ABSTRACT

Security tools guide developers to identify potential vulnerabilities in their codes. However, use of security tool is not very common [2]. Sanctions are a way to enforce adoption of security practices. We address the research question of which sanctioning mechanism promotes adoption of security practices, and propose a simulation framework to explore sanctioning mechanisms [1] for greater adoption.

[1] L. G. Nardin, T. Balke-Visser, N. Ajmeri, A. K. Kalia, J. S. Sichman, and M. P. Singh. Classifying sanctions and designing a conceptual sanctioning process model for socio-technical systems. KER, 31:142{166, Mar. 2016.

[2] J. Witschey, O. Zielinska, A. Welk, E. Murphy-Hill, C. Mayhorn, and T. Zimmermann. Quantifying developers' adoption of security tools. In Proc. FSE, pages 260{271, Bergamo, Italy, 2015. ACM.