Standard
Influences of developers' perspectives on their engagement with security in code. / Rauf, Irum; Lopez, Tamara; Sharp, Helen et al.
CHASE '22: Proceedings of the 15th International Conference on Cooperative and Human Aspects of Software Engineering. New York: Association for Computing Machinery, Inc, 2022. p. 86-95 (Proceedings - 15th International Conference on Cooperative and Human Aspects of Software Engineering, CHASE 2022).
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Harvard
Rauf, I, Lopez, T, Sharp, H, Petre, M, Tun, TT
, Levine, M, Towse, J, van der Linden, D, Rashid, A & Nuseibeh, B 2022,
Influences of developers' perspectives on their engagement with security in code. in
CHASE '22: Proceedings of the 15th International Conference on Cooperative and Human Aspects of Software Engineering. Proceedings - 15th International Conference on Cooperative and Human Aspects of Software Engineering, CHASE 2022, Association for Computing Machinery, Inc, New York, pp. 86-95.
https://doi.org/10.1145/3528579.3529180APA
Rauf, I., Lopez, T., Sharp, H., Petre, M., Tun, T. T.
, Levine, M., Towse, J., van der Linden, D., Rashid, A., & Nuseibeh, B. (2022).
Influences of developers' perspectives on their engagement with security in code. In
CHASE '22: Proceedings of the 15th International Conference on Cooperative and Human Aspects of Software Engineering (pp. 86-95). (Proceedings - 15th International Conference on Cooperative and Human Aspects of Software Engineering, CHASE 2022). Association for Computing Machinery, Inc.
https://doi.org/10.1145/3528579.3529180Vancouver
Rauf I, Lopez T, Sharp H, Petre M, Tun TT
, Levine M et al.
Influences of developers' perspectives on their engagement with security in code. In CHASE '22: Proceedings of the 15th International Conference on Cooperative and Human Aspects of Software Engineering. New York: Association for Computing Machinery, Inc. 2022. p. 86-95. (Proceedings - 15th International Conference on Cooperative and Human Aspects of Software Engineering, CHASE 2022). Epub 2022 May 21. doi: 10.1145/3528579.3529180
Author
Rauf, Irum ; Lopez, Tamara ; Sharp, Helen et al. /
Influences of developers' perspectives on their engagement with security in code. CHASE '22: Proceedings of the 15th International Conference on Cooperative and Human Aspects of Software Engineering. New York : Association for Computing Machinery, Inc, 2022. pp. 86-95 (Proceedings - 15th International Conference on Cooperative and Human Aspects of Software Engineering, CHASE 2022).
Bibtex
@inproceedings{29929728b77d412bbc9615029ca906db,
title = "Influences of developers' perspectives on their engagement with security in code",
abstract = "Background: Recent studies show that secure coding is about not only technical requirements but also developers{\textquoteright} behaviour.Objective: To understand the influence of socio-technical contexts on how developers attend to and engage with security in code, software engineering researchers collaborated with social psychologists on a psychologically-informed study.Method: In a preregistered, between-group, controlled experiment, 124 developers from multiple freelance communities, were primed toward one of three identities, following which they completed code review tasks with open-ended responses. Qualitative analysis of the rich data focused on the attitudes and reasoning that shaped their identification of security issues within code.Results: Overall, attention to code security was intermittent and heterogeneous in focus. Although social identity priming did not significantly change the code review, qualitative analysis revealed that developers varied in how they noticed issues in code, how they addressed them, and how they justified their choices.Conclusion: We found that many developers do think about security – but differently from one another. Hence, effective interventions to promote secure coding must be appropriate to the individual development context. Data is uploaded at: https://osf.io/3jvrk/files/",
author = "Irum Rauf and Tamara Lopez and Helen Sharp and Marian Petre and Tun, {Thein T.} and Mark Levine and John Towse and {van der Linden}, Dirk and Awais Rashid and Bashar Nuseibeh",
note = "{\textcopyright} ACM, 2022. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in CHASE 2022 http://doi.acm.org/10.1145/3528579.3529180",
year = "2022",
month = jul,
day = "19",
doi = "10.1145/3528579.3529180",
language = "English",
series = "Proceedings - 15th International Conference on Cooperative and Human Aspects of Software Engineering, CHASE 2022",
publisher = "Association for Computing Machinery, Inc",
pages = "86--95",
booktitle = "CHASE '22",
}
RIS
TY - GEN
T1 - Influences of developers' perspectives on their engagement with security in code
AU - Rauf, Irum
AU - Lopez, Tamara
AU - Sharp, Helen
AU - Petre, Marian
AU - Tun, Thein T.
AU - Levine, Mark
AU - Towse, John
AU - van der Linden, Dirk
AU - Rashid, Awais
AU - Nuseibeh, Bashar
N1 - © ACM, 2022. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in CHASE 2022 http://doi.acm.org/10.1145/3528579.3529180
PY - 2022/7/19
Y1 - 2022/7/19
N2 - Background: Recent studies show that secure coding is about not only technical requirements but also developers’ behaviour.Objective: To understand the influence of socio-technical contexts on how developers attend to and engage with security in code, software engineering researchers collaborated with social psychologists on a psychologically-informed study.Method: In a preregistered, between-group, controlled experiment, 124 developers from multiple freelance communities, were primed toward one of three identities, following which they completed code review tasks with open-ended responses. Qualitative analysis of the rich data focused on the attitudes and reasoning that shaped their identification of security issues within code.Results: Overall, attention to code security was intermittent and heterogeneous in focus. Although social identity priming did not significantly change the code review, qualitative analysis revealed that developers varied in how they noticed issues in code, how they addressed them, and how they justified their choices.Conclusion: We found that many developers do think about security – but differently from one another. Hence, effective interventions to promote secure coding must be appropriate to the individual development context. Data is uploaded at: https://osf.io/3jvrk/files/
AB - Background: Recent studies show that secure coding is about not only technical requirements but also developers’ behaviour.Objective: To understand the influence of socio-technical contexts on how developers attend to and engage with security in code, software engineering researchers collaborated with social psychologists on a psychologically-informed study.Method: In a preregistered, between-group, controlled experiment, 124 developers from multiple freelance communities, were primed toward one of three identities, following which they completed code review tasks with open-ended responses. Qualitative analysis of the rich data focused on the attitudes and reasoning that shaped their identification of security issues within code.Results: Overall, attention to code security was intermittent and heterogeneous in focus. Although social identity priming did not significantly change the code review, qualitative analysis revealed that developers varied in how they noticed issues in code, how they addressed them, and how they justified their choices.Conclusion: We found that many developers do think about security – but differently from one another. Hence, effective interventions to promote secure coding must be appropriate to the individual development context. Data is uploaded at: https://osf.io/3jvrk/files/
U2 - 10.1145/3528579.3529180
DO - 10.1145/3528579.3529180
M3 - Conference contribution/Paper
T3 - Proceedings - 15th International Conference on Cooperative and Human Aspects of Software Engineering, CHASE 2022
SP - 86
EP - 95
BT - CHASE '22
PB - Association for Computing Machinery, Inc
CY - New York
ER -
