%AShahriar, Hossain%AQian, Kai%ALo, Dan%AWu, Fan%ARahman, Mohammad%AAhamed, Sheikh%AAgu, Emmanuel%D2019%I %K %MOSTI ID: 10156135 %PMedium: X %TPlugin-based Intervention for Secure Software Development %XThis Innovative Practice Work in Progress presents a plugin tool named DroidPatrol. It can be integrated with the Android Studio to perform tainted data flow analysis of mobile applications. Most vulnerabilities should be addressed and fixed during the development phase. Computer users, managers, and developers agree that we need software and systems that are “more secure”. Such efforts require support from both the educational institutions and learning communities to improve software assurance, particularly in writing secure code. Many open source static analysis tools help developers to maintain and clean up the code. However, they are not able to find potential security bugs. Our work is aimed to checking of security issues within Android applications during implementation. We provide an example hands-on lab based on DroidPatrol prototype and share the initial evaluation feedback from a classroom. The initial results show that the plugin based hands-on lab generates interests among learners and has the promise of acting as an intervention tool for secure software development. Country unknown/Code not availableOSTI-MSA