Programmer Cognition Failures as the Root Cause of Software Vulnerabilities: A Preliminary Review

Darsh Patel, Hetkumar Patel, Kazi Zakia Sultana, Vaibhav Anu

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

The causal analysis of software vulnerabilities can be an effective way for building and evolving a dependable and reliable software system. Vulnerable source code can be leveraged by the attackers to break the system. Assisting the programmers so that they can avoid writing vulnerable code can cut down the effort and cost of protecting the software from security incidents. Security vulnerabilities can be prevented by identifying those programmer behavior related root causes that are the recurring reasons for the security bugs. Such repeated erroneous behavioral patterns have been coined as human cognition failures or human errors. In the case of software development, these erroneous behavioral patterns can lead the programmers to write vulnerable code. The goal of this research is to explore the available literature to identify frequently occurring programmer human errors in software implementation so as to provide programmers a handy list of cognitive issues that can be avoided by just being aware of them. Our literature review identified eight papers from where we extracted 20 human errors by programmers that have the potential to lead to writing vulnerable code.

Original languageEnglish
Title of host publication2023 Intermountain Engineering, Technology and Computing, IETC 2023
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages242-246
Number of pages5
ISBN (Electronic)9798350335903
DOIs
StatePublished - 2023
Event2023 Annual Intermountain Engineering, Technology and Computing, IETC 2023 - Provo, United States
Duration: 12 May 202313 May 2023

Publication series

Name2023 Intermountain Engineering, Technology and Computing, IETC 2023

Conference

Conference2023 Annual Intermountain Engineering, Technology and Computing, IETC 2023
Country/TerritoryUnited States
CityProvo
Period12/05/2313/05/23

Keywords

  • human error
  • secure software development
  • vulnerability

Fingerprint

Dive into the research topics of 'Programmer Cognition Failures as the Root Cause of Software Vulnerabilities: A Preliminary Review'. Together they form a unique fingerprint.

Cite this