University of Limerick
Nuseibeh_2019_Talking.pdf (1.15 MB)

Talking about security with professional developers

Download (1.15 MB)
conference contribution
posted on 2024-03-27, 16:16 authored by Tamara Lopez, Helen Sharp, Thein Tun, Arosha BandaraArosha Bandara, Mark Levine, Bashar NuseibehBashar Nuseibeh

This paper describes materials developed to engage professional developers in discussions about security. First, the work is framed in the context of ethnographic studies of software development, highlighting how the method is used to explore and investigate research aims for the Motivating Jenny research project. A description is given of a series of practitioner engage?ments, that were used to develop a reflection and discussion tool using security stories taken from media and internet sources. An explanation is given for how the tool has been used to collect data within field sites, offering a way to clarify and member check findings, and to provide a different view on practice and process.The report concludes with observations and notes about future aims for supporting and encouraging professionals to engage with security in practice.



2019 IEEE/ACM Joint 7th International Workshop on Conducting Empirical Studies in Industry (CESI) and 6th International Workshop on Software Engineering Research and Industrial Practice (SER&IP), Montreal, QC, Canada, 2019, pp. 34-40


Institute of Electrical and Electronics Engineers

Other Funding information

We thank the professional developers who participated in our workshops. The work was supported by the National Cyber Security Centre (NCSC). Nuseibeh thanks SFI, EPSRC and ERC for financial support


© 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.”

Also affiliated with

  • LERO - The Science Foundation Ireland Research Centre for Software

Sustainable development goals

  • (4) Quality Education

Usage metrics

    University of Limerick


    Ref. manager