Guidelines for Supporting Software Engineers in Developing Secure Web Applications (PROFES 2024 - Research Papers)

Who

Klara Svensson, Drake Axelrod, Mazen Mohamad, Rebekka Wohlrab

Track

PROFES 2024 Research Papers

This program is tentative and subject to change.

Time Zone

The program is currently displayed in (GMT+02:00) Athens.

Use conference time zone: (GMT+02:00) AthensSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Wed 4 Dec 2024 11:18 - 11:36 at UT Library - Room 3 - PROFES Session 8: Security, Compliance and Regulatory Compliance

Abstract

As software applications get increasingly connected and complex, cybersecurity becomes more and more important to consider during development and evaluation. Software engineers need to be aware of various security threats and the countermeasures that can be taken to mitigate them. Currently, there is a lack of guidance for software engineers aiming to develop secure web applications. We conducted a design science research study, resulting in a set of guidelines to aid software engineers in developing secure web applications. The set of guidelines was constructed based on interview data with 10 industry practitioners. These guidelines were then evaluated using a survey with 28 respondents. Our results indicate that these proposed guidelines can be applied by software engineers to support the development and assessment of secure web applications in different stages of the software development lifecycle.

Klara Svensson

Chalmers | University of Gothenburg

Sweden

Drake Axelrod

Chalmers | University of Gothenburg

Sweden

Mazen Mohamad

Chalmers | RISE - Research Institutes of Sweden

Rebekka Wohlrab

Chalmers University of Technology

Sweden

This program is tentative and subject to change.

Time Zone

The program is currently displayed in (GMT+02:00) Athens.

Use conference time zone: (GMT+02:00) AthensSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Wed 4 Dec
Displayed time zone: Athens change

11:00 - 12:30	PROFES Session 8: Security, Compliance and Regulatory ComplianceResearch Papers / Short Papers and Posters at UT Library - Room 3

11:00 18m Research paper		An Approach to Cognitive Root Cause Analysis of Software Vulnerabilities Research Papers Theo Hytopoulos Western Washington University, Marvin Chan Western Washington University, Keegan Roth Western Washington University, Rylon Wasson Western Washington University, Fuqun Huang Western Washington University
11:18 18m Research paper		Guidelines for Supporting Software Engineers in Developing Secure Web Applications Research Papers Klara Svensson Chalmers \| University of Gothenburg, Drake Axelrod Chalmers \| University of Gothenburg, Mazen Mohamad Chalmers \| RISE - Research Institutes of Sweden, Rebekka Wohlrab Chalmers University of Technology
11:36 12m Short-paper		Towards Generating Compliance Action Plans: A Discussion of Needs and Opportunities Short Papers and Posters Julio Guzman Reutlingen University, Heiko Doerr UL Method Park GmbH, Thomas Brenner OHB System AG, Rainer Gerlich Dr. Rainer Gerlich System and Software Engineering, Jürgen Münch Reutlingen University, Marco Kuhrmann Reutlingen University
11:48 18m Research paper		Regulatory Requirements Engineering in Large Enterprises: An Interview Study on the European Accessibility Act Research Papers Oleksandr Kosenkov fortiss GmbH, Michael Unterkalmsteiner Blekinge Institute of Technology, Daniel Mendez Blekinge Institute of Technology and fortiss, Jannik Fischbach Netlight Consulting GmbH and fortiss GmbH
12:06 24m Talk		Session 8 Discussion Research Papers