Sensei: Enforcing secure coding guidelines in the integrated development environment. (4th June 2020)
- Record Type:
- Journal Article
- Title:
- Sensei: Enforcing secure coding guidelines in the integrated development environment. (4th June 2020)
- Main Title:
- Sensei: Enforcing secure coding guidelines in the integrated development environment
- Authors:
- De Cremer, Pieter
Desmet, Nathan
Madou, Matias
De Sutter, Bjorn - Abstract:
- Summary: We discuss the potential benefits, requirements, and implementation challenges of a security‐by‐design approach in which an integrated development environment plugin assists software developers to write code that complies with secure coding guidelines. We discuss how such a plugin can enable a company's policy‐setting security experts and developers to pass their knowledge on to each other more efficiently, and to let developers more effectively put that knowledge into practice. This is achieved by letting the team members develop customized rule sets that formalize coding guidelines and by letting the plugin check the compliance of code being written to those rule sets in real time, similar to an as‐you‐type spell checker. Upon detected violations, the plugin suggests options to quickly fix them and offers additional information for the developer. We share our experience with proof‐of‐concept designs and implementations rolled out in multiple companies, and present some future research and development directions.
- Is Part Of:
- Software, practice & experience. Volume 50:Number 9(2020)
- Journal:
- Software, practice & experience
- Issue:
- Volume 50:Number 9(2020)
- Issue Display:
- Volume 50, Issue 9 (2020)
- Year:
- 2020
- Volume:
- 50
- Issue:
- 9
- Issue Sort Value:
- 2020-0050-0009-0000
- Page Start:
- 1682
- Page End:
- 1718
- Publication Date:
- 2020-06-04
- Subjects:
- coding guidelines -- IDE support -- security by design -- software development
Computer software -- Periodicals
Computer programming -- Periodicals
Computer programs -- Periodicals
005.3 - Journal URLs:
- http://onlinelibrary.wiley.com/ ↗
- DOI:
- 10.1002/spe.2844 ↗
- Languages:
- English
- ISSNs:
- 0038-0644
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 8321.453000
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 24578.xml