6533b837fe1ef96bd12a1e3b

RESEARCH PRODUCT

Towards a Security Competence of Software Developers

Nana Assyne

subject

021110 strategic defence & security studiesohjelmistokehittäjätKnowledge managementbusiness.industryComputer scienceohjelmistotuotanto0211 other engineering and technologies020207 software engineering02 engineering and technologySoftwarekompetenssi0202 electrical engineering electronic engineering information engineeringammattitaitotietoturvaohjelmistokehitysbusinessCompetence (human resources)

description

Software growth has been explosive as people depend heavily on software on daily basis. Software development is a human-intensive effort, and developers' competence in software security is essential for secure software development. In addition, ubiquitous computing provides an added complexity to software security. Studies have treated security competences of software developers as a subsidiary of security engineers' competence instead of software engineers' competence, limiting the full knowledge of the security competences of software developers. This presents a crucial challenge for developers, educators, and users to maintain developers' competences in security. As a first step in pushing for the developers' security competence studies, this chapter utilises a literature review to identify the security competences of software developers. Thirteen security competences of software developers were identified and mapped to the common body of knowledge for information security professional framework. Lastly, the implications for, with, and without the competences are analysed and presented.

yearjournalcountryeditionlanguage
2020-01-01
https://doi.org/10.4018/978-1-6684-3702-5.ch098