Home > Refereed Conference Papers > SoK: Human, Organizational, and Technological Dimensions of Developers’ Challenges in Engineering Secure Software |
LERSSE-RefConfPaper-2021-006 |
Azadeh Mokhberi ; Konstantin Beznosov
07 September 2021
Abstract: Despite all attempts to improve software security, vulnerabilities are still propagated within software. A growing body of research is looking into why developers are unable to develop secure software from the beginning. However, despite this attention, research efforts on developer challenges lack a coherent framework. We present a systematization of existing knowledge on the factors that make secure software development challenging for developers. We evaluated 126 papers to develop a framework of challenges that includes 17 areas of challenges in three dimensions of Human, Organizational, and Technological. These areas appear to influence each other directly and indirectly. Our work highlights the interplay of these areas and their consequences for secure software development. We discussed lessons learned from the framework, shed light on its role in assisting practitioners, and proposed directions for future research.
Keyword(s): SoK ; usable security ; software developers ; human challenges ; organizational challenges ; Technological challenges ; HCI
Published in: Azadeh Mokhberi, Konstantin Beznosov. SoK: Human, Organizational, and Technological Dimensions of Developers’ Challenges in Engineering Secure Software. Proceedings of the ACM European Symposium on Usable Security (ACM EuroUSEC'21), 2021:
The record appears in these collections:
Refereed Conference Papers
Usable Security