Title :
Why do programmers make security errors?
Author :
Xie, Jing ; Lipford, Heather Richter ; Chu, Bill
Author_Institution :
Dept. of Software & Inf. Syst., Univ. of North Carolina at Charlotte, Charlotte, NC, USA
Abstract :
A large number of software security vulnerabilities are caused by software errors that are committed by software developers. We believe that interactive tool support will play an important role in aiding software developers to develop more secure software. However, an in-depth understanding of how and why software developers produce security bugs is needed to design such tools. We conducted a semi-structured interview study on 15 professional software developers to understand their perceptions and behaviors related to software security. Our results reveal a disconnect between developers´ conceptual understanding of security and their attitudes regarding their personal responsibility and practices for software security.
Keywords :
security of data; software tools; interactive tool support; programmers; security bugs; security errors; software developers; software errors; software security vulnerabilities; Computer bugs; Context; Interviews; Programming profession; Security; Software;
Conference_Titel :
Visual Languages and Human-Centric Computing (VL/HCC), 2011 IEEE Symposium on
Conference_Location :
Pittsburgh, PA
Print_ISBN :
978-1-4577-1246-3
DOI :
10.1109/VLHCC.2011.6070393
