Final published version, 650 KB, PDF document
Available under license: CC BY: Creative Commons Attribution 4.0 International License
Final published version
Licence: CC BY: Creative Commons Attribution 4.0 International License
Final published version
Licence: CC BY: Creative Commons Attribution 4.0 International License
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - A Review of How Whistleblowing is Studied in Software Engineering, and the Implications for Research and Practice
AU - Hunt, Lucy
AU - Ferrario, Maria
PY - 2022/6/20
Y1 - 2022/6/20
N2 - Harmful software has resulted in loss of life, societal and environmental damage alongside economic losses from fines and sales embargoes. When someone perceives their team or organisation is creating or operating harmful software (e.g., defective, vulnerable, malicious or illegal), one way to attempt to change the situation is to "blow the whistle" and disclose the situation internally or externally. Studying harmful situations and the effectiveness of interventions, up to and including whistleblowing, can help identify technical and human successes and failings in software engineering (SE).The aim of this paper is to explore the extent to which whistleblowing is studied in SE with the objective of identifying themes, research approaches, gaps and concerns, and the implications for future SE research and practice. We find that whistleblowing is an under-explored area of SE research, and where research exists, it often takes the view that reporting harm is a matter of individual moral responsibility; we argue this poorly reflects SE collaborative practice where professional responsibilities are distributed across the software development lifecycle. We conclude by 1) recommending approaches that can help a more timely identification and mitigation of harm in SE; 2) suggesting mechanisms for improving the effectiveness and the personal safety of harm-reporting in SE, and 3) reflecting on the role that professional bodies can have in supporting harm reporting, up to and including whistleblowing.
AB - Harmful software has resulted in loss of life, societal and environmental damage alongside economic losses from fines and sales embargoes. When someone perceives their team or organisation is creating or operating harmful software (e.g., defective, vulnerable, malicious or illegal), one way to attempt to change the situation is to "blow the whistle" and disclose the situation internally or externally. Studying harmful situations and the effectiveness of interventions, up to and including whistleblowing, can help identify technical and human successes and failings in software engineering (SE).The aim of this paper is to explore the extent to which whistleblowing is studied in SE with the objective of identifying themes, research approaches, gaps and concerns, and the implications for future SE research and practice. We find that whistleblowing is an under-explored area of SE research, and where research exists, it often takes the view that reporting harm is a matter of individual moral responsibility; we argue this poorly reflects SE collaborative practice where professional responsibilities are distributed across the software development lifecycle. We conclude by 1) recommending approaches that can help a more timely identification and mitigation of harm in SE; 2) suggesting mechanisms for improving the effectiveness and the personal safety of harm-reporting in SE, and 3) reflecting on the role that professional bodies can have in supporting harm reporting, up to and including whistleblowing.
U2 - 10.1109/ICSE-SEIS55304.2022.9793939
DO - 10.1109/ICSE-SEIS55304.2022.9793939
M3 - Conference contribution/Paper
SN - 9781665495950
SP - 12
EP - 23
BT - 2022 IEEE/ACM 44th International Conference on Software Engineering: Software Engineering in Society (ICSE-SEIS)
PB - IEEE/ACM
ER -