Do Static Analysis Tools Improve Awareness and Attitude Toward Secure Software Development?

Do Static Analysis Tools Improve Awareness and Attitude Toward Secure Software Development?

연구 분야: Verification

학회: International Conference on the Quality of Information and Communications Technology

We conducted a preliminary qualitative investigation into the Bachelor’s students’ perception of the usefulness of a Static Analysis Tool (i.e., SonarCloud) in assessing software security. The results revealed that the students considered SonarCloud user-friendly, simple to set up, and easy to learn. Additionally, the students recognized an improvement in their awareness and attitude toward secure software development, as well as with the use of a tool widely adopted in both open-source communities and the software industry. The results suggest that the use of SonarCloud improves students’ software security skills, which are demanded by the labor market.