Security Thinking in Online Freelance Software Development

Rauf, Irum; Petre, Marian; Tun, Thein; Lopez, Tamara and Nuseibeh, Bashar (2023). Security Thinking in Online Freelance Software Development. In: IEEE/ACM 45th International Conference on Software Engineering: Software Engineering in Society (ICSE-SEIS), 14-20 May 2023, Melbourne, Australia.

URL: https://conf.researchr.org/home/icse-2023

Abstract

Online freelance software development (OFSD) is a significant part of the software industry and is a thriving online economy; a recent survey by Stack Overflow reported that nearly 15\% are independent contractors, freelancers, or self-employed. Although security is an important quality requirement for the social sustainability of software, existing studies have shown differences in the way security issues are handled by developers working in OFSD compared to those working in organisational environments.
This paper investigates the security culture of OFSD developers, and identifies significant themes in how security is conceived, practiced, and compensated. Based on in-depth interviews with 20 freelance (FL) developers, we report that (a) security thinking is evident in descriptions of their work, (b) security thinking manifests in different ways within OFSD practice, and (c) the dynamics of the freelance development ecosystem influence financial investment in secure development.
Our findings help to understand the reasons why insecure software development is evident in freelance development, and they contribute toward developing security interventions that are tailored to the needs of freelance software developers.

Viewing alternatives

Look up in Google Scholar

Download history

Item Actions

Export

About

CORE (COnnecting REpositories)

Recommendations