DROPS

Document

DOI: 10.4230/OASIcs.ICPEC.2020.11

Ranking Secure Coding Guidelines for Software Developer Awareness Training in the Industry

Authors: Tiago Gasiba, Ulrike Lechner, Jorge Cuellar, and Alae Zouitni

Published in: OASIcs, Volume 81, First International Computer Programming Education Conference (ICPEC 2020)

Abstract

Secure coding guidelines are essential material used to train and raise awareness of software developers on the topic of secure software development. In industrial environments, since developer time is costly, and training and education is part of non-productive hours, it is important to address and stress the most important topics first. In this work, we devise a method, based on publicly available real-world vulnerability databases and secure coding guideline databases, to rank important secure coding guidelines based on defined industry-relevant metrics. The goal is to define priorities for a teaching curriculum on raising cybersecurity awareness of software developers on secure coding guidelines. Furthermore, we do a small comparison study by asking computer science students from university on how they rank the importance of secure coding guidelines and compare the outcome to our results.

Cite as

Tiago Gasiba, Ulrike Lechner, Jorge Cuellar, and Alae Zouitni. Ranking Secure Coding Guidelines for Software Developer Awareness Training in the Industry. In First International Computer Programming Education Conference (ICPEC 2020). Open Access Series in Informatics (OASIcs), Volume 81, pp. 11:1-11:11, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2020)

Copy BibTex To Clipboard

@InProceedings{gasiba_et_al:OASIcs.ICPEC.2020.11,
  author =	{Gasiba, Tiago and Lechner, Ulrike and Cuellar, Jorge and Zouitni, Alae},
  title =	{{Ranking Secure Coding Guidelines for Software Developer Awareness Training in the Industry}},
  booktitle =	{First International Computer Programming Education Conference (ICPEC 2020)},
  pages =	{11:1--11:11},
  series =	{Open Access Series in Informatics (OASIcs)},
  ISBN =	{978-3-95977-153-5},
  ISSN =	{2190-6807},
  year =	{2020},
  volume =	{81},
  editor =	{Queir\'{o}s, Ricardo and Portela, Filipe and Pinto, M\'{a}rio and Sim\~{o}es, Alberto},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/OASIcs.ICPEC.2020.11},
  URN =		{urn:nbn:de:0030-drops-122988},
  doi =		{10.4230/OASIcs.ICPEC.2020.11},
  annote =	{Keywords: education, teaching, training, secure coding, industry, cybersecurity, capture-the-flag, game analysis, game design, cybersecurity challenge}
}

@InProceedings{gasiba_et_al:OASIcs.ICPEC.2020.11,
  author =	{Gasiba, Tiago and Lechner, Ulrike and Cuellar, Jorge and Zouitni, Alae},
  title =	{{Ranking Secure Coding Guidelines for Software Developer Awareness Training in the Industry}},
  booktitle =	{First International Computer Programming Education Conference (ICPEC 2020)},
  pages =	{11:1--11:11},
  series =	{Open Access Series in Informatics (OASIcs)},
  ISBN =	{978-3-95977-153-5},
  ISSN =	{2190-6807},
  year =	{2020},
  volume =	{81},
  editor =	{Queir\'{o}s, Ricardo and Portela, Filipe and Pinto, M\'{a}rio and Sim\~{o}es, Alberto},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/OASIcs.ICPEC.2020.11},
  URN =		{urn:nbn:de:0030-drops-122988},
  doi =		{10.4230/OASIcs.ICPEC.2020.11},
  annote =	{Keywords: education, teaching, training, secure coding, industry, cybersecurity, capture-the-flag, game analysis, game design, cybersecurity challenge}
}

Search Results

Documents authored by Zouitni, Alae

Ranking Secure Coding Guidelines for Software Developer Awareness Training in the Industry

Abstract

Cite as

Thanks for your feedback!

Could not send message