{"id":"https://openalex.org/W4396882206","doi":"https://doi.org/10.1145/3658644.3690283","title":"Using AI Assistants in Software Development: A Qualitative Study on Security Practices and Concerns","display_name":"Using AI Assistants in Software Development: A Qualitative Study on Security Practices and Concerns","publication_year":2024,"publication_date":"2024-12-02","ids":{"openalex":"https://openalex.org/W4396882206","doi":"https://doi.org/10.1145/3658644.3690283"},"language":"en","primary_location":{"id":"doi:10.1145/3658644.3690283","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3690283","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690283","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690283","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5037107748","display_name":"Jan H. Klemmer","orcid":"https://orcid.org/0000-0002-6994-7206"},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Jan H. Klemmer","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security, Hanover, Germany"],"affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security, Hanover, Germany","institution_ids":["https://openalex.org/I4210128801"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072575822","display_name":"Stefan Albert Horstmann","orcid":"https://orcid.org/0000-0002-4053-0706"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Stefan Albert Horstmann","raw_affiliation_strings":["Ruhr University Bochum, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5051075311","display_name":"Nikhil Patnaik","orcid":"https://orcid.org/0000-0002-8055-3750"},"institutions":[{"id":"https://openalex.org/I36234482","display_name":"University of Bristol","ror":"https://ror.org/0524sp257","country_code":"GB","type":"education","lineage":["https://openalex.org/I36234482"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Nikhil Patnaik","raw_affiliation_strings":["University of Bristol, Bristol, United Kingdom"],"affiliations":[{"raw_affiliation_string":"University of Bristol, Bristol, United Kingdom","institution_ids":["https://openalex.org/I36234482"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5097605601","display_name":"Cordelia Ludden","orcid":null},"institutions":[{"id":"https://openalex.org/I121934306","display_name":"Tufts University","ror":"https://ror.org/05wvpxv85","country_code":"US","type":"education","lineage":["https://openalex.org/I121934306"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Cordelia Ludden","raw_affiliation_strings":["Tufts University, Medford, MA, USA"],"affiliations":[{"raw_affiliation_string":"Tufts University, Medford, MA, USA","institution_ids":["https://openalex.org/I121934306"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5113206704","display_name":"Cordell Burton","orcid":null},"institutions":[{"id":"https://openalex.org/I121934306","display_name":"Tufts University","ror":"https://ror.org/05wvpxv85","country_code":"US","type":"education","lineage":["https://openalex.org/I121934306"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Cordell Burton","raw_affiliation_strings":["Tufts University, Medford, MA, USA"],"affiliations":[{"raw_affiliation_string":"Tufts University, Medford, MA, USA","institution_ids":["https://openalex.org/I121934306"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5113206705","display_name":"Carson Powers","orcid":null},"institutions":[{"id":"https://openalex.org/I121934306","display_name":"Tufts University","ror":"https://ror.org/05wvpxv85","country_code":"US","type":"education","lineage":["https://openalex.org/I121934306"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Carson Powers","raw_affiliation_strings":["Tufts University, Medford, MA, USA"],"affiliations":[{"raw_affiliation_string":"Tufts University, Medford, MA, USA","institution_ids":["https://openalex.org/I121934306"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5085639552","display_name":"Fabio Massacci","orcid":"https://orcid.org/0000-0002-1091-8486"},"institutions":[{"id":"https://openalex.org/I193223587","display_name":"University of Trento","ror":"https://ror.org/05trd4x28","country_code":"IT","type":"education","lineage":["https://openalex.org/I193223587"]},{"id":"https://openalex.org/I865915315","display_name":"Vrije Universiteit Amsterdam","ror":"https://ror.org/008xxew50","country_code":"NL","type":"education","lineage":["https://openalex.org/I865915315"]}],"countries":["IT","NL"],"is_corresponding":false,"raw_author_name":"Fabio Massacci","raw_affiliation_strings":["Vrije Universiteit Amsterdam &amp; University of Trento, Amsterdam, Netherlands"],"affiliations":[{"raw_affiliation_string":"Vrije Universiteit Amsterdam &amp; University of Trento, Amsterdam, Netherlands","institution_ids":["https://openalex.org/I193223587","https://openalex.org/I865915315"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5069063267","display_name":"Akond Rahman","orcid":"https://orcid.org/0000-0002-5056-757X"},"institutions":[{"id":"https://openalex.org/I82497590","display_name":"Auburn University","ror":"https://ror.org/02v80fc35","country_code":"US","type":"education","lineage":["https://openalex.org/I82497590"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Akond Rahman","raw_affiliation_strings":["Auburn University, Auburn, AL, USA"],"affiliations":[{"raw_affiliation_string":"Auburn University, Auburn, AL, USA","institution_ids":["https://openalex.org/I82497590"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5068333184","display_name":"Daniel Votipka","orcid":"https://orcid.org/0000-0001-9985-250X"},"institutions":[{"id":"https://openalex.org/I121934306","display_name":"Tufts University","ror":"https://ror.org/05wvpxv85","country_code":"US","type":"education","lineage":["https://openalex.org/I121934306"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Daniel Votipka","raw_affiliation_strings":["Tufts University, Medford, MA, USA"],"affiliations":[{"raw_affiliation_string":"Tufts University, Medford, MA, USA","institution_ids":["https://openalex.org/I121934306"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5019527252","display_name":"Heather Richter Lipford","orcid":"https://orcid.org/0000-0002-5261-0148"},"institutions":[{"id":"https://openalex.org/I102149020","display_name":"University of North Carolina at Charlotte","ror":"https://ror.org/04dawnj30","country_code":"US","type":"education","lineage":["https://openalex.org/I102149020"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Heather Richter Lipford","raw_affiliation_strings":["UNC Charlotte, Charlotte, NC, USA"],"affiliations":[{"raw_affiliation_string":"UNC Charlotte, Charlotte, NC, USA","institution_ids":["https://openalex.org/I102149020"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5034962802","display_name":"Awais Rashid","orcid":"https://orcid.org/0000-0002-0109-1341"},"institutions":[{"id":"https://openalex.org/I36234482","display_name":"University of Bristol","ror":"https://ror.org/0524sp257","country_code":"GB","type":"education","lineage":["https://openalex.org/I36234482"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Awais Rashid","raw_affiliation_strings":["University of Bristol, Bristol, United Kingdom"],"affiliations":[{"raw_affiliation_string":"University of Bristol, Bristol, United Kingdom","institution_ids":["https://openalex.org/I36234482"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5079036523","display_name":"Alena Naiakshina","orcid":"https://orcid.org/0009-0008-1843-2027"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Alena Naiakshina","raw_affiliation_strings":["Ruhr University Bochum, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5087356408","display_name":"Sascha Fahl","orcid":"https://orcid.org/0000-0002-5644-3316"},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Sascha Fahl","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security, Hanover, Germany"],"affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security, Hanover, Germany","institution_ids":["https://openalex.org/I4210128801"]}]}],"institutions":[],"countries_distinct_count":5,"institutions_distinct_count":13,"corresponding_author_ids":["https://openalex.org/A5037107748"],"corresponding_institution_ids":["https://openalex.org/I4210128801"],"apc_list":null,"apc_paid":null,"fwci":1.9849,"has_fulltext":true,"cited_by_count":17,"citation_normalized_percentile":{"value":0.86696646,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"2726","last_page":"2740"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11636","display_name":"Artificial Intelligence in Healthcare and Education","score":0.9882000088691711,"subfield":{"id":"https://openalex.org/subfields/2718","display_name":"Health Informatics"},"field":{"id":"https://openalex.org/fields/27","display_name":"Medicine"},"domain":{"id":"https://openalex.org/domains/4","display_name":"Health Sciences"}},"topics":[{"id":"https://openalex.org/T11636","display_name":"Artificial Intelligence in Healthcare and Education","score":0.9882000088691711,"subfield":{"id":"https://openalex.org/subfields/2718","display_name":"Health Informatics"},"field":{"id":"https://openalex.org/fields/27","display_name":"Medicine"},"domain":{"id":"https://openalex.org/domains/4","display_name":"Health Sciences"}},{"id":"https://openalex.org/T10883","display_name":"Ethics and Social Impacts of AI","score":0.9803000092506409,"subfield":{"id":"https://openalex.org/subfields/3311","display_name":"Safety Research"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9409999847412109,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.7334878444671631},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.6530840992927551},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.584607720375061},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.532592236995697},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.5153043270111084},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.5025358200073242},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.48868826031684875},{"id":"https://openalex.org/keywords/personal-software-process","display_name":"Personal software process","score":0.4475741982460022},{"id":"https://openalex.org/keywords/software-peer-review","display_name":"Software peer review","score":0.44580942392349243},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3913707435131073},{"id":"https://openalex.org/keywords/software-construction","display_name":"Software construction","score":0.3190329074859619},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.22623693943023682},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.12136057019233704}],"concepts":[{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.7334878444671631},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.6530840992927551},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.584607720375061},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.532592236995697},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.5153043270111084},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.5025358200073242},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.48868826031684875},{"id":"https://openalex.org/C39890963","wikidata":"https://www.wikidata.org/wiki/Q1702721","display_name":"Personal software process","level":5,"score":0.4475741982460022},{"id":"https://openalex.org/C74579156","wikidata":"https://www.wikidata.org/wiki/Q7554342","display_name":"Software peer review","level":5,"score":0.44580942392349243},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3913707435131073},{"id":"https://openalex.org/C186846655","wikidata":"https://www.wikidata.org/wiki/Q3398377","display_name":"Software construction","level":4,"score":0.3190329074859619},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.22623693943023682},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.12136057019233704},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":8,"locations":[{"id":"doi:10.1145/3658644.3690283","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3690283","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690283","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:research.vu.nl:publications/8a3a2a30-4ce6-4e27-9eab-469c38f7130d","is_oa":true,"landing_page_url":"https://research.vu.nl/en/publications/8a3a2a30-4ce6-4e27-9eab-469c38f7130d","pdf_url":null,"source":{"id":"https://openalex.org/S4306401107","display_name":"VU Research Portal","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I865915315","host_organization_name":"Vrije Universiteit Amsterdam","host_organization_lineage":["https://openalex.org/I865915315"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Klemmer, J H, Horstmann, S A, Patnaik, N, Ludden, C, Burton, C, Powers, C, Massacci, F, Rahman, A, Votipka, D, Lipford, H R, Rashid, A, Naiakshina, A & Fahl, S 2024, Using AI Assistants in Software Development : A Qualitative Study on Security Practices and Concerns. in CCS '24: Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, Inc, pp. 2726-2740, 31st ACM SIGSAC Conference on Computer and Communications Security, CCS 2024, Salt Lake City, United States, 14/10/24. https://doi.org/10.1145/3658644.3690283","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:arXiv.org:2405.06371","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2405.06371","pdf_url":"https://arxiv.org/pdf/2405.06371","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"pmh:oai:iris.unitn.it:11572/455771","is_oa":true,"landing_page_url":"https://hdl.handle.net/11572/455771","pdf_url":"https://iris.unitn.it/bitstream/11572/455771/1/2405.06371v2.pdf","source":{"id":"https://openalex.org/S4306401913","display_name":"Institutional Research Information System (Universit\u00e0 degli Studi di Trento)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I193223587","host_organization_name":"University of Trento","host_organization_lineage":["https://openalex.org/I193223587"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/conferenceObject"},{"id":"pmh:oai:research-information.bris.ac.uk:openaire_cris_publications/045b2dc8-621c-4d21-940b-8ea5dd5d6e06","is_oa":true,"landing_page_url":"https://research-information.bris.ac.uk/en/publications/045b2dc8-621c-4d21-940b-8ea5dd5d6e06","pdf_url":"https://research-information.bris.ac.uk/files/463995770/2405.06371v2.pdf","source":{"id":"https://openalex.org/S7407055359","display_name":"Explore Bristol Research","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Klemmer, J H, Horstmann, S A, Patnaik, N, Ludden, C, Jr., C B, Powers, C, Massacci, F, Rahman, A, Votipka, D, Lipford, H R, Rashid, A, Naiakshina, A & Fahl, S 2024, Using AI Assistants in Software Development : A Qualitative Study on Security Practices and Concerns. in B Luo, X Liao, J Xu, E Kirda & D Lie (eds), CCS '24 : Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security. Proceedings of the ACM Conference on Computer and Communications Security, ACM SIGGRAPH, pp. 2726-2740. https://doi.org/10.1145/3658644.3690283","raw_type":"contributionToPeriodical"},{"id":"pmh:doi:10.60882/cispa.28457690","is_oa":true,"landing_page_url":"https://arxiv.org/abs/2405.06371","pdf_url":null,"source":{"id":"https://openalex.org/S4406922384","display_name":"Open MIND","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Conference contribution"},{"id":"pmh:oai:research-information.bris.ac.uk:openaire/045b2dc8-621c-4d21-940b-8ea5dd5d6e06","is_oa":true,"landing_page_url":"https://hdl.handle.net/1983/045b2dc8-621c-4d21-940b-8ea5dd5d6e06","pdf_url":null,"source":{"id":"https://openalex.org/S7407055359","display_name":"Explore Bristol Research","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Klemmer, J H, Horstmann, S A, Patnaik, N, Ludden, C, Jr., C B, Powers, C, Massacci, F, Rahman, A, Votipka, D, Lipford, H R, Rashid, A, Naiakshina, A & Fahl, S 2024, Using AI Assistants in Software Development : A Qualitative Study on Security Practices and Concerns. in B Luo, X Liao, J Xu, E Kirda & D Lie (eds), CCS '24 : Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security. Proceedings of the ACM Conference on Computer and Communications Security, ACM SIGGRAPH, pp. 2726-2740. https://doi.org/10.1145/3658644.3690283","raw_type":"contributionToPeriodical"},{"id":"pmh:oai:research.vu.nl:openaire_cris_publications/8a3a2a30-4ce6-4e27-9eab-469c38f7130d","is_oa":true,"landing_page_url":"https://hdl.handle.net/1871.1/8a3a2a30-4ce6-4e27-9eab-469c38f7130d","pdf_url":null,"source":{"id":"https://openalex.org/S4306401107","display_name":"VU Research Portal","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I865915315","host_organization_name":"Vrije Universiteit Amsterdam","host_organization_lineage":["https://openalex.org/I865915315"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Klemmer, J H, Horstmann, S A, Patnaik, N, Ludden, C, Burton, C, Powers, C, Massacci, F, Rahman, A, Votipka, D, Lipford, H R, Rashid, A, Naiakshina, A & Fahl, S 2024, Using AI Assistants in Software Development : A Qualitative Study on Security Practices and Concerns. in CCS '24: Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, Inc, pp. 2726-2740, 31st ACM SIGSAC Conference on Computer and Communications Security, CCS 2024, Salt Lake City, United States, 14/10/24. https://doi.org/10.1145/3658644.3690283","raw_type":"info:eu-repo/semantics/publishedVersion"}],"best_oa_location":{"id":"doi:10.1145/3658644.3690283","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3690283","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690283","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9","score":0.44999998807907104}],"awards":[{"id":"https://openalex.org/G106298974","display_name":"Equitable privacy","funder_award_id":"EP/W025361/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G1461212393","display_name":null,"funder_award_id":"EP/V011189/1","funder_id":"https://openalex.org/F4320310077","funder_display_name":"National Research Centre"},{"id":"https://openalex.org/G1547899140","display_name":"SNAP: Scalable Non-destructive Atom Probing for Quantum Computing","funder_award_id":"23123","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G1851371107","display_name":"Causes and Remediation of the Predecisional Distortion of Information","funder_award_id":"0112039","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G18682879","display_name":null,"funder_award_id":"390781972","funder_id":"https://openalex.org/F4320320879","funder_display_name":"Deutsche Forschungsgemeinschaft"},{"id":"https://openalex.org/G2397431852","display_name":null,"funder_award_id":"2247141","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G2948339694","display_name":"REPHRAIN: Research centre on Privacy, Harm Reduction and Adversarial Influence online","funder_award_id":"EP/V011189/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G303350058","display_name":null,"funder_award_id":"EP/P011799/2","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G3330119427","display_name":null,"funder_award_id":"EPSRC","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G3514550006","display_name":null,"funder_award_id":"Centre","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G4731965396","display_name":null,"funder_award_id":"KICH1.VE01.20.004","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G510361925","display_name":null,"funder_award_id":"101120393","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G5106512922","display_name":null,"funder_award_id":"Deutsche Forschungsgemeinschaft (DFG","funder_id":"https://openalex.org/F4320320879","funder_display_name":"Deutsche Forschungsgemeinschaft"},{"id":"https://openalex.org/G5207890969","display_name":null,"funder_award_id":"EP/P011799/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G5323896247","display_name":null,"funder_award_id":"EP/W025361/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G5365867299","display_name":null,"funder_award_id":"Grant","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G5717916917","display_name":null,"funder_award_id":"39078197","funder_id":"https://openalex.org/F4320320879","funder_display_name":"Deutsche Forschungsgemeinschaft"},{"id":"https://openalex.org/G5973023061","display_name":"Experience and Teleology in Ancient Narrative","funder_award_id":"312321","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G7804310422","display_name":"Valorising a plant protection method","funder_award_id":"22471","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G8031784425","display_name":null,"funder_award_id":"2312321","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G8051717526","display_name":null,"funder_award_id":"Grant","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G8318064016","display_name":null,"funder_award_id":"Horizon","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G8410974129","display_name":null,"funder_award_id":"2247141,2312321","funder_id":"https://openalex.org/F4320323817","funder_display_name":"Universitas Brawijaya"},{"id":"https://openalex.org/G848032724","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G895001607","display_name":null,"funder_award_id":"Grant","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320310077","display_name":"National Research Centre","ror":"https://ror.org/02n85j827"},{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320320879","display_name":"Deutsche Forschungsgemeinschaft","ror":"https://ror.org/018mejw64"},{"id":"https://openalex.org/F4320321800","display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek","ror":"https://ror.org/04jsz6e67"},{"id":"https://openalex.org/F4320323817","display_name":"Universitas Brawijaya","ror":"https://ror.org/01wk3d929"},{"id":"https://openalex.org/F4320334322","display_name":"HORIZON EUROPE Framework Programme","ror":null},{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"}],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4396882206.pdf"},"referenced_works_count":22,"referenced_works":["https://openalex.org/W2511044583","https://openalex.org/W2511548333","https://openalex.org/W2605067380","https://openalex.org/W2624735790","https://openalex.org/W2907964905","https://openalex.org/W2976517144","https://openalex.org/W3017863658","https://openalex.org/W3162287891","https://openalex.org/W3175998072","https://openalex.org/W3213232997","https://openalex.org/W3216637875","https://openalex.org/W4284700822","https://openalex.org/W4288057765","https://openalex.org/W4299818415","https://openalex.org/W4308410894","https://openalex.org/W4320560161","https://openalex.org/W4388858722","https://openalex.org/W4388858772","https://openalex.org/W4389523721","https://openalex.org/W4396790452","https://openalex.org/W4396832043","https://openalex.org/W4396832466"],"related_works":["https://openalex.org/W2052544251","https://openalex.org/W1985408088","https://openalex.org/W3186869374","https://openalex.org/W2186532739","https://openalex.org/W4239398052","https://openalex.org/W4237991740","https://openalex.org/W2498879926","https://openalex.org/W2382994508","https://openalex.org/W2984930913","https://openalex.org/W403164"],"abstract_inverted_index":{"Following":[0],"the":[1,14,113,125,181],"recent":[2,34],"release":[3],"of":[4,124],"AI":[5,30,49,63,117,141,160,193,195,213],"assistants,":[6],"such":[7],"as":[8],"OpenAI's":[9],"ChatGPT":[10],"and":[11,52,72,75,97,107,127,135,151,201,207],"GitHub":[12],"Copilot,":[13],"software":[15,22,46,60,67,82,90,93,120,188,215],"industry":[16],"quickly":[17],"utilized":[18],"these":[19],"tools":[20],"for":[21,31,119,143,177,187,203],"development":[23],"tasks,":[24,145,206],"e.g.,":[25,146],"generating":[26],"code":[27,40,147],"or":[28],"consulting":[29],"advice.":[32],"While":[33],"research":[35],"has":[36],"demonstrated":[37],"that":[38,131],"AI-generated":[39],"can":[41],"contain":[42],"security":[43,53,70,98,134,178,200,205],"issues,":[44],"how":[45,59],"professionals":[47,61,189],"balance":[48],"assistant":[50],"usage":[51],"remains":[54],"unclear.":[55],"This":[56],"paper":[57],"investigates":[58],"use":[62,140,176],"assistants":[64,118,142],"in":[65,162,180,214],"secure":[66,81],"development,":[68],"what":[69,76],"implications":[71],"considerations":[73],"arise,":[74],"impact":[77],"they":[78,169],"foresee":[79],"on":[80],"development.":[83,121,216],"We":[84,100,183],"conducted":[85],"27":[86],"semi-structured":[87],"interviews":[88,126],"with":[89,185],"professionals,":[91],"including":[92],"engineers,":[94],"team":[95],"leads,":[96],"testers.":[99],"also":[101],"reviewed":[102],"190":[103],"relevant":[104],"Reddit":[105,128],"posts":[106,129],"comments":[108],"to":[109,158,165,190,197,210],"gain":[110],"insights":[111],"into":[112],"current":[114],"discourse":[115],"surrounding":[116],"Our":[122],"analysis":[123],"finds":[130],"despite":[132],"many":[133],"quality":[136],"concerns,":[137],"participants":[138],"widely":[139],"security-critical":[144],"generation,":[148],"threat":[149],"modeling,":[150],"vulnerability":[152],"detection.":[153],"Their":[154],"overall":[155],"mistrust":[156],"leads":[157],"checking":[159],"suggestions":[161],"similar":[163],"ways":[164],"human":[166],"code,":[167],"although":[168],"expect":[170],"improvements":[171],"and,":[172],"therefore,":[173],"a":[174],"heavier":[175],"tasks":[179],"future.":[182],"conclude":[184],"recommendations":[186],"critically":[191],"check":[192],"suggestions,":[194],"creators":[196],"improve":[198],"suggestion":[199],"capabilities":[202],"ethical":[204],"academic":[208],"researchers":[209],"consider":[211],"general-purpose":[212]},"counts_by_year":[{"year":2026,"cited_by_count":7},{"year":2025,"cited_by_count":9},{"year":2024,"cited_by_count":1}],"updated_date":"2026-04-15T08:11:43.952461","created_date":"2024-05-14T00:00:00"}