Conversational DevBots for Secure Programming: An Empirical Study on SKF Chatbot

Start Page
276
End Page
281
Citation
26th ACM International Conference on Evaluation and Assessment in Software Engineering (EASE 2022)
Contribution to Conference
26th ACM International Conference on Evaluation and Assessment in Software Engineering, EASE 2022  
Publisher DOI
10.1145/3530019.3535307
Scopus ID
2-s2.0-85132422240
Publisher
Association for Computing Machinery
ISBN
978-1-4503-9613-4
Conversational agents or chatbots are widely investigated and used across different fields including healthcare, education, and marketing. Still, the development of chatbots for assisting secure coding practices is in its infancy. In this paper, we present the results of an empirical study on SKF chatbot, a software-development bot (DevBot) designed to answer queries about software security. To the best of our knowledge, SKF chatbot is one of the very few of its kind, thus a representative instance of conversational DevBots aiding secure software development. In this study, we collect and analyse empirical evidence on the effectiveness of SKF chatbot, while assessing the needs and expectations of its users (i.e., software developers). Furthermore, we explore the factors that may hinder the elaboration of more sophisticated conversational security DevBots and identify features for improving the efficiency of state-of-the-art solutions. All in all, our findings provide valuable insights pointing towards the design of more context-aware and personalized conversational DevBots for security engineering.
Subjects
DevBot
Empirical study
Secure programming
Software Chatbot
DDC Class
600: Technology