Software Developers’ Everyday Practices: Exploring How Security ‘Works’

Today, there is a general consensus that security should be a central part of software development. Yet, we have a little understanding of how this translates to day-to-day activities. To address this, we are seeking to understand software development practice and security from the perspective of software developers themselves.

This project will engage with a variety of organisations and developers through ‘ethnographic’ research – including participant observation, shadowing, interviewing, and through optional organisational workshops – to explore how security ‘works’. This means we do not take a stance on what is ‘good’ security practice as such – as this is an exploratory exercise to observe and understand what is currently happening on an interconnected basis.

We are currently recruiting participant organisations, and software developers, to help us do this. On the right of this webpage you can find further resources on how we seek to inform organisations that do get involved through providing different gradients of reports from the level of participation.

If you do want to find out more, please get in touch with Andrew Dwyer at andrew.dwyer@bristol.ac.uk.