000000342 001__ 342
000000342 005__ 20210930154831.0
000000342 037__ $$aLERSSE-RefConfPaper-2021-006
000000342 100__ $$aAzadeh Mokhberi
000000342 245__ $$aSoK: Human, Organizational, and Technological Dimensions of Developers’ Challenges in Engineering Secure Software
000000342 260__ $$c2021-09-07
000000342 300__ $$a17
000000342 520__ $$aDespite all attempts to improve software security, vulnerabilities are still propagated within software. A growing body of research is looking into why developers are unable to develop secure software from the beginning. However, despite this attention, research efforts on developer challenges lack a coherent framework. We present a systematization of existing knowledge on the factors that make secure software development challenging for developers. We evaluated 126 papers to develop a framework of challenges that includes 17 areas of challenges in three dimensions of Human, Organizational, and Technological. These areas appear to influence each other directly and indirectly. Our work highlights the interplay of these areas and their consequences for secure software development. We discussed lessons learned from the framework, shed light on its role in assisting practitioners, and proposed directions for future research.
000000342 6531_ $$aSoK
000000342 6531_ $$ausable security
000000342 6531_ $$asoftware developers
000000342 6531_ $$ahuman challenges
000000342 6531_ $$aorganizational challenges
000000342 6531_ $$aTechnological challenges
000000342 6531_ $$aHCI
000000342 700__ $$aKonstantin Beznosov
000000342 8560_ $$fmokhberi@ece.ubc.ca
000000342 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/342/files/eurousec21-16.pdf
000000342 909C4 $$pAzadeh Mokhberi, Konstantin Beznosov. SoK: Human, Organizational, and Technological Dimensions of Developers’ Challenges in Engineering Secure Software. Proceedings of the ACM European Symposium on Usable Security (ACM EuroUSEC'21), 2021
000000342 980__ $$aRefConfPaper