Co-created Design of a Serious Game Investigation into Developer-Centred Security

  • Manuel MaarekEmail author
  • Sandy Louchart
  • Léon McGregor
  • Ross McMenemy
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11385)


The cyber security context requires to better understand how developers write (in)secure code and to assist them in their software developments. We have developed a secure coding experiment and serious game intervention. In this paper, we report on the design of a serious game to investigate developer-centred security. We used a combination of approaches to shape discussions and support the serious game co-creation.


Serious game Serious game design Cyber security Software security Developer-centred security 


  1. 1.
    Acar, Y., Stransky, C., Wermke, D., Mazurek, M.L., Fahl, S.: Security developer studies with GitHub users: exploring a convenience sample. In: Symposium on Usable Privacy and Security (SOUPS) (2017)Google Scholar
  2. 2.
    Tioh, J.N., Mina, M., Jacobson, D.W.: Cyber security training a survey of serious games in cyber security. In: IEEE Frontiers in Education Conference (FIE), pp. 1–5 (2017).
  3. 3.
    Hendrix, M., Al-Sherbaz, A., Bloom, V.: Game based cyber security training: are serious games suitable for cyber security training? Int. J. Serious Games 3, 53–61 (2016)CrossRefGoogle Scholar
  4. 4.
    Sommestad, T., Hallberg, J.: Cyber security exercises and competitions as a platform for cyber security experiments. In: Jøsang, A., Carlsson, B. (eds.) NordSec 2012. LNCS, vol. 7617, pp. 47–60. Springer, Heidelberg (2012). Scholar
  5. 5.
    Frey, S., Rashid, A., Anthonysamy, P., Pinto-Albuquerque, M., Naqvi, S.A.: The good, the bad and the ugly: a study of security decisions in a cyber-physical systems game. IEEE Trans. Softw. Eng. (2018).
  6. 6.
    Xie, T., Bishop, J., Tillmann, N., de Halleux, J.: Gamifying software security education and training via secure coding duels in code hunt. In: Symposium and Bootcamp on the Science of Security, pp. 26:1–26:2. ACM (2015).
  7. 7.
    Ruef, A., Hicks, M., Parker, J., Levin, D., Mazurek, M.L., Mardziel, P.: Build it, break it, fix it: contesting secure development. In: ACM SIGSAC Conference on Computer and Communications Security, pp. 690–703 (2016).
  8. 8.
    Rojas, J.M., White, T.D., Clegg, B.S., Fraser, G.: Code defenders: crowdsourcing effective tests and subtle mutants with a mutation testing game. In: International Conference on Software Engineering, pp. 677–688. IEEE (2017).
  9. 9.
    Rojas, J.M., Fraser, G.: Code defenders: a mutation testing game. In: International Conference on Software Testing, Verification and Validation Workshops (ICSTW), pp. 162–167 (2016).
  10. 10.
    Weir, C., Rashid, A., Noble, J.: Reaching the masses: a new subdiscipline of app programmer education. In: ACM SIGSOFT International Symposium on Foundations of Software Engineering, pp. 936–939 (2016).
  11. 11.
    Weir, C., Rashid, A., Noble, J.: I’d like to have an argument, please : using dialectic for effective app security. In: European Workshop on Usable Security (EuroUSEC) (2017)Google Scholar
  12. 12.
    Pedreira, O., García, F., Brisaboa, N., Piattini, M.: Gamification in software engineering – a systematic mapping. Inf. Softw. Technol. 57, 157–168 (2015). Scholar
  13. 13.
    Arai, S., Sakamoto, K., Washizaki, H., Fukazawa, Y.: A gamified tool for motivating developers to remove warnings of bug pattern tools. In: International Workshop on Empirical Software Engineering in Practice, pp. 37–42. IEEE (2014).
  14. 14.
    Barik, T., Murphy-Hill, E., Zimmermann, T.: A perspective on blending programming environments and games: Beyond points, badges, and leaderboards. In: IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC), pp. 134–142 (2016).
  15. 15.
    Lim, T., et al.: Serious game mechanics, workshop on the ludo-pedagogical mechanism. In: De Gloria, A. (ed.) GALA 2014. LNCS, vol. 9221, pp. 174–183. Springer, Cham (2015). Scholar
  16. 16.
    Harteveld, C.: Triadic Game Design: Balancing Reality, Meaning and Play. Springer, London (2011). Scholar
  17. 17.
    Arnab, S., et al.: Mapping learning and game mechanics for serious games analysis. Br. J. Educ. Technol. 46, 391–411 (2014)CrossRefGoogle Scholar
  18. 18.
    Schonfeld, E.: SCVNGR’s Secret Game Mechanics Playdeck (2010).
  19. 19.
    Djaouti, D., Alvarez, J., Jessel, J.-P., Methel, G., Molinier, P.: A gameplay definition through videogame classification. Int. J. Comput. Games Technol. 2008, 4:1–4:7 (2008). Scholar
  20. 20.
    Guardiola, E.: The gameplay loop: a player activity model for game design and analysis. In: ACM International Conference on Advances in Computer Entertainment Technology (2016).
  21. 21.
    Fullerton, T.: Game Design Workshop: A Playcentric Approach to Creating Innovative Games, 3rd edn. A K Peters/CRC Press, Natick (2014)CrossRefGoogle Scholar
  22. 22.
    IJsselsteijn, W.A., de Kort, Y.A.W., Poels, K.: The Game Experience Questionnaire. Technische Universiteit Eindhoven, European Community - New and Emerging Science and Technology (NEST) Programme (2013)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Heriot-Watt UniversityEdinburghUK
  2. 2.Glasgow School of ArtGlasgowUK

Personalised recommendations