PROLEPSIS: Binary Analysis and Instrumentation of IoT Software for Control-Flow Integrity

Application security has become increasingly important as organizations digitally transform and rely more on software to operate. However, balancing security with competing development priorities like speed and new features presents ongoing challenges for program managers responsible for overseeing application projects. This study explored the perspectives of 10 cybersecurity program managers through interviews to understand their approaches to security governance and the common obstacles faced. Key challenges included pressuring developers focused on rapid delivery to also consider threats, limited security testing resources, and difficulty prioritizing among risks. However, establishing security requirements early in planning and integrating validation checks directly into workflows helped shift security left. Close collaboration between functions and leadership support for proper training and staffing also aided prioritization. While generalizability was limited, data saturation was reached on major themes. Establishing security guidelines upfront aligned with frameworks, yet deeper cultural changes may still be needed at firms resistant to oversight. Metrics and skills shortages also require attention. The research validated the pivotal role of program managers and provided insights into both barriers and effective practices, with implications for process improvements and leadership support to strengthen application defences.

show abstract

PROLEPSIS: Binary Analysis and Instrumentation of IoT Software for Control-Flow Integrity

Cited by 2 publications

References 25 publications

Real-Time Control-Flow Integrity for Multicore Mixed-Criticality IoT Systems

Real-Time Control-Flow Integrity for Multicore Mixed-Criticality IoT Systems

Application Security: The Perspective of a Program Manager

Contact Info

Product

Resources

About