@inbook{93d02cb5cc49462aa06f3b3fe8d4683f,
title = "Understanding Developer Security Archetypes",
abstract = "As software systems penetrate our everyday lives, security has risen to be a key concern. Despite decades of research leading to new tools and practices for writing secure code, achieving security as a key attribute remains highly challenging. We observe that much of the literature considers developers to be homogeneous and interchangeable. The differing circumstances of developers that might play a role in the writing of secure code have not been clearly defined. In this position paper we introduce the concept of developer security archetypes. Specifically, we suggest two key factors: developers' personal interest in security, and the support that developers receive from their environment. Together, these two dimensions define four archetypes which can be uniquely characterized. By distinguishing developer archetypes, we seek to better understand how developers perceive security-related issues in systems development, as well as how to better support them.",
keywords = "archetype, developer, developer centred security, developer security, software security",
author = "Ita Ryan and Utz Roedig and Stol, \{Klaas Jan\}",
note = "Publisher Copyright: {\textcopyright} 2021 IEEE.; 2nd IEEE/ACM International Workshop on Engineering and Cybersecurity of Critical Systems, EnCyCriS 2021 ; Conference date: 03-06-2021 Through 04-06-2021",
year = "2021",
month = jun,
doi = "10.1109/EnCyCriS52570.2021.00013",
language = "English",
series = "Proceedings - 2021 IEEE/ACM 2nd International Workshop on Engineering and Cybersecurity of Critical Systems, EnCyCriS 2021",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "37--40",
booktitle = "Proceedings - 2021 IEEE/ACM 2nd International Workshop on Engineering and Cybersecurity of Critical Systems, EnCyCriS 2021",
address = "United States",
}