As software-intensive digital systems become an integral part of modern life, ensuring that these systems are developed to satisfy security and privacy requirements is an increasingly important societal concern. Integrating security into software development involves more than learning security principles or applying techniques. Security in practice is shaped through experience. It can be integrated into software development by following a middle path, through which developers draw together formal knowledge and software development techniques. Social interactions facilitate this process. This article recommends four strategies developers can use to maximise security in practice using online communities like Stack Overflow, including approaching security from within specific tasks, critically assessing content in posts, actively participating, and bringing online information into real-world situations.

Date: 2019
Publisher: Open Research Online
Publisher URL: https://doi.org/10.1109/MS.2019.2945300 Full text: http://oro.open.ac.uk/67180/1/08854988.pdf