Publication in conference proceedings
Cybersecurity games for secure programming education in the industry: gameplay analysis
Tiago Espinha Gasiba (Gasiba, Tiago); Ulrike Lechner (Lechner, Ulrike); Filip Rezabek (Rezabek, Filip); Maria Pinto-Albuquerque (Pinto-Albuquerque, M.);
First International Computer Programming Education Conference (ICPEC 2020) OASIcs, Volume 81
Year (definitive publication)
2020
Language
English
Country
Germany
More Information
Web of Science®

This publication is not indexed in Web of Science®

Scopus

Times Cited: 7

(Last checked: 2024-11-20 23:16)

View record in Scopus


: 13.2
Google Scholar

Times Cited: 17

(Last checked: 2024-11-17 15:54)

View record in Google Scholar

Abstract
To minimize the possibility of introducing vulnerabilities in source code, software developers may attend security awareness and secure coding training. From the various approaches of how to raise awareness and adherence to coding standards, one promising novel approach is Cybersecurity Challenges. However, in an industrial setting, time is a precious resource, and, therefore, one needs to understand how to optimize the gaming experience of Cybersecurity Challenges and the effect of this game on secure coding skills. This work identifies the time spent solving challenges of different categories, analyzes gaming strategies in terms of a slow and fast team profile, and relates these profiles to the game success. First results indicate that the slow strategy is more successful than the fast approach. The authors also analyze the possible implications in the design and the training of secure coding in an industrial setting by means of Cybersecurity Challenges. This work concludes with a brief overview of its limitations and next steps in the study.
Acknowledgements
We would like to thank the anonymous reviewers for the valuable comments and careful reviews. We would also like to thank all game participants as well as our colleagues Jorge Cuellar, Holger Dreger and Thomas Diefenbach for many fruitful discussions.
Keywords
education,training,secure coding,industry,cybersecurity,capture-the-flag,game analysis,cybersecurity challenge
  • Computer and Information Sciences - Natural Sciences
  • Electrical Engineering, Electronic Engineering, Information Engineering - Engineering and Technology
Awards
Best Paper Award

With the objective to increase the research activity directed towards the achievement of the United Nations 2030 Sustainable Development Goals, the possibility of associating scientific publications with the Sustainable Development Goals is now available in Ciência-IUL. These are the Sustainable Development Goals identified by the author(s) for this publication. For more detailed information on the Sustainable Development Goals, click here.