Learning secure programming in open source software communities: a socio-technical view

Proceedings of the 6th International Conference on Information and Education Technology Pub Date : 2018-01-06 DOI:10.1145/3178158.3178202

Shao-Fang Wen

{"title":"Learning secure programming in open source software communities: a socio-technical view","authors":"Shao-Fang Wen","doi":"10.1145/3178158.3178202","DOIUrl":null,"url":null,"abstract":"In open source software (OSS) communities, volunteers collaborate and integrate expertise to develop the software online via the Internet in a decentralized, highly interactive and knowledge-intensive process. Development of qualified and secured software products relies mainly on the ability of OSS participants to acquire, refine and use new aspects of secure programming knowledge. Many OSS proponents believe that the open source innovation offers significant learning opportunities from its best practices. However, studies that specifically explore learning of software security in the context of open source development are scarce. This paper aims to empirically assess present knowledge sharing and learning about secure programming knowledge in the context of OSS communities utilized a socio-technical approach on OSS projects based on an ethnographic observation. Our motivation is not only to evaluate the knowledge sharing and learning mechanisms and the extent to which they may be viable and successful but also to gain insight into the security culture and project factors that affect learning processes of secure programming in OSS communities.","PeriodicalId":213847,"journal":{"name":"Proceedings of the 6th International Conference on Information and Education Technology","volume":"101 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 6th International Conference on Information and Education Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3178158.3178202","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 11

Abstract

In open source software (OSS) communities, volunteers collaborate and integrate expertise to develop the software online via the Internet in a decentralized, highly interactive and knowledge-intensive process. Development of qualified and secured software products relies mainly on the ability of OSS participants to acquire, refine and use new aspects of secure programming knowledge. Many OSS proponents believe that the open source innovation offers significant learning opportunities from its best practices. However, studies that specifically explore learning of software security in the context of open source development are scarce. This paper aims to empirically assess present knowledge sharing and learning about secure programming knowledge in the context of OSS communities utilized a socio-technical approach on OSS projects based on an ethnographic observation. Our motivation is not only to evaluate the knowledge sharing and learning mechanisms and the extent to which they may be viable and successful but also to gain insight into the security culture and project factors that affect learning processes of secure programming in OSS communities.

查看原文本刊更多论文

在开源软件社区学习安全编程:社会技术观点

在开源软件(OSS)社区中，志愿者通过分散的、高度互动的和知识密集型的过程，通过互联网协作并整合专业知识来在线开发软件。合格且安全的软件产品的开发主要依赖于OSS参与者获取、改进和使用安全编程知识的新方面的能力。许多OSS支持者认为，开源创新提供了从其最佳实践中学习的重要机会。然而，专门探讨开源开发背景下软件安全学习的研究很少。本文旨在根据民族志观察，利用OSS项目的社会技术方法，对OSS社区背景下的当前知识共享和安全编程知识的学习进行经验评估。我们的动机不仅是评估知识共享和学习机制，以及它们可能可行和成功的程度，而且是为了深入了解影响OSS社区中安全编程学习过程的安全文化和项目因素。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 6th International Conference on Information and Education Technology

自引率

0.00%

发文量