LadderBot: A Requirements Self-Elicitation System

Rietz, Tim; Maedche, Alexander

doi:10.1109/re.2019.00045

Cited by 20 publications

(16 citation statements)

References 27 publications

(39 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Rietz et al [17], show how to apply the principles of the laddering interview technique for requirements elicitation. The laddering technique consists of issuing a series of questions that are based on previous system states (i.e., previous answers and previous questions).…”

Section: Related Workmentioning

confidence: 99%

Cybersecurity Awareness Platform with Virtual Coach and Automated Challenge Assessment

Gasiba

Lechner

Pinto-Albuquerque

et al. 2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Over the last years, the number of cyber-attacks on industrial control systems has been steadily increasing. Among several factors, proper software development plays a vital role in keeping these systems secure. To achieve secure software, developers need to be aware of secure coding guidelines and secure coding best practices. This work presents a platform geared towards software developers in the industry that aims to increase awareness of secure software development. The authors also introduce an interactive game component, a virtual coach, which implements a simple artificial intelligence engine based on the laddering technique for interviews. Through a survey, a preliminary evaluation of the implemented artifact with real-world players (from academia and industry) shows a positive acceptance of the developed platform. Furthermore, the players agree that the platform is adequate for training their secure coding skills. The impact of our work is to introduce a new automatic challenge evaluation method together with a virtual coach to improve existing cybersecurity awareness training programs. These training workshops can be easily held remotely or off-line.

show abstract

Section: Related Workmentioning

confidence: 99%

Cybersecurity Awareness Platform with Virtual Coach and Automated Challenge Assessment

Gasiba

Lechner

Pinto-Albuquerque

et al. 2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…Our work is also based on previous studies on challenges/exercises for teaching computer science, in particular related to IT security (Švábenskỳ et al 2018;Hulin et al 2017;Chapman et al 2014;Mirkovic and Peterson 2014;Leune and Petrilli Jr 2017;Tabassum et al 2018). The present work also makes use of artificial intelligence (AI) methods; in particular, it makes use of the lettering interview technique (Rietz and Maedche 2019). To evaluate our approach in terms of research questions, we follow best practices on survey design and follow standard existing analysis methodologies (Groves et al 2009;Drever 1995;Harrell and Bradley 2009;Wagner et al 2020 In their work, Graziotin et al 2018 argue that happy developers are better coders.…”

Section: Previous Workmentioning

confidence: 99%

“…Nonetheless, we draw inspiration from the conceptual framework, which we adapt to our scenario. Rietz et al 2019, show how to apply the laddering interview technique's principles to requirements elicitation. The laddering technique consists of issuing a series of questions based on previous system states (i.e., previous answers and previous questions).…”

Section: Previous Workmentioning

confidence: 99%

See 1 more Smart Citation

Sifu - a cybersecurity awareness platform with challenge assessment and intelligent coach

2020

View full text Add to dashboard Cite

Software vulnerabilities, when actively exploited by malicious parties, can lead to catastrophic consequences. Proper handling of software vulnerabilities is essential in the industrial context, particularly when the software is deployed in critical infrastructures. Therefore, several industrial standards mandate secure coding guidelines and industrial software developers’ training, as software quality is a significant contributor to secure software. CyberSecurity Challenges (CSC) form a method that combines serious game techniques with cybersecurity and secure coding guidelines to raise secure coding awareness of software developers in the industry. These cybersecurity awareness events have been used with success in industrial environments. However, until now, these coached events took place on-site. In the present work, we briefly introduce cybersecurity challenges and propose a novel platform that allows these events to take place online. The introduced cybersecurity awareness platform, which the authors call Sifu, performs automatic assessment of challenges in compliance to secure coding guidelines, and uses an artificial intelligence method to provide players with solution-guiding hints. Furthermore, due to its characteristics, the Sifu platform allows for remote (online) learning, in times of social distancing. The CyberSecurity Challenges events based on the Sifu platform were evaluated during four online real-life CSC events. We report on three surveys showing that the Sifu platform’s CSC events are adequate to raise industry software developers awareness on secure coding.

show abstract

“…Much of the process can be painstaking and repetitive [46]. This challenge is further aggravated with access to more massive datasets with new possibilities for scalable data collection [36,42], causing coding to lose reliability and become intractable [1,6].…”

Section: Introductionmentioning

confidence: 99%