LERSSE-RefConfPaper-2021-006

SoK: Human, Organizational, and Technological Dimensions of Developers’ Challenges in Engineering Secure Software

Azadeh Mokhberi ; Konstantin Beznosov

07 September 2021

Abstract: Despite all attempts to improve software security, vulnerabilities are still propagated within software. A growing body of research is looking into why developers are unable to develop secure software from the beginning. However, despite this attention, research efforts on developer challenges lack a coherent framework. We present a systematization of existing knowledge on the factors that make secure software development challenging for developers. We evaluated 126 papers to develop a framework of challenges that includes 17 areas of challenges in three dimensions of Human, Organizational, and Technological. These areas appear to influence each other directly and indirectly. Our work highlights the interplay of these areas and their consequences for secure software development. We discussed lessons learned from the framework, shed light on its role in assisting practitioners, and proposed directions for future research.

Keyword(s): SoK ; usable security ; software developers ; human challenges ; organizational challenges ; Technological challenges ; HCI

Published in: Azadeh Mokhberi, Konstantin Beznosov. SoK: Human, Organizational, and Technological Dimensions of Developers’ Challenges in Engineering Secure Software. Proceedings of the ACM European Symposium on Usable Security (ACM EuroUSEC'21), 2021:

The record appears in these collections:
Refereed Conference Papers
Usable Security

 Record created 2021-09-07, last modified 2021-09-30


Fulltext:
Download fulltext
PDF

Rate this document:

Rate this document:
1
2
3
 
(Not yet reviewed)