Security Responses in Software Development

Lopez, Tamara; Sharp, Helen; Thein, Tun; Bandara, Arosha; Levine, Mark and Nuseibeh, Bashar (2022). Security Responses in Software Development. ACM Transactions on Software Engineering and Methodology (Early Access).

DOI: https://doi.org/10.1145/3563211

Abstract

The pressure on software developers to produce secure software has never been greater. But what does security look like in environments that don’t produce security-critical software? In answer to this question, this multi-sited ethnographic study characterises security episodes and identifies five typical behaviors in software development. Using theory drawn from information security and motivation research in software engineering, this paper characterizes key ways in which individual developers form security responses to meet the demands of particular circumstances, providing a framework managers and teams can use to recognize, understand and alter security activity in their environments.

Viewing alternatives

Metrics

Item Actions

Export

You can export this page using these formats Digital Object Identifier - DOI

About

• Item ORO ID
• 85032
• Item Type
• Journal Item
• ISSN
• 1557-7392
• Project Funding Details

• Funded Project Name	Project ID	Funding Body
  STRIDE	EP/R013144/1	The Open University (OU)
  SAUSE	EP/T017465/1	The Open University (OU)
  NCSC	Not Set	Not Set
  SFI	13/RC/2094\_P2	Not Set

• Keywords
• Security; Developers; Software engineering; Human-centered computing; Privacy
• Academic Unit or School
• Faculty of Science, Technology, Engineering and Mathematics (STEM)
  Faculty of Science, Technology, Engineering and Mathematics (STEM) > Computing and Communications
• Research Group
• Centre for Research in Computing (CRC)
• Copyright Holders
• © 2022 Association for Computing Machinery
• Depositing User
• Tamara Lopez