sponsors
help promote
usenix conference policies
Build It Break It: Measuring and Comparing Development Security
Andrew Ruef, Michael Hicks, James Parker, Dave Levin, Atif Memon, Jandelyn Plane, and Piotr Mardziel, University of Maryland, College Park
There is currently little evidence about what tools, methods, processes, and languages lead to secure software. We present the experimental design of the Build it Break it secure programming contest as an aim to provide such evidence. The contest also provides education value to participants where they gain experience developing programs in an adversarial settings. We show preliminary results from previous runs of the contest that demonstrate the contest works as designed, and provides the data desired. We are in the process of scaling the contest to collect larger data sets with the goal of making statistically significant correlations between various factors of development and software security.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Andrew Ruef and Michael Hicks and James Parker and Dave Levin and Atif Memon and Jandelyn Plane and Piotr Mardziel},
title = {Build It Break It: Measuring and Comparing Development Security},
booktitle = {8th Workshop on Cyber Security Experimentation and Test (CSET 15)},
year = {2015},
address = {Washington, D.C.},
url = {https://www.usenix.org/conference/cset15/workshop-program/presentation/ruef},
publisher = {USENIX Association},
month = aug
}
connect with us