Challenges and approaches of performing canonical action research in software security: research paper

Cruzes, Daniela Soares; Jaatun, Martin Gilje; Oyetoyan, Tosin Daniel

Cruzes, Daniela Soares; Jaatun, Martin Gilje; Oyetoyan, Tosin Daniel

Chapter

Accepted version

View/Open

Microsoft+Word+-+HotSOS_Methodology_final+copy.docx+%28003%29.pdf (472.5Kb)

URI

http://hdl.handle.net/11250/2571490

Date

2018

Metadata

Show full item record

Collections

Publikasjoner fra CRIStin - SINTEF AS [4215]
SINTEF Digital [1638]

Original version

HoTSoS '18,Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security, Raleigh, North Carolina, April 10-11, 2018, pp 11

Abstract

When studying work practices, it is important to obtain accurate and reliable information about how work is actually done. Action research is an interactive inquiry process that balances problemsolving actions implemented in a collaborative context with datadriven collaborative analysis or research to understand underlying causes enabling future predictions about personal and organizational change. Our research team has been engaged in action research in software organizations in Norway for two years. In this paper we describe some of the challenges in performing canonical action research in software security. We have structured the discussion of the challenges based on the principles of canonical action research, and we draw some lessons learned and future work towards improving the adoption of action research in software security research.