License: Creative Commons Attribution 4.0 International license (CC BY 4.0)
When quoting this document, please refer to the following
DOI: 10.4230/OASIcs.ICPEC.2021.10
URN: urn:nbn:de:0030-drops-142269
URL: http://dagstuhl.sunsite.rwth-aachen.de/volltexte/2021/14226/
Go to the corresponding OASIcs Volume Portal

Casqueiro, Luís Afonso ; Gasiba, Tiago Espinha ; Pinto-Albuquerque, Maria ; Lechner, Ulrike

Automated Java Challenges' Security Assessment for Training in Industry - Preliminary Results

pdf-format:
OASIcs-ICPEC-2021-10.pdf (1.0 MB)

Abstract

Secure software development is a crucial topic that companies need to address to develop high-quality software. However, it has been shown that software developers lack secure coding awareness. In this work, we use a serious game approach that presents players with Java challenges to raise Java programmers' secure coding awareness. Towards this, we adapted an existing platform, embedded in a serious game, to assess Java secure coding exercises and performed an empirical study. Our preliminary results provide a positive indication of our solution’s viability as a means of secure software development training. Our contribution can be used by practitioners and researchers alike through an overview on the implementation of automatic security assessment of Java CyberSecurity Challenges and their evaluation in an industrial context.

BibTeX - Entry

@InProceedings{casqueiro_et_al:OASIcs.ICPEC.2021.10,
  author =	{Casqueiro, Lu{\'\i}s Afonso and Gasiba, Tiago Espinha and Pinto-Albuquerque, Maria and Lechner, Ulrike},
  title =	{{Automated Java Challenges' Security Assessment for Training in Industry - Preliminary Results}},
  booktitle =	{Second International Computer Programming Education Conference (ICPEC 2021)},
  pages =	{10:1--10:11},
  series =	{Open Access Series in Informatics (OASIcs)},
  ISBN =	{978-3-95977-194-8},
  ISSN =	{2190-6807},
  year =	{2021},
  volume =	{91},
  editor =	{Henriques, Pedro Rangel and Portela, Filipe and Queir\'{o}s, Ricardo and Sim\~{o}es, Alberto},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/opus/volltexte/2021/14226},
  URN =		{urn:nbn:de:0030-drops-142269},
  doi =		{10.4230/OASIcs.ICPEC.2021.10},
  annote =	{Keywords: Education, Teaching, Training, Awareness, Secure Coding, Industry, Programming, Cybersecurity, Capture-the-Flag, Intelligent Coach}
}

Keywords: Education, Teaching, Training, Awareness, Secure Coding, Industry, Programming, Cybersecurity, Capture-the-Flag, Intelligent Coach
Collection: Second International Computer Programming Education Conference (ICPEC 2021)
Issue Date: 2021
Date of publication: 01.07.2021

DROPS-Home | Fulltext Search | Imprint | Privacy Published by LZI