TU Darmstadt / ULB / TUbiblio

Increasing Software Security by Using Mental Models

Märki, Heike ; Maas, Miriam ; Kauer, Michaela ; Oberle, Marius (2016)
Increasing Software Security by Using Mental Models.
In: Advances in Human Factors in Cybersecurity
Buchkapitel, Bibliographie

Kurzbeschreibung (Abstract)

Cybercrime is a global problem and the economic damages are enormous [1]. Identifying reasons for software vulnerabilities is an important issue with some researchers assuming software developers to be part of the problem. As most developers aren’t security experts they create insecure and thus vulnerable software. To avoid this, a tool that supports software developers in dealing with security issues should be developed. This work uses the structure formation technique [2] as a first step to develop the mental models of software developers when dealing with security measures. A core definition of mental models is compiled and the results of a pilot study deliver valuable information for the supporting tool. In further research the developed mental models of novices’ (software developers) should be compared with the mental models of security experts. On this basis the reliability of the novices’ mental models can be reviewed and occurring problems identified.

Typ des Eintrags: Buchkapitel
Erschienen: 2016
Autor(en): Märki, Heike ; Maas, Miriam ; Kauer, Michaela ; Oberle, Marius
Art des Eintrags: Bibliographie
Titel: Increasing Software Security by Using Mental Models
Sprache: Englisch
Publikationsjahr: 26 September 2016
Buchtitel: Advances in Human Factors in Cybersecurity
Veranstaltungstitel: Proceedings of the 7th International Conference on Applied Human Factors and Ergonomics AHFE
Veranstaltungsort: Florida
Veranstaltungsdatum: 27.-31. July 2016
Kurzbeschreibung (Abstract):

Cybercrime is a global problem and the economic damages are enormous [1]. Identifying reasons for software vulnerabilities is an important issue with some researchers assuming software developers to be part of the problem. As most developers aren’t security experts they create insecure and thus vulnerable software. To avoid this, a tool that supports software developers in dealing with security issues should be developed. This work uses the structure formation technique [2] as a first step to develop the mental models of software developers when dealing with security measures. A core definition of mental models is compiled and the results of a pilot study deliver valuable information for the supporting tool. In further research the developed mental models of novices’ (software developers) should be compared with the mental models of security experts. On this basis the reliability of the novices’ mental models can be reviewed and occurring problems identified.

Freie Schlagworte: Mental models · Software Developers · Software Security · Structure Formation Technique · Supporting Tool ·
Fachbereich(e)/-gebiet(e): 16 Fachbereich Maschinenbau
16 Fachbereich Maschinenbau > Institut für Arbeitswissenschaft (IAD)
Hinterlegungsdatum: 26 Sep 2016 12:13
Letzte Änderung: 14 Nov 2016 09:26
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen