Abstract
Open source software (OSS) security has been the focus of the security community and practitioners over the past decades. However, the number of new vulnerabilities keeps increasing in today’s OSS systems. With today’s increasingly important and complex OSS, lacking software security knowledge to handle security vulnerabilities in OSS development will result in more breaches that are serious in the future. Learning software security is a difficult and challenging task since the domain is quite context specific and the real project situation is necessary to apply the security concepts within the specific system. Many OSS proponents believe that the OSS community offers significant learning opportunities from its best practices. However, studies that specifically explore security knowledge sharing and learning in OSS communities are scarce. This research is intended to fill this gap by empirically investigating factors that affect knowledge sharing and learning about software security and the relationship among them. A conceptual model is proposed that helps to conceptualize the linkage between socio-technical practices and software security learning processes in OSS communities. A questionnaire and statistical analytical techniques were employed to test hypothesized relationships in the model to gain a better understanding of this research topic.
Subject
Computer Networks and Communications,Human-Computer Interaction
Reference101 articles.
1. Future of Open Source Survey, Electronic Documenthttps://www.slideshare.net/blackducksoftware/2016-future-of-open-source-survey-results
2. Open Source Security and Risk Analysishttps://www.blackducksoftware.com/open-source-security-risk-analysis-2017
3. Open-Source Software Development and Distributed Innovation
4. Learning and Knowledge-building in Open-source Communities
5. Understanding Free/Open Source Software Development Processes
Cited by
3 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献