Reflections on Training Next-Gen Industry Workforce on Secure Software Development

被引：1

作者：

Gasiba, Tiago Espinha ^{[1
]}

Iosif, Andrei-Cristian ^{[1
]}

Suppan, Santiago ^{[1
]}

Lechner, Ulrike ^{[2
]}

Pinto-Albuquerque, Maria ^{[3
]}

机构：

[1] Siemens AG, Munich, Germany

[2] Univ Bundeswehr Munchen, Munich, Germany

[3] Inst Univ Lisboa ISCTE IUL, ISTAR, Lisbon, Portugal

来源：

PROCEEDINGS OF THE 5TH EUROPEAN CONFERENCE ON SOFTWARE ENGINEERING EDUCATION, ECSEE 2023 | 2023年

关键词：

secure programming; industry; security awareness; cybersecurity; education; cybersecurity challenges; serious games; undergraduate education;

D O I：

10.1145/3593663.3593665

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

The increasing number of security incidents highlights the growing importance of cybersecurity, particularly in industrial environments. Education and awareness of secure coding practices are fundamental to secure products and services. In this paper, we explore the potential of CyberSecurity Challenges (CSCs), a serious game that is designed to raise awareness of industrial software developers about secure coding, to train the next generation of professionals in undergraduate programs. Our work details how to tailor the game to the training environment and assesses its effectiveness through an experiment undertaken with 16 trainees. The findings of our work reveal that the CSC game can contribute to raising awareness of secure coding practices among next-generation trainees, and highlights the potential that the game has when used in an academic setting.

引用

页码：1 / 10

页数：10

共 23 条

[1] Experiences in Introducing Blended Learning in an Introductory Programming Course [J].

Albrecht, Ella ;

Gumz, Fabian ;

Grabowski, Jens .

PROCEEDINGS OF THE 3RD EUROPEAN CONFERENCE OF SOFTWARE ENGINEERING EDUCATION (ECSEE), 2018, :93-101

[2] When Interactive Graphic Storytelling Fails [J].

Barela, James ;

Gasiba, Tiago ;

Suppan, Santiago Reinhard ;

Berges, Marc ;

Beckers, Kristian .

2019 IEEE 27TH INTERNATIONAL REQUIREMENTS ENGINEERING CONFERENCE WORKSHOPS (REW 2019), 2019, :164-169

[3]

Bundesamt fur Sicherheit in der Informationstechnik, 2023, Warnstufe Rot: Schwachstelle Log4Shell fuhrt zu extrem kritischer Bedrohungslage

[4]

Bundesverfassungsgericht, 2016, BUND UMW NAT BAU REA, P1

[5]

Department of Homeland Security US-CERT, 2020, Software Assurance

[6]

Dewes T., 2022, 3 INT COMP PROGR ED, V3, P1, DOI [10.4230/OASIcs.ICPEC.2022.3, DOI 10.4230/OASICS.ICPEC.2022.3]

[7]

Dorner Ralf., 2016, Entertainment Computing and Serious Games: International GI-Dagstuhl Seminar 15283, Dagstuhl Castle, Germany, July 5-10, 2015, Revised Selected Papers

[8]

Gasiba T., 2021, Ph.D. Thesis

[9] Sifu - a cybersecurity awareness platform with challenge assessment and intelligent coach [J].

Gasiba, Tiago Espinha ;

Lechner, Ulrike ;

Pinto-Albuquerque, Maria .

CYBERSECURITY, 2020, 3 (01)

[10]

Gensheimer Matthias, 2020, P 4 EUR C SOFTW ENG, P1

← 1 2 3 →