Home > Research > Publications & Outputs > An anatomy of security conversations in stack o...

Associated organisational unit

Text available via DOI:

View graph of relations

An anatomy of security conversations in stack overflow

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Published
  • Tamara Lopez
  • Thein Tun
  • Arosha Bandara
  • Levine Mark
  • Bashar Nuseibeh
  • Helen Sharp
Close
Publication date15/08/2019
Host publicationProceedings - 2019 IEEE/ACM 41st International Conference on Software Engineering: Software Engineering in Society, ICSE-SEIS 2019
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages31-40
Number of pages10
ISBN (electronic)9781728117621
<mark>Original language</mark>English
Event41st IEEE/ACM International Conference on Software Engineering: Software Engineering in Society, ICSE-SEIS 2019 - Montreal, Canada
Duration: 25/05/201931/05/2019

Conference

Conference41st IEEE/ACM International Conference on Software Engineering: Software Engineering in Society, ICSE-SEIS 2019
Country/TerritoryCanada
CityMontreal
Period25/05/1931/05/19

Publication series

NameProceedings - 2019 IEEE/ACM 41st International Conference on Software Engineering: Software Engineering in Society, ICSE-SEIS 2019

Conference

Conference41st IEEE/ACM International Conference on Software Engineering: Software Engineering in Society, ICSE-SEIS 2019
Country/TerritoryCanada
CityMontreal
Period25/05/1931/05/19

Abstract

As software-intensive digital systems become an integral part of modern life, ensuring that these systems are developed to satisfy security and privacy requirements is an increasingly important societal concern. This paper examines how secure coding practice is supported on Stack Overflow. Although there are indications that on-line environments are not robust or accurate sources of security information, they are used by large numbers of developers. Findings demonstrate that developers use conversation within the site to actively connect with and tend to security problems, fostering knowledge, exchanging information and providing assistance to one another.

Bibliographic note

Funding Information: Supported by the National Cyber Security Centre (NCSC). Nuseibeh thanks SFI, EPSRC and ERC for financial support. Publisher Copyright: © 2019 IEEE.