Ciência_Iscte Publicações Descrição Detalhada da Publicação Exportar

Exportar Publicação

A publicação pode ser exportada nos seguintes formatos: referência da APA (American Psychological Association), referência do IEEE (Institute of Electrical and Electronics Engineers), BibTeX e RIS.

Exportar Referência (APA)

Iosif, A., Lechner, U., Pinto-Albuquerque, M. & Gasiba, T. (2024). Serious game for industrial cybersecurity: Experiential learning through code review. In A. Bollin, I. Bosnic, J. Brings, M.  Daun, M.  Manjunath (Ed.), Software Engineering Education Conference, Proceedings. Würzburg, Germany: IEEE.

Exportar Referência (IEEE)

I. Andrei-Cristian et al.,  "Serious game for industrial cybersecurity: Experiential learning through code review", in Software Engineering Education Conf., Proc., A. Bollin, I. Bosnic, J. Brings, M.  Daun, M.  Manjunath, Ed., Würzburg, Germany, IEEE, 2024

Exportar BibTeX

@inproceedings{andrei-cristian2024_1782721489237,
	author = "Iosif, A. and Lechner, U. and Pinto-Albuquerque, M. and Gasiba, T.",
	title = "Serious game for industrial cybersecurity: Experiential learning through code review",
	booktitle = "Software Engineering Education Conference, Proceedings",
	year = "2024",
	editor = "A. Bollin, I. Bosnic, J. Brings, M.  Daun, M.  Manjunath",
	volume = "",
	number = "",
	series = "",
	doi = "10.1109/CSEET62301.2024.10663058",
	publisher = "IEEE",
	address = "Würzburg, Germany",
	organization = "",
	url = "https://ieeexplore.ieee.org/document/10663058"
}

Exportar RIS

TY - CPAPER
TI - Serious game for industrial cybersecurity: Experiential learning through code review
T2 - Software Engineering Education Conference, Proceedings
AU - Iosif, A.
AU - Lechner, U.
AU - Pinto-Albuquerque, M.
AU - Gasiba, T.
PY - 2024
SN - 1093-0175
DO - 10.1109/CSEET62301.2024.10663058
CY - Würzburg, Germany
UR - https://ieeexplore.ieee.org/document/10663058
AB - Every stage of the industrial software development process is crucial for ensuring high-quality results in a time of increasing digitalization and complexity. Code review is a method to enhance software quality and also promote knowledge exchange among teams. It is generally accepted that the earlier that software bugs and vulnerabilities are caught during product development, the more costs can be saved. As such, code review can play an important role in industrial software development. However, industry experience showcases that code review can be resource-intensive, and the direct impact on code quality can be hard to quantify. Related work shows that practitioners performing code reviews do not focus specifically on security, partly due to a gap in awareness of the topic. Our research focuses on improving the efficiency and effectiveness of code review practices, particularly in identifying and addressing security issues in an industrial context. The present work showcases results from using a serious game as a means to empower developers, by exhibiting code review best practices and raising awareness of security concerns. We collect results over a series of 11 experiments conducted in an industrial setting together with a total of 175 industrial practitioners, serving as a pilot stage, based on which we discuss and conclude on important aspects of the design of the game.
ER -