Schaub, Katharina Straßburg, Josef Wiemeyer, Regina Bruder, and Stefan Göbel. Quality criteria for serious games: Serious part, game part, and balance. JMIR Serious Games, 8(3):e19037, July 2020. URL: https://doi.org/10.2196/19037.
  4. Ralf Dörner, Stefan Göbel, Wolfgang Effelsberg, and Josef Wiemeyer. Serious Games: Foundations, Concepts and Practice. Springer International Publishing, 1. Ed, Switzerland, 2016. URL: https://doi.org/10.1007/978-3-319-40612-1.
  5. Tiago Espinha Gasiba, Kristian Beckers, Santiago Suppan, and Filip Rezabek. On the Requirements for Serious Games Geared Towards Software Developers in the Industry. In 2019 IEEE 27th International Requirements Engineering Conference (RE), pages 286-296, 2019. URL: https://doi.org/10.1109/RE.2019.00038.
  6. Tiago Gasiba, Ulrike Lechner, and Maria Pinto-Albuquerque. CyberSecurity Challenges for Software Developer Awareness Training in Industrial Environments. In International Conference on Wirtschaftsinformatik, pages 370-387. Springer, 2021. Google Scholar
  7. Maurice Hendrix, Ali Al-Sherbaz, and Victoria Bloom. Game Based Cyber Security Training: are Serious Games suitable for cyber security training? International Journal of Serious Games, 3, March 2016. URL: https://doi.org/10.17083/ijsg.v3i1.107.
  8. Hill Jr, Mesafint Fanuel, Xiaohong Yuan, Jinghua Zhang, and Sajad Sajad. A Survey of Serious Games for Cybersecurity Education and Training. KSU Conference on Cybersecurity Education, Research and Practice, October 2020. Google Scholar
  9. Menelaos Katsantonis, Isabella Kotini, Panayotis Fouliras, and Ioannis Mavridis. Conceptual Framework for Developing Cyber Security Serious Games. In 2019 IEEE Global Engineering Education Conference (EDUCON), pages 872-881, April 2019. URL: https://doi.org/10.1109/EDUCON.2019.8725061.
  10. Lin Liu, Affan Yasin Chouhan, Tong Li, Rubia Fatima, and Jianmin Wang. Improving Software Security Awareness Using A Serious Game. IET Software, 13, July 2018. URL: https://doi.org/10.1049/iet-sen.2018.5095.
  11. Natalia. Noy and Deborah Mcguinness. Ontology Development 101: A Guide to Creating Your First Ontology. Knowledge Systems Laboratory, 32, January 2001. Google Scholar
  12. José Carlos Paiva, José Paulo Leal, and Álvaro Figueira. Automated Assessment in Computer Science Education: A State-of-the-Art Review. ACM Trans. Comput. Educ., January 2022. Just Accepted. URL: https://doi.org/10.1145/3513140.
  13. Adam Shostack. Threat Modeling Expertise, Training, Coaching, July 2022. URL: https://shostack.org/.
  14. Stephen Tang and Martin Hanneghan. Game Content Model: An Ontology for Documenting Serious Game Design. In 2011 Developments in E-systems Engineering, pages 431-436, 2011. URL: https://doi.org/10.1109/DeSE.2011.68.
  15. Valdemar Švábenský, Jan Vykopal, Milan Cermak, and Martin Laštovička. Enhancing Cybersecurity Skills by Creating Serious Games. In Proceedings of the 23rd Annual ACM Conference on Innovation and Technology in Computer Science Education, ITiCSE 2018, pages 194-199, New York, NY, USA, 2018. Association for Computing Machinery. URL: https://doi.org/10.1145/3197091.3197123.
  16. Tiange Zhao, Tiago Espinha Gasiba, Ulrike Lechner, and Maria Pinto-Albuquerque. Exploring a Board Game to Improve Cloud Security Training in Industry (Short Paper). In ICPEC, 2021. Google Scholar
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail