Ciência-IUL Publicações Descrição Detalhada da Publicação Exportar

Exportar Publicação

A publicação pode ser exportada nos seguintes formatos: referência da APA (American Psychological Association), referência do IEEE (Institute of Electrical and Electronics Engineers), BibTeX e RIS.

Exportar Referência (APA)

Gasiba, T. E., Hodzic, S., Lechner, U. & Pinto-Albuquerque, M. (2021). Raising security awareness using cybersecurity challenges in embedded programming courses. In 2021 International Conference on Code Quality (ICCQ). (pp. 79-92). Moscow: IEEE.

Exportar Referência (IEEE)

T. E. Gasiba et al.,  "Raising security awareness using cybersecurity challenges in embedded programming courses", in 2021 Int. Conf. on Code Quality (ICCQ), Moscow, IEEE, 2021, pp. 79-92

Exportar BibTeX

@inproceedings{gasiba2021_1715096735915,
	author = "Gasiba, T. E. and Hodzic, S. and Lechner, U. and Pinto-Albuquerque, M.",
	title = "Raising security awareness using cybersecurity challenges in embedded programming courses",
	booktitle = "2021 International Conference on Code Quality (ICCQ)",
	year = "2021",
	editor = "",
	volume = "",
	number = "",
	series = "",
	doi = "10.1109/ICCQ51190.2021.9392965",
	pages = "79-92",
	publisher = "IEEE",
	address = "Moscow",
	organization = "",
	url = "https://ieeexplore.ieee.org/xpl/conhome/9392909/proceeding"
}

Exportar RIS

TY - CPAPER
TI - Raising security awareness using cybersecurity challenges in embedded programming courses
T2 - 2021 International Conference on Code Quality (ICCQ)
AU - Gasiba, T. E.
AU - Hodzic, S.
AU - Lechner, U.
AU - Pinto-Albuquerque, M.
PY - 2021
SP - 79-92
DO - 10.1109/ICCQ51190.2021.9392965
CY - Moscow
UR - https://ieeexplore.ieee.org/xpl/conhome/9392909/proceeding
AB - Security bugs are errors in code that, when exploited, can lead to serious software vulnerabilities. These bugs could allow an attacker to take over an application and steal information. One of the ways to address this issue is by means of awareness training. The Sifu platform was developed in the industry, for the industry, with the aim to raise software developers' awareness of secure coding. This paper extends the Sifu platform with three challenges that specifically address embedded programming courses, and describes how to implement these challenges, while also evaluating the usefulness of these challenges to raise security awareness in an academic setting. Our work presents technical details on the detection mechanisms for software vulnerabilities and gives practical advice on how to implement them. The evaluation of the challenges is performed through two trial runs with a total of 16 participants. Our preliminary results show that the challenges are suitable for academia, and can even potentially be included in official teaching curricula. One major finding is an indicator of the lack of awareness of secure coding by undergraduates. Finally, we compare our results with previous work done in the industry and extract advice for practitioners.
ER -