Do Static Analysis Tools Improve Awareness and Attitude Toward Secure Software Development?

Abstract: We conducted a preliminary qualitative investigation into the Bachelor’s students’ perception of the usefulness of a Static Analysis Tool (i.e., SonarCloud) in assessing software security. The results revealed that the students considered SonarCloud user-friendly, simple to set up, and easy to learn. Additionally, the students recognized an improvement in their awareness and attitude toward secure software development, as well as with the use of a tool widely adopted in both open-source communities and the software industry. The results suggest that the use of SonarCloud improves students’ software security skills, which are demanded by the labor market.

Recommended citation: Nocera, S., Romano, S., Di Nucci, D., Francese, R., Palomba, F., Scanniello, G. (2024). Do Static Analysis Tools Improve Awareness and Attitude Toward Secure Software Development?. In: Bertolino, A., Pascoal Faria, J., Lago, P., Semini, L. (eds) Quality of Information and Communications Technology. QUATIC 2024. Communications in Computer and Information Science, vol 2178. Springer, Cham. p. 399–407. https://doi.org/10.1007/978-3-031-70245-7_28
Download Paper