Adopting Structured Security Testing:
Exploring the Diffusion of Cybersecurity Practices in DoD Waterfall Development
I, Michael R. Smith, am a doctoral student at Capella University and invite you to participate in my capstone research study. This research is part of the researcher’s doctoral education program. The purpose of my study is to explore the perceptions of software developers in DoD contracting firms on how cybersecurity principles—especially structured security testing—are perceived, adopted, and diffused throughout the phases of the waterfall development model, particularly in the context of structured security testing. You are invited to be a participant with your knowledge, experience, expertise, and personal assessments of the incorporation of security measures throughout the development process using the waterfall model, without regard to your current employer or workplace and the practices used at those sites.
Criteria to be a Participant:
You can be a participant if you meet the following criteria:
• You must be currently employed by a Department of Defense (DoD) contractor
• You must have at least three years of experience with the waterfall software development model
• You must be involved in implementing cybersecurity practices throughout the software development lifecycle
• You must be in good standing at your workplace (not currently on disciplinary probation)
• You must be able to discuss your work without violating security clearance or confidentiality obligations
You may not participate if any of the following apply:
• You are currently on disciplinary probation
• Your work involves classified or sensitive projects that cannot be discussed, even in general terms
• You have a close personal or professional relationship with the researcher (e.g., work for the same company or are family members)
Interview Format and Time Commitment:
Should you choose to participate, you will be asked to complete a forty-five to sixty-minute interview conducted via an audio-only Zoom call. The interview will be recorded for transcription purposes. After the interview, you will be asked to review your transcript for accuracy. As a token of appreciation, you will receive a $100 Amazon gift card once both the interview and transcript review are completed. Participation is entirely voluntary, and you may withdraw from the study at any time without penalty. Your identity will remain confidential; your name and the name of your employer will not appear in the final report. Participants are encouraged to take the interview in a private space to help protect confidentiality.
Benefits of the Study:
The expected benefits of the study include gaining insights into the factors that influence the adoption and diffusion of cybersecurity principles within traditional waterfall development models. This research aims to identify key factors that influence the diffusion of structured security testing practices across the software development lifecycle, potentially reducing vulnerabilities, improving software resilience, and minimizing remediation costs. The findings may inform organizational policies and training programs to enhance secure software development practices in highly regulated environments, such as those involving DoD contractors. A copy of the approved summary of the study will be provided to the participants upon completion.
Important Note on Privacy:
Participants will not be asked to share the name of their employer or any details about specific projects. The study focuses solely on your personal experiences and perspectives regarding how cybersecurity principles—particularly structured security testing—are communicated, adopted, and applied within the waterfall development model.
How to Participate:
Please review the eligibility criteria to participate in this study. If interested in participating in the study, please contact me at msmith891@capellauniversity.edu or (217) 919-0484.
Thank you for taking the time to assist in this study.