Write a Blog >>
Tue 10 Nov 2020 08:41 - 08:42 at Virtual room 1 - Security

Secure software development is shaped by experience, integrated into software development practice through a middle path, by which developers use social interactions to draw together formal training and software development techniques. Although there are indications that online environments like Stack Overflow are not robust or accurate sources of security information, they are used by large numbers of developers to solve programming problems. This article provides recommendations for how developers can use interactions in these sites to actively learn about security in four ways, by: tending to security problems over time, fostering security knowledge, exchanging factual information and helping one another. The need to develop software systems that satisfy security and privacy requirements is increasingly important. Informal learning within social interactions is one way professional developers meet the need to write secure software.

Conference Day
Tue 10 Nov

Displayed time zone: (UTC) Coordinated Universal Time change

08:30 - 09:00
08:30
2m
Talk
An Evaluation of Methods to Port Legacy Code to SGX Enclaves
Research Papers
Kripa ShankerIndian Institute of Science, Bangalore, Arun JosephIndian Institute of Science, India, Vinod GanapathyIndian Institute of Science, India
DOI Pre-print File Attached
08:33
1m
Talk
How Does Refactoring Impact Security When Improving Quality? A Security-Aware Refactoring Approach
Journal First
Chaima AbidUniversity of Michigan, Marouane KessentiniUniversity of Michigan, Vahid AlizadehDePaul University, Mouna DhaouadiUniversity of Michigan, Rick KazmanUniversity of Hawai‘i at Mānoa
08:35
1m
Talk
Improving Cybersecurity Hygiene through JIT Patching
Industry Papers
Frederico AraujoIBM T.J. Watson Research Center, New York, USA, Teryl TaylorIBM Research, n.n.
DOI
08:37
1m
Talk
Search-Based Adversarial Testing and Improvement of Constrained Credit Scoring Systems
Research Papers
Salah GhamiziUniversity of Luxembourg, Luxembourg, Maxime CordyUniversity of Luxembourg, Luxembourg, Martin GubriUniversity of Luxembourg, Luxembourg, Mike PapadakisUniversity of Luxembourg, Luxembourg, Andrey BoystovUniversity of Luxembourg, Luxembourg, Yves Le TraonUniversity of Luxembourg, Luxembourg, Anne GoujonBGL BNP Paribas, Luxembourg
DOI Pre-print
08:39
1m
Talk
SinkFinder: Harvesting Hundreds of Unknown Interesting Function Pairs with Just One Seed
Research Papers
Pan BianRenmin University of China, China, Bin LiangRenmin University of China, China, Jianjun HuangRenmin University of China, China, Wenchang ShiRenmin University of China, China, Xidong WangRenmin University of China, China, Jian ZhangInstitute of Software at Chinese Academy of Sciences, China
DOI
08:41
1m
Talk
Taking the Middle Path: Learning About Security Through Online Social Interaction
Journal First
Tamara LopezThe Open University, Thein Tun, Arosha K BandaraThe Open University, Mark LevineLancaster University, Bashar NuseibehThe Open University (UK) & Lero (Ireland), Helen SharpThe Open University
08:43
17m
Talk
Conversations on Security
Research Papers
Frederico AraujoIBM T.J. Watson Research Center, New York, USA, Kripa ShankerIndian Institute of Science, Bangalore, Pan BianRenmin University of China, China, Salah GhamiziSntT - University of Luxembourg, Tamara LopezThe Open University, Chaima AbidUniversity of Michigan, M: Ben HermannTechnical University Dortmund