Secure Software Development Awareness: A Case Study of Undergraduate Developers

M. Mutanga
{"title":"Secure Software Development Awareness: A Case Study of Undergraduate Developers","authors":"M. Mutanga","doi":"10.46565/jreas.202273373-382","DOIUrl":null,"url":null,"abstract":"As ubiquitous computing becomes an increasingly inherent component of everyday life due to the rapid growth of communication technologies and globalization, threats against information systems have taken a more latent yet lethal dimension. This emergent digital security challenge has correspondingly motivated a proactive change in the software engineering process in recent decades. This change has inspired more intense research scrutiny on security as a crucial component of any software system. Moreover, in today’s virtual world of hyperconnectivity, the most significant vulnerabilities in modern information systems security are software centred. Nevertheless, research shows that software developers often lack the required knowledge and skills in secure software systems development (SSD). Such knowledge ensures that all the resultant software components of each development lifecycle are correctly implemented rather than merely following the SSD lifecycle. Also, the knowledge engenders software security consciousness as a professional attitude amongst developers. Therefore, investigating students’ awareness of SSD principles can generate insight into evolving the undergraduate software development curriculum – a path to building future career developers. The study used a voluntary online survey to recruit a sample of 76 undergraduate developers and employed a descriptive approach to data analysis. Among other findings, the study revealed that participants' perception of the threat of software vulnerability impacts their attitude towards security on online and mobile platforms. And that though over 90% of the undergraduate developers took software vulnerability threats either “serious” or “extremely serious”, this disposition did not reflect the depth of their knowledge and experience in SSD.","PeriodicalId":14343,"journal":{"name":"International Journal of Research in Engineering and Applied Sciences","volume":"16 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2023-02-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Research in Engineering and Applied Sciences","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.46565/jreas.202273373-382","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1

Abstract

As ubiquitous computing becomes an increasingly inherent component of everyday life due to the rapid growth of communication technologies and globalization, threats against information systems have taken a more latent yet lethal dimension. This emergent digital security challenge has correspondingly motivated a proactive change in the software engineering process in recent decades. This change has inspired more intense research scrutiny on security as a crucial component of any software system. Moreover, in today’s virtual world of hyperconnectivity, the most significant vulnerabilities in modern information systems security are software centred. Nevertheless, research shows that software developers often lack the required knowledge and skills in secure software systems development (SSD). Such knowledge ensures that all the resultant software components of each development lifecycle are correctly implemented rather than merely following the SSD lifecycle. Also, the knowledge engenders software security consciousness as a professional attitude amongst developers. Therefore, investigating students’ awareness of SSD principles can generate insight into evolving the undergraduate software development curriculum – a path to building future career developers. The study used a voluntary online survey to recruit a sample of 76 undergraduate developers and employed a descriptive approach to data analysis. Among other findings, the study revealed that participants' perception of the threat of software vulnerability impacts their attitude towards security on online and mobile platforms. And that though over 90% of the undergraduate developers took software vulnerability threats either “serious” or “extremely serious”, this disposition did not reflect the depth of their knowledge and experience in SSD.
安全软件开发意识:大学生开发人员的案例研究
由于通信技术和全球化的快速发展,无处不在的计算日益成为日常生活中固有的组成部分,对信息系统的威胁已经采取了更加潜在但致命的方面。近几十年来,这种新兴的数字安全挑战相应地激发了软件工程过程中的积极变化。这一变化激发了对作为任何软件系统的关键组成部分的安全性进行更深入的研究。此外,在当今超连接的虚拟世界中,现代信息系统安全中最重要的漏洞是以软件为中心的。然而,研究表明,软件开发人员往往缺乏安全软件系统开发(SSD)所需的知识和技能。这样的知识确保了每个开发生命周期的所有结果软件组件都被正确实现,而不仅仅是遵循SSD生命周期。此外,这些知识使软件安全意识成为开发人员的一种专业态度。因此,调查学生对固态硬盘原则的认识可以深入了解本科软件开发课程的发展,这是培养未来职业开发人员的一条途径。该研究采用了一项自愿在线调查,招募了76名本科开发人员,并采用描述性方法进行数据分析。在其他调查结果中,研究显示,参与者对软件漏洞威胁的看法影响了他们对在线和移动平台安全的态度。尽管90%以上的本科开发人员认为软件漏洞威胁“严重”或“极其严重”,但这种倾向并没有反映出他们在SSD方面的知识和经验的深度。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信