Education Sciences (Jun 2023)
Context-Based Support to Enhance Developers’ Learning of Software Security
Abstract
Software security is an ongoing problem, largely due to a lack of security knowledge among software developers from diverse backgrounds. To counter this, security experts are attempting to offer a broad range of knowledge resources to enlighten developers about increasing cybersecurity threats. Unfortunately, the abundance of knowledge resources does not seem to have much of an impact on reducing the issue of software security. The ineffective teaching and learning approaches for software security have created difficulties for developers in learning security knowledge. This research employs a four-cycle of Design Science Research Methodology (DSRM) to integrate necessary elements in the development of a context-based learning system for security education and learning. The final artifact is an ontology-based web application that facilitates a contextualized learning process by providing security knowledge through contextual software cases. Through evaluation in pedagogical and software development environments, it is proven to contribute a viable solution to the problem domain. While these results are positive, the innovative context-based artifact benefits not only the domain of software engineering but also other educational fields, such as information security and computer security.
Keywords
