Gaming DevSecOps - A Serious Game Pilot Study

2021 
Serious games provide a method for teaching students in an engaging, non-threatening way. To be useful educational tools, these games need to be designed with the lesson objectives in mind. This paper uses the Game Design Matrix to design a game from learning objectives. The lesson objectives focus on software development, security and operations (DevSecOps). DevSecOps requires judging the cost and risk trade offs between secure and unsecured software aspects including code, data and usability; devising a strategy to produce a system under threat; comprehending that partial security may equate to no security; and identifying examples of insecure code and methods of mitigating it. These lesson objectives combined with the teaching environment drive design decisions that produce a game that fits well into a graduate level course in secure software design and development. We evaluate the game in a graduate course on secure software design and development. Learner surveys confirm that DevSecOps conveys the learning objectives in an engaging way.
    • Correction
    • Source
    • Cite
    • Save
    • Machine Reading By IdeaReader
    18
    References
    0
    Citations
    NaN
    KQI
    []