1 research outputs found
Fluid Intelligence Doesn't Matter! Effects of Code Examples on the Usability of Crypto APIs
Context: Programmers frequently look for the code of previously solved
problems that they can adapt for their own problem. Despite existing example
code on the web, on sites like Stack Overflow, cryptographic Application
Programming Interfaces (APIs) are co monly misused. There is little known about
what makes examples helpful for developers in using crypto APIs. Analogical
problem solving is a psychological theory that investigates how people use
known solutions to solve new problems. There is evidence that the capacity to
reason and solve novel problems a.k.a Fluid Intelligence (Gf ) and structurally
and procedurally similar solutions support problem solving. Aim: Our goal is to
understand whether similarity and Gf also have an effect in the context of
using cryptographic APIs with the help of code examples. Method: We conducted a
controlled experiment with 76 student participants developing with or without
procedurally similar examples, one of two Java crypto libraries and measured
the Gf of the participants as well as the effect on usability (effectiveness,
efficiency, satisfaction) and security bugs. Results: We observed a strong
effect of code examples with a high procedural similarity on all dependent
variables. Fluid intelligence Gf had no effect. It also made no difference
which library the participants used. Conclusions: Example code must be more
highly similar to a concrete solution, not very abstract and generic to have a
positive effect in a development task.Comment: 2 page