Quick explanations

SE fundamentals and the description are based on SWEBOK. RSE equivalent terms and the description of RSE practice are based on the opinion of research software developers.

RSE awareness and RSE usage are coarse estimates of recognition/adoption of the practices for research software. 0=effectively no awareness/usage to 3=widespread awareness/usage. Sources for the estimates are noted in parentheses.

SER potential is a coarse estimate of the potential for additional software engineering research to increase the awareness/adoption by RSEs. 0=effectively no opportunity to 3=significant SE research would be beneficial. Opportunity briefly describes the software engineering research opportunity.

How to contribute

Use the comment section to suggest changes or discuss this term. Use Github discussions for discussion of the overall approach, or Github issues for specific concerns.

Term: Security pattern

Source: SWEBOK section 13.04.03

SE Fundamental RSE Equivalent
  • Security pattern
  • Security pattern (tentative)
Fundamental description RSE practice
A security pattern describes a particular recurring security problem that arises in a specific context and presents a well-proven generic solution. Many RSEs will have a general understanding of `patterns' as a concept and will accept that security patterns exist, but few will actually be familiar with them.
SER potential (source) and
opportunities 		RSE awareness (source) and
usage (sources)
3 (expert judgement) 0 (expert judgement)
Raising awareness of the importance and value of secure software development techniques, such as (specifically) security patterns. Are there (classes of) security patterns which would be particularly useful for research/scientific software? 0 (expert judgement)

Updated:

Comments