@inproceedings{018c87da154946f5a36af408c1a3c9e8,
title = "Programmer Cognition Failures as the Root Cause of Software Vulnerabilities: A Preliminary Review",
abstract = "The causal analysis of software vulnerabilities can be an effective way for building and evolving a dependable and reliable software system. Vulnerable source code can be leveraged by the attackers to break the system. Assisting the programmers so that they can avoid writing vulnerable code can cut down the effort and cost of protecting the software from security incidents. Security vulnerabilities can be prevented by identifying those programmer behavior related root causes that are the recurring reasons for the security bugs. Such repeated erroneous behavioral patterns have been coined as human cognition failures or human errors. In the case of software development, these erroneous behavioral patterns can lead the programmers to write vulnerable code. The goal of this research is to explore the available literature to identify frequently occurring programmer human errors in software implementation so as to provide programmers a handy list of cognitive issues that can be avoided by just being aware of them. Our literature review identified eight papers from where we extracted 20 human errors by programmers that have the potential to lead to writing vulnerable code.",
keywords = "human error, secure software development, vulnerability",
author = "Darsh Patel and Hetkumar Patel and Sultana, {Kazi Zakia} and Vaibhav Anu",
note = "Publisher Copyright: {\textcopyright} 2023 IEEE.; 2023 Annual Intermountain Engineering, Technology and Computing, IETC 2023 ; Conference date: 12-05-2023 Through 13-05-2023",
year = "2023",
doi = "10.1109/IETC57902.2023.10152150",
language = "English",
series = "2023 Intermountain Engineering, Technology and Computing, IETC 2023",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "242--246",
booktitle = "2023 Intermountain Engineering, Technology and Computing, IETC 2023",
}