We will be presenting more insights on developers' challenges and approaches during secure software development at the 43rd International Conference on Software Engineering. Read the paper already here: "Do this! Do that!, And Nothing will happen": Do specifications lead to securely stored passwords?
Our study on: "The impact of surface features on choice of(in)secure answers by Stackoverflow readers" has been accepted to appear in IEEE Transactions on Software Engineering.
We will be presenting our work on app developers' (lack of) security rationales at ICSE 2020 this year, read it here already: Schrödinger's Security: Opening the Box on App Developers' Security Rationale.
We will also present a related paper at the CHASE workshop while at ICSE, on The impact of social considerations on app developers’ choices.
The Johnny project is participating in an initiative to provide a new form of pedagogy to teach programming concepts. This will be further extended towards teaching teaching secure coding practices. Read our paper here: Teaching the Art of Computer Programming at a Distance by Generating Dialogues using Deep Neural Networks (2019) (http://oro.open.ac.uk/62778/)
Read some of the Johnny work published in 2019 on:
Metrics for developer privacy attitude: Data, data, everywhere: quantifying software developers' privacy attitudes.
Crypto API usability: Usability Smells: An Analysis of Developers’ Struggle With Crypto Libraries.
Using crypto APIs securely: Safe Cryptography for All: Towards Visual Metaphor Driven Cryptography Building Blocks.
The Johnny project was introduced at an Institute of Coding’s Cyber security workshop on 28th Feb, 2019 held at The Open University. Many SMEs and the wider community attended.
Marian Petre ran a number of ‘Talking Design’ workshops on expert practices in software design at the Mozilla Foundation: in Mountain View, California, USA in May 2018, and in Toronto, Canada in January 2018.