Please use this identifier to cite or link to this item:
http://hdl.handle.net/10071/27230Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Gasiba, T. E. | - |
| dc.contributor.author | Hodzic, S. | - |
| dc.contributor.author | Lechner, U. | - |
| dc.contributor.author | Pinto-Albuquerque, M. | - |
| dc.date.accessioned | 2023-01-14T23:05:27Z | - |
| dc.date.available | 2023-01-14T23:05:27Z | - |
| dc.date.issued | 2021 | - |
| dc.identifier.citation | Gasiba, T. E., Hodzic, S., Lechner, U., & Pinto-Albuquerque, M. (2021). Raising security awareness using cybersecurity challenges in embedded programming courses. 2021 International Conference on Code Quality (ICCQ) (pp. 79-92). IEEE. https://dx.doi.org/10.1109/ICCQ51190.2021.9392965 | - |
| dc.identifier.isbn | 978-1-7281-8476-0 | - |
| dc.identifier.uri | http://hdl.handle.net/10071/27230 | - |
| dc.description.abstract | Security bugs are errors in code that, when exploited, can lead to serious software vulnerabilities. These bugs could allow an attacker to take over an application and steal information. One of the ways to address this issue is by means of awareness training. The Sifu platform was developed in the industry, for the industry, with the aim to raise software developers' awareness of secure coding. This paper extends the Sifu platform with three challenges that specifically address embedded programming courses, and describes how to implement these challenges, while also evaluating the usefulness of these challenges to raise security awareness in an academic setting. Our work presents technical details on the detection mechanisms for software vulnerabilities and gives practical advice on how to implement them. The evaluation of the challenges is performed through two trial runs with a total of 16 participants. Our preliminary results show that the challenges are suitable for academia, and can even potentially be included in official teaching curricula. One major finding is an indicator of the lack of awareness of secure coding by undergraduates. Finally, we compare our results with previous work done in the industry and extract advice for practitioners. | eng |
| dc.language.iso | eng | - |
| dc.publisher | IEEE | - |
| dc.relation | info:eu-repo/grantAgreement/FCT/6817 - DCRRNI ID/UIDB%2F04466%2F2020/PT | - |
| dc.relation | info:eu-repo/grantAgreement/FCT/6817 - DCRRNI ID/UIDP%2F04466%2F2020/PT | - |
| dc.relation.ispartof | 2021 International Conference on Code Quality (ICCQ) | - |
| dc.rights | openAccess | - |
| dc.subject | Secure coding | eng |
| dc.subject | Software quality | eng |
| dc.subject | Embedded programming | eng |
| dc.subject | Training | eng |
| dc.subject | Cybersecurity challenge | eng |
| dc.subject | Education | eng |
| dc.subject | Security bug | eng |
| dc.title | Raising security awareness using cybersecurity challenges in embedded programming courses | eng |
| dc.type | conferenceObject | - |
| dc.event.title | 1st International Conference on Code Quality, ICCQ 2021 | - |
| dc.event.type | Conferência | pt |
| dc.event.location | Moscow | eng |
| dc.event.date | 2021 | - |
| dc.pagination | 79 - 92 | - |
| dc.peerreviewed | yes | - |
| dc.date.updated | 2023-01-14T23:04:23Z | - |
| dc.description.version | info:eu-repo/semantics/acceptedVersion | - |
| dc.identifier.doi | 10.1109/ICCQ51190.2021.9392965 | - |
| iscte.identifier.ciencia | https://ciencia.iscte-iul.pt/id/ci-pub-82963 | - |
| iscte.alternateIdentifiers.scopus | 2-s2.0-85104649958 | - |
| Appears in Collections: | ISTAR-CRI - Comunicações a conferências internacionais | |
Files in This Item:
| File | Size | Format | |
|---|---|---|---|
| conferenceObject_82963.pdf | 1,24 MB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.