News Story

Mazurek Wins NSF Award to Improve Secure Software Development


Also see...


News Search

News Archives

Events Calendar

Mazurek Wins NSF Award to Improve Secure Software Development

A University of Maryland expert in cybersecurity and human-computer interaction has won a National Science Foundation (NSF) Faculty Early Career Development (CAREER) award to improve the validity and reliability of developer-centered software security research.

Michelle Mazurek, an assistant professor of computer science and a core faculty member in the Maryland Cybersecurity Center, is principal investigator of the NSF award, expected to total approximately $550,000 over five years.

The funding supports Mazurek’s efforts to improve the development of secure software by empirically establishing best practices and tradeoffs, building on already established best practices from the usable security and empirical software engineering communities.

Despite significant technical advances in software security, insecure software remains a common problem, sometimes with disastrous results, Mazurek says. Solving this problem will require understanding how human decision-making interacts with technology in the process of secure software development.

Studying these human factors is typically expensive, time-consuming and difficult, Mazurek explains. Professional software developers are typically a small and hard-to-reach study population, and their work is a complex task that can be hard to mimic in a study environment.

Mazurek plans to undertake a series of methodological studies and experiments in three key areas: (a) how to design appropriate programming tasks; (b) how to choose a study environment that effectively balances experimental control with ecological validity; and (c) how to measure relevant outcomes such as developer self-efficacy and application program interface (API) usability.

She will then test these critical questions of study design across multiple underlying research questions, such as comparisons of APIs, documentation resources, and security tools.

By conducting a variety of experiments directly comparing the effects of different experimental design choices on studies of human-centered secure development, Mazurek’s project aims to help future researchers design better experiments and deploy their resources as effectively as possible.

The outcomes will be synthesized into comprehensive guidelines to help researchers conduct better studies, acquire stronger evidence, and therefore improve the process of secure development.

Mazurek received her doctorate in electrical and computer engineering from Carnegie Mellon University in 2014.

—Story by Melissa Brachfeld

CAREER: Improving the Reliability of Human-Centered Secure-Development Research” is supported by NSF grant #1943215 from the NSF’s Division of Computer and Network Systems.

PI: Michelle Mazurek, assistant professor of computer science with appointments in the University of Maryland Institute for Advanced Computer Studies and the Maryland Cybersecurity Center.

About the CAREER award: The Faculty Early Career Development (CAREER) Program is an NSF activity that offers the foundation’s most prestigious awards in support of junior faculty who exemplify the role of teacher-scholars through outstanding research, excellent education and the integration of education and research within the context of the mission of their organization.

Related Articles:
Lampropoulos Receives $540K NSF Award to Advance Proof Engineering Software and Protocols
Maryland Cybersecurity Center Kicks Off Second Year of Postdoctoral Fellowship Program
As New Director, Mazurek Expands on MC2’s Momentum
UMD Team Wins Distinguished Paper Award for Uncovering New Type of Cyberattack
New Postdocs Bring Expertise in Secure Software Development and Usable Security and Privacy to MC2
MC2 Researchers Present 10 Papers at Upcoming Security Symposiums
Mazurek Named Co-Director of Maryland Cybersecurity Center
New MC2 Postdoctoral Fellow Brings Expertise in Cryptography to UMD Campus
New Faculty Member Brings Wide Range of Secure Software Development Skills
Graduating Students and Postdocs Affiliated with MC2 Accept Positions in Academia and Industry

March 11, 2020

Prev   Next

Clark School        UMIACS   CMNS