Write a Blog >>
Tue 10 Nov 2020 08:41 - 08:42 at Virtual room 1 - Security

Secure software development is shaped by experience, integrated into software development practice through a middle path, by which developers use social interactions to draw together formal training and software development techniques. Although there are indications that online environments like Stack Overflow are not robust or accurate sources of security information, they are used by large numbers of developers to solve programming problems. This article provides recommendations for how developers can use interactions in these sites to actively learn about security in four ways, by: tending to security problems over time, fostering security knowledge, exchanging factual information and helping one another. The need to develop software systems that satisfy security and privacy requirements is increasingly important. Informal learning within social interactions is one way professional developers meet the need to write secure software.

Tue 10 Nov

Displayed time zone: (UTC) Coordinated Universal Time change

08:30 - 09:00
08:30
2m
Talk
An Evaluation of Methods to Port Legacy Code to SGX Enclaves
Research Papers
Kripa Shanker Indian Institute of Science, Bangalore, Arun Joseph Indian Institute of Science, India, Vinod Ganapathy Indian Institute of Science, India
DOI Pre-print File Attached
08:33
1m
Talk
How Does Refactoring Impact Security When Improving Quality? A Security-Aware Refactoring Approach
Journal First
Chaima Abid University of Michigan, Marouane Kessentini University of Michigan, Vahid Alizadeh DePaul University, Mouna Dhaouadi University of Michigan, Rick Kazman University of Hawai‘i at Mānoa
08:35
1m
Talk
Improving Cybersecurity Hygiene through JIT Patching
Industry Papers
Frederico Araujo IBM T.J. Watson Research Center, New York, USA, Teryl Taylor IBM Research, n.n.
DOI
08:37
1m
Talk
Search-Based Adversarial Testing and Improvement of Constrained Credit Scoring Systems
Research Papers
Salah Ghamizi University of Luxembourg, Luxembourg, Maxime Cordy University of Luxembourg, Luxembourg, Martin Gubri University of Luxembourg, Luxembourg, Mike Papadakis University of Luxembourg, Luxembourg, Andrey Boystov University of Luxembourg, Luxembourg, Yves Le Traon University of Luxembourg, Luxembourg, Anne Goujon BGL BNP Paribas, Luxembourg
DOI Pre-print
08:39
1m
Talk
SinkFinder: Harvesting Hundreds of Unknown Interesting Function Pairs with Just One Seed
Research Papers
Pan Bian Renmin University of China, China, Bin Liang Renmin University of China, China, Jianjun Huang Renmin University of China, China, Wenchang Shi Renmin University of China, China, Xidong Wang Renmin University of China, China, Jian Zhang Institute of Software at Chinese Academy of Sciences, China
DOI
08:41
1m
Talk
Taking the Middle Path: Learning About Security Through Online Social Interaction
Journal First
Tamara Lopez The Open University, Thein Tun , Arosha K Bandara The Open University, Mark Levine Lancaster University, Bashar Nuseibeh The Open University (UK) & Lero (Ireland), Helen Sharp The Open University
08:43
17m
Talk
Conversations on Security
Research Papers
Frederico Araujo IBM T.J. Watson Research Center, New York, USA, Kripa Shanker Indian Institute of Science, Bangalore, Pan Bian Renmin University of China, China, Salah Ghamizi SntT - University of Luxembourg, Tamara Lopez The Open University, Chaima Abid University of Michigan, M: Ben Hermann Technical University Dortmund