What Questions Remain? An Examination of How Developers Understand an Interactive Static Analysis Tool
نویسندگان
چکیده
Security vulnerabilities are often accidentally introduced as developers implement code. While there are a variety of existing tools to help detect security vulnerabilities, they are seldom used by developers due to the time or security expertise required. We are investigating techniques integrated within the IDE to help developers detect and mitigate security vulnerabilities. In previous work, we examined the questions developers ask when investigating security vulnerabilities with static analysis tools. With those questions as a lens, we now investigate our proposed approach of interactive static analysis. We evaluated the interactions and perceptions of professional developers as they interacted with warnings produced by our tool. Our results provide evidence that our approach effectively communicates security vulnerability information to software developers and provides design guidance for such tools.
منابع مشابه
SAPVis: An interactive system explorer
In this work we present SAPVis, an interactive network visualization tool which helps SAP developers track dependency graphs in their network in order to guide testing and find inefficiencies within their system. By using an non-static arc diagram layout coupled with user manipulation tools (filter, sort, zoom, pan, and resize by attribute) we show how our visualization can help developers view...
متن کاملJIT Feedback — what Experienced Developers like about Static Analysis
Although software developers are usually reluctant to use static analysis to detect issues in their source code, our automatic justin-time static analysis assistant was integrated into an Integrated Development Environment, and was evaluated positively by its users. We conducted interviews to understand the impact of the tool on experienced developers, and how it performs in comparison with oth...
متن کاملMeasuring the sense of medical justice towards health tourists visiting Mashhad hospitals in 1398
Abstract Introduction The existence of justice is one of the most important issues in medical practice.The aim of this study was to investigate the feeling of medical justice among health tourists visiting Mashhad hospitals. methods The present research method is descriptive-analytical. The research population included 202 medical tourists hospitalized in Mashhad hospitals in 1398. The data ...
متن کاملThe impact of 3-option responses to multiple-choice questions on guessing strategies and cut score determinations
Introduction: Research has asserted MCQ items using threeresponse options (one correct answer with two distractors) iscomparable to, and possibly preferable over, traditional MCQitem formats consisting of four response options (e.g., one correctanswer with three distractors), or five response options (e.g., onecorrect answer with four distractors). Some medical educatorshave also adopted the pr...
متن کاملInteractive Art Analysis Based on Baudrillard’s Hyper reality Theory, a Case Study of Digital Interactive installation
The contemporary philosopher Jean Baudrillard, one of the postmodernism theorists, considers representation in the contemporary world as a factor in the disappearance of reality. In his view, the main feature of new arts is not the expression of artistic beauty, but communication with the audience and expression of the artist’s ideas. In interactive art, the presence and role of the audience in...
متن کامل