1、Secure Software Development Education 2024 SurveyUnderstanding Current NeedsMarco Gerosa,Ph.D.,Northern Arizona University David A.Wheeler,Ph.D.,The Linux Foundation Stephen Hendrick,The Linux FoundationForeword by Christopher Robinson,Intel Dave Russo,Red HatJune 2024Training needs vary significant

2、ly based on professional roles and experience levels.Python is highly favored for language-specific training,with 71%of respondents expressing a preference,although C and Java are selected more frequently when respondents rank their top choices.57%of respondents identify AI and ML security as a crit

3、ical area for future innovation and attention in secure software development.56%of respondents see supply chain security as a crucial area needing increased focus and innovation.To start mitigating the need for more secure software development education,the OpenSSF selected Security Architecture as

4、the topic of a new course.Popular language-agnostic courses include security architecture(64%),security education and guidance(64%),and secure implementation(63%).53%of professionals,especially those in system operations(72%),have not taken a course on secure software development,largely due to the

5、lack of awareness about good courses(44%).Software developers with less than one year of experience report the highest lack of familiarity(75%)28%of professionals directly involved in software development are not familiar with secure software development.79%of professionals consider language-agnosti

6、c courses highly important,compared with 54%who attribute the same level of importance to language-specific courses.69%of professionals rely on on-the-job experience as a learning resource for secure software development,but it can take more than 5 years of such experience to achieve familiarity.50%