NERDS: A Non-invasive Environment for Remote Developer Studies

Abstract

Given the difficulties of secure development, studying software developers remains pivotal. However, conducting these studies remains a pain point for the security community as recruitment and retention can be incredibly difficult. In this work, we aim to make conducting security studies with software developers easier by building NERDS : a N on-invasive E nvironment for R emote D eveloper S tudies. NERDS allows for conducting remote studies while still providing researchers with a controlled environment. We describe our experiences building and deploying NERDS in two distinct secure software development studies. Our lessons learned can provide valuable insight to other researchers wanting to utilize NERDS . We provide NERDS as an open-source system.