Abstract :
We cannot expect secure computing from the vast majority of software applications when they’re written with little, if any, knowledge of generally accepted good practices such as specifying before coding, systematic testing, and so on. Although using professional programmers doesn’t guarantee correctness, security, or maintainability, the lack of real understanding about software development by end-user programmers poses a danger to stakeholders associated with mission-critical systems from the standpoints of both correctness and security.
