《Linux基金会&OpenSSF：2024年安全软件开发教育调查报告：了解当前需求（英文版）（64页）.pdf》由会员分享，可在线阅读，更多相关《Linux基金会&OpenSSF：2024年安全软件开发教育调查报告：了解当前需求（英文版）（64页）.pdf（64页珍藏版）》请在三个皮匠报告上搜索。

1、Secure Software Development Education 2024 SurveyUnderstanding Current NeedsMarco Gerosa,Ph.D.,Northern Arizona University David A.Wheeler,Ph.D.,The Linux Foundation Stephen Hendrick,The Linux FoundationForeword by Christopher Robinson,Intel Dave Russo,Red HatJune 2024Training needs vary significant

2、ly based on professional roles and experience levels.Python is highly favored for language-specific training,with 71%of respondents expressing a preference,although C and Java are selected more frequently when respondents rank their top choices.57%of respondents identify AI and ML security as a crit

3、ical area for future innovation and attention in secure software development.56%of respondents see supply chain security as a crucial area needing increased focus and innovation.To start mitigating the need for more secure software development education,the OpenSSF selected Security Architecture as

4、the topic of a new course.Popular language-agnostic courses include security architecture(64%),security education and guidance(64%),and secure implementation(63%).53%of professionals,especially those in system operations(72%),have not taken a course on secure software development,largely due to the

5、lack of awareness about good courses(44%).Software developers with less than one year of experience report the highest lack of familiarity(75%)28%of professionals directly involved in software development are not familiar with secure software development.79%of professionals consider language-agnosti

6、c courses highly important,compared with 54%who attribute the same level of importance to language-specific courses.69%of professionals rely on on-the-job experience as a learning resource for secure software development,but it can take more than 5 years of such experience to achieve familiarity.50%