TY - CHAP
T1 - Security Thinking in Online Freelance Software Development
AU - Rauf, Irum
AU - Petre, Marian
AU - Tun, Thein
AU - Lopez, Tamara
AU - Nuseibeh, Bashar
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023/9/20
Y1 - 2023/9/20
N2 - Online freelance software development (OFSD) is a significant part of the software industry and is a thriving online economy; a recent survey by Stack Overflow reported that nearly 15% of developers are independent contractors, freelancers, or self-employed. Although security is an important quality requirement for the social sustainability of software, existing studies have shown differences in the way security issues are handled by developers working in OFSD compared to those working in organisational environments. This paper investigates the security culture of OFSD developers, and identifies significant themes in how security is conceived, practiced, and compensated. Based on in-depth interviews with 20 freelance (FL) developers, we report that (a) security thinking is evident in descriptions of their work, (b) security thinking manifests in different ways within OFSD practice, and (c) the dynamics of the freelance development ecosystem influence financial investment in secure development. Our findings help to understand the reasons why insecure software development is evident in freelance development, and they contribute toward developing security interventions that are tailored to the needs of freelance software developers.General Summary- Online freelance software development (OFSD) is a significant part of the software industry and is a thriving online economy. Although security is an important quality requirement for the social sustainability of software, existing studies have shown differences in the way security issues are handled by developers working in OFSD compared to those working in organisational environments. Based on in-depth interviews with 20 freelance developers, this paper investigates the security culture of OFSD developers, and identifies significant themes in how security is conceived, practiced, and compensated.
AB - Online freelance software development (OFSD) is a significant part of the software industry and is a thriving online economy; a recent survey by Stack Overflow reported that nearly 15% of developers are independent contractors, freelancers, or self-employed. Although security is an important quality requirement for the social sustainability of software, existing studies have shown differences in the way security issues are handled by developers working in OFSD compared to those working in organisational environments. This paper investigates the security culture of OFSD developers, and identifies significant themes in how security is conceived, practiced, and compensated. Based on in-depth interviews with 20 freelance (FL) developers, we report that (a) security thinking is evident in descriptions of their work, (b) security thinking manifests in different ways within OFSD practice, and (c) the dynamics of the freelance development ecosystem influence financial investment in secure development. Our findings help to understand the reasons why insecure software development is evident in freelance development, and they contribute toward developing security interventions that are tailored to the needs of freelance software developers.General Summary- Online freelance software development (OFSD) is a significant part of the software industry and is a thriving online economy. Although security is an important quality requirement for the social sustainability of software, existing studies have shown differences in the way security issues are handled by developers working in OFSD compared to those working in organisational environments. Based on in-depth interviews with 20 freelance developers, this paper investigates the security culture of OFSD developers, and identifies significant themes in how security is conceived, practiced, and compensated.
KW - developer
KW - freelance software development
KW - payment for security
KW - security
KW - societal challenges of secure software development
KW - software development in society
UR - https://www.scopus.com/pages/publications/85165925573
U2 - 10.1109/ICSE-SEIS58686.2023.00008
DO - 10.1109/ICSE-SEIS58686.2023.00008
M3 - Chapter
AN - SCOPUS:85165925573
T3 - Proceedings - International Conference on Software Engineering
SP - 13
EP - 24
BT - Proceedings - 2023 IEEE/ACM 45th International Conference on Software Engineering
PB - IEEE Computer Society
T2 - 45th IEEE/ACM International Conference on Software Engineering: Software Engineering in Society, ICSE-SEIS 2023
Y2 - 17 May 2023 through 19 May 2023
ER -