Open source software (OSS) is a core part of virtually all software applications today. Due to the rapidly growing impact of OSS on society and the economy, the security aspect has attracted researchers' attention to investigate this distinctive phenomenon. Traditionally, research on OSS security has often focus on technical aspects of software development. We argue that these aspects are important, however, technical security practice considering different social aspects of OSS development

more »

... assure the effectiveness and efficiency of the implementation of the tool. In this empirical study, we explore the current security culture in the OSS development phenomenon using a survey instrument. By performing a security cultural analysis with six dimensions: attitude, behavior, competency, subjective norms, governance and communication, this paper provides an in-depth insight into its influence on participants' security behaviors and decision-making. Measurements of security culture and the corresponding issues that need to be addressed in OSS communities were defined and discussed.