This page lists my research output to date. To obtain the open-access (free) version of a paper, click on the title below. If you’d like to send me feedback on my research, you can use the very short survey here: https://forms.office.com/e/3wUuwsAifx, or drop me an email at ita@itaryan.com and put “security” in the subject line. We researchers love feedback.
Training developers to code securely: Theory and practice
Proceedings of the 2024 ACM/IEEE 4th International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS) and 2024 IEEE/ACM Second International Workshop on Software Vulnerability · Apr 15, 2024.
Unhelpful assumptions in software security research
Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security · Nov 15, 2023.
The state of secure coding practice: Small organisations and “lone, rogue coders”
2023 IEEE/ACM 4th International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS) · May 15, 2023.
Studying secure coding in the laboratory: Why, what, where, how, and who?
2023 IEEE/ACM 4th International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS) · May 15, 2023.
Measuring secure coding practice and culture: A finger pointing at the moon is not the moon
2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE) · May 14, 2023.
Insecure software on a fragmenting Internet
2022 Cyber Research Conference-Ireland (Cyber-RCI) · Apr 25, 2022.
Understanding Developer Security Archetypes
2021 IEEE/ACM 2nd International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS) · Jun 3, 2021.