An empirical study of security culture in open source software communities

Shao-Fang Wen, Mazaher Kianpour, Stewart Kowalski
2019 Proceedings of the 2019 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining  
Open source software (OSS) is a core part of virtually all software applications today. Due to the rapidly growing impact of OSS on society and the economy, the security aspect has attracted researchers' attention to investigate this distinctive phenomenon. Traditionally, research on OSS security has often focus on technical aspects of software development. We argue that these aspects are important, however, technical security practice considering different social aspects of OSS development
more » ... assure the effectiveness and efficiency of the implementation of the tool. In this empirical study, we explore the current security culture in the OSS development phenomenon using a survey instrument. By performing a security cultural analysis with six dimensions: attitude, behavior, competency, subjective norms, governance and communication, this paper provides an in-depth insight into its influence on participants' security behaviors and decision-making. Measurements of security culture and the corresponding issues that need to be addressed in OSS communities were defined and discussed.
doi:10.1145/3341161.3343520 dblp:conf/asunam/WenKK19 fatcat:os4tq6js2vfyxei7abvjlf5yta