Cybersecurity Awareness Platform with Virtual Coach and Automated Challenge Assessment
This work addresses the need for improved cybersecurity awareness training for software developers in industrial settings, though it appears incremental as it builds on existing training programs.
The authors tackled the problem of increasing cyber-attacks on industrial control systems by developing a platform with a virtual coach and automated challenge assessment to train software developers in secure coding, with a survey showing positive acceptance from real-world players in academia and industry.
Over the last years, the number of cyber-attacks on industrial control systems has been steadily increasing. Among several factors, proper software development plays a vital role in keeping these systems secure. To achieve secure software, developers need to be aware of secure coding guidelines and secure coding best practices. This work presents a platform geared towards software developers in the industry that aims to increase awareness of secure software development. The authors also introduce an interactive game component, a virtual coach, which implements a simple artificial intelligence engine based on the laddering technique for interviews. Through a survey, a preliminary evaluation of the implemented artifact with real-world players (from academia and industry) shows a positive acceptance of the developed platform. Furthermore, the players agree that the platform is adequate for training their secure coding skills. The impact of our work is to introduce a new automatic challenge evaluation method together with a virtual coach to improve existing cybersecurity awareness training programs. These training workshops can be easily held remotely or off-line.