Abstract
The cyber security context requires to better understand how developers write (in)secure code and to assist them in their software developments. We have developed a secure coding experiment and serious game intervention. In this paper, we report on the design of a serious game to investigate developer-centred security. We used a combination of approaches to shape discussions and support the serious game co-creation.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Acar, Y., Stransky, C., Wermke, D., Mazurek, M.L., Fahl, S.: Security developer studies with GitHub users: exploring a convenience sample. In: Symposium on Usable Privacy and Security (SOUPS) (2017)
Tioh, J.N., Mina, M., Jacobson, D.W.: Cyber security training a survey of serious games in cyber security. In: IEEE Frontiers in Education Conference (FIE), pp. 1–5 (2017). https://doi.org/10.1109/FIE.2017.8190712
Hendrix, M., Al-Sherbaz, A., Bloom, V.: Game based cyber security training: are serious games suitable for cyber security training? Int. J. Serious Games 3, 53–61 (2016)
Sommestad, T., Hallberg, J.: Cyber security exercises and competitions as a platform for cyber security experiments. In: Jøsang, A., Carlsson, B. (eds.) NordSec 2012. LNCS, vol. 7617, pp. 47–60. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34210-3_4
Frey, S., Rashid, A., Anthonysamy, P., Pinto-Albuquerque, M., Naqvi, S.A.: The good, the bad and the ugly: a study of security decisions in a cyber-physical systems game. IEEE Trans. Softw. Eng. (2018). https://doi.org/10.1109/TSE.2017.2782813
Xie, T., Bishop, J., Tillmann, N., de Halleux, J.: Gamifying software security education and training via secure coding duels in code hunt. In: Symposium and Bootcamp on the Science of Security, pp. 26:1–26:2. ACM (2015). https://doi.org/10.1145/2746194.2746220
Ruef, A., Hicks, M., Parker, J., Levin, D., Mazurek, M.L., Mardziel, P.: Build it, break it, fix it: contesting secure development. In: ACM SIGSAC Conference on Computer and Communications Security, pp. 690–703 (2016). https://doi.org/10.1145/2976749.2978382
Rojas, J.M., White, T.D., Clegg, B.S., Fraser, G.: Code defenders: crowdsourcing effective tests and subtle mutants with a mutation testing game. In: International Conference on Software Engineering, pp. 677–688. IEEE (2017). https://doi.org/10.1109/ICSE.2017.68
Rojas, J.M., Fraser, G.: Code defenders: a mutation testing game. In: International Conference on Software Testing, Verification and Validation Workshops (ICSTW), pp. 162–167 (2016). https://doi.org/10.1109/ICSTW.2016.43
Weir, C., Rashid, A., Noble, J.: Reaching the masses: a new subdiscipline of app programmer education. In: ACM SIGSOFT International Symposium on Foundations of Software Engineering, pp. 936–939 (2016). https://doi.org/10.1145/2950290.2983981
Weir, C., Rashid, A., Noble, J.: I’d like to have an argument, please : using dialectic for effective app security. In: European Workshop on Usable Security (EuroUSEC) (2017)
Pedreira, O., García, F., Brisaboa, N., Piattini, M.: Gamification in software engineering – a systematic mapping. Inf. Softw. Technol. 57, 157–168 (2015). https://doi.org/10.1016/j.infsof.2014.08.007
Arai, S., Sakamoto, K., Washizaki, H., Fukazawa, Y.: A gamified tool for motivating developers to remove warnings of bug pattern tools. In: International Workshop on Empirical Software Engineering in Practice, pp. 37–42. IEEE (2014). https://doi.org/10.1109/IWESEP.2014.17
Barik, T., Murphy-Hill, E., Zimmermann, T.: A perspective on blending programming environments and games: Beyond points, badges, and leaderboards. In: IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC), pp. 134–142 (2016). https://doi.org/10.1109/VLHCC.2016.7739676
Lim, T., et al.: Serious game mechanics, workshop on the ludo-pedagogical mechanism. In: De Gloria, A. (ed.) GALA 2014. LNCS, vol. 9221, pp. 174–183. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-22960-7_17
Harteveld, C.: Triadic Game Design: Balancing Reality, Meaning and Play. Springer, London (2011). https://doi.org/10.1007/978-1-84996-157-8
Arnab, S., et al.: Mapping learning and game mechanics for serious games analysis. Br. J. Educ. Technol. 46, 391–411 (2014)
Schonfeld, E.: SCVNGR’s Secret Game Mechanics Playdeck (2010). http://social.techcrunch.com/2010/08/25/scvngr-game-mechanics/
Djaouti, D., Alvarez, J., Jessel, J.-P., Methel, G., Molinier, P.: A gameplay definition through videogame classification. Int. J. Comput. Games Technol. 2008, 4:1–4:7 (2008). https://doi.org/10.1155/2008/470350
Guardiola, E.: The gameplay loop: a player activity model for game design and analysis. In: ACM International Conference on Advances in Computer Entertainment Technology (2016). https://doi.org/10.1145/3001773.3001791
Fullerton, T.: Game Design Workshop: A Playcentric Approach to Creating Innovative Games, 3rd edn. A K Peters/CRC Press, Natick (2014)
IJsselsteijn, W.A., de Kort, Y.A.W., Poels, K.: The Game Experience Questionnaire. Technische Universiteit Eindhoven, European Community - New and Emerging Science and Technology (NEST) Programme (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Maarek, M., Louchart, S., McGregor, L., McMenemy, R. (2019). Co-created Design of a Serious Game Investigation into Developer-Centred Security. In: Gentile, M., Allegra, M., Söbke, H. (eds) Games and Learning Alliance. GALA 2018. Lecture Notes in Computer Science(), vol 11385. Springer, Cham. https://doi.org/10.1007/978-3-030-11548-7_21
Download citation
DOI: https://doi.org/10.1007/978-3-030-11548-7_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-11547-0
Online ISBN: 978-3-030-11548-7
eBook Packages: Computer ScienceComputer Science (R0)