A Survey on the Effectiveness of the Secure Software Development Life Cycle Models

Saat ini, pengembangan perangkat lunak lebih kompleks daripada sebelumnya di mana keamanan menjadi salah satu yang paling krusial. Masalah keamanan menjadi bagian penting untuk developer perangkat lunak.Kebutuhan keamanan dalam pengembangan perangkat lunak menghasilkanpenciptaan yang disebut Secure Software Development Life Cycle (SSDLC). Paper ini menyoroti kerentanan perangkat lunak dan pendekatan untuk mengatasinya. Untuk itu akan dibahas beberapa tool keamanan seperti OWASP dan ISSAF. Tujuannya agar dapat mengetahui sejauh mana tool-tool tersebut meminimalkan kerentanan dalam pengembangan perangkat lunak.

Get full-text (via PubEx)

A Survey on Design Methods for Secure Software Development

INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY ◽

10.24297/ijct.v16i7.6467 ◽

2017 ◽

Vol 16 (7) ◽

pp. 7047-7064 ◽

Cited By ~ 2

Author(s):

Ola M.Surakhi ◽

Amjad Hudaib ◽

Mohammad AlShraideh ◽

Mohammad Khanafseh

Keyword(s):

Life Cycle ◽

Software Development ◽

Specification Languages ◽

Software Developer ◽

Advantages And Disadvantages ◽

Development Life Cycle ◽

Secure Software ◽

Secure Software Development ◽

Software Development Life Cycle ◽

Paper List

Software provide services that may come with some vulnerabilities or risks. Attackers perform actions that break security of system through threats and cause a failure. To avoid security vulnerability, there are many security-specific concepts that should be determined as requirements during software development life cycle in order to deliver a strong and secure software. This paper first, survey a number of existing processes, life cycle and methodologies needed for developing secure software based on the related published works. It starts by presenting the most relevant Secure Software Development Lifecycles, a comparison between the main security features for each process is proposed. The results of the comparison will give the software developer with a guideline which will help on selecting the best secure process. Second, the paper list a set of the most widely used specification languages with the advantages and disadvantages for each.

Get full-text (via PubEx)

PENETAPAN KONTROL KEAMANAN SISTEM TERPADU UNPAS (SITU) BERDASARKAN KONSEP SECURE SOFTWARE DEVELOPMENT LIFE DAN HASIL UJI PENETRASI

INFOMATEK ◽

10.23969/infomatek.v21i2.1982 ◽

2019 ◽

Vol 21 (2) ◽

pp. 97-102

Keyword(s):

Life Cycle ◽

Software Development ◽

Development Life Cycle ◽

Secure Software ◽

Secure Software Development ◽

Software Development Life Cycle

Pemanfaatan teknologi dapat memunculkan usaha mendapatkan keuntungan yang dapat merugikan perorangan ataupun organisasi, fenomena ini juga terjadi pada Sistem Informasi Terpadu UNPAS (SITU), dimana sistem mengalami serangan yang menyebabkan kerugian layanan secara keseluruhan menjadi terganggu, sehingga dibutuhkan sebuah kontrol keamanan yang dapat menunjang kelancaran dari sistem berjalan. Proses penetapan kontrol keamanan yang dibuat mengacu pada konsep Secure Software Development Life Cycle (SSDLC), yang diawali dengan proses analisi hasil uji penetrasi, pemetaan tingkat keamanan berdasarkan konsep management risiko dan dikaitkan dengan kondisi lingkungan sistem, dan yang menjadi parameter penentu kontrol keamanan adalah ancaman dan keandalan dari sistem berjalan berdasarkan hasil dari uji penetrasi pada penelitian sebelumnnya “Penentuan Performansi Sistem Informasi Terpadu Unpas (SITU) melalui Uji Penetrasi.

Get full-text (via PubEx)

A Study on the Secure Software Development Life Cycle for Common Criteria (CC) Certification

International Journal of Software Engineering and Its Applications ◽

10.14257/ijseia.2015.9.10.13 ◽

2015 ◽

Vol 9 (10) ◽

pp. 131-142

Author(s):

Min-gyu Lee ◽

Hyo-jung Sohn ◽

Baek-min Seong ◽

Jong-Bae Kim

Keyword(s):

Life Cycle ◽

Software Development ◽

Common Criteria ◽

Development Life Cycle ◽

Secure Software ◽

Secure Software Development ◽

Software Development Life Cycle

Get full-text (via PubEx)

System Analysis and Design Using Secure Software Development Life Cycle Based On ISO 31000 and STRIDE. Case Study Mutiara Ban Workshop

2019 Fourth International Conference on Informatics and Computing (ICIC) ◽

10.1109/icic47613.2019.8985938 ◽

2019 ◽

Cited By ~ 1

Author(s):

Lintang Yuniar Banowosari ◽

Bio Abidzar Gifari

Keyword(s):

Life Cycle ◽

Software Development ◽

System Analysis ◽

Analysis And Design ◽

Development Life Cycle ◽

Secure Software ◽

Iso 31000 ◽

Secure Software Development ◽

Software Development Life Cycle

Get full-text (via PubEx)

Evaluation of Engineering Approaches in the Secure Software Development Life Cycle

Engineering Secure Future Internet Services and Systems - Lecture Notes in Computer Science ◽

10.1007/978-3-319-07452-8_10 ◽

2014 ◽

pp. 234-265 ◽

Cited By ~ 2

Author(s):

Marianne Busch ◽

Nora Koch ◽

Martin Wirsing

Keyword(s):

Life Cycle ◽

Software Development ◽

Development Life Cycle ◽

Secure Software ◽

Secure Software Development ◽

Software Development Life Cycle

Get full-text (via PubEx)

A Systematic Review and Catalog of Security Metric during the Secure Software Development Life Cycle

Recent Advances in Electrical & Electronic Engineering (Formerly Recent Patents on Electrical & Electronic Engineering) ◽

10.2174/2352096513999201201121823 ◽

2020 ◽

Vol 13 ◽

Author(s):

Sampada G.C ◽

Tende Ivo Sake ◽

Amrita

Keyword(s):

Systematic Review ◽

Life Cycle ◽

Software Development ◽

Software Security ◽

Security Assessment ◽

Security Metrics ◽

Development Life Cycle ◽

Development Processes ◽

Secure Software Development ◽

Software Development Life Cycle

Background: With the advancement in the field of software development, software poses threats and risks to customers’ data and privacy. Most of these threats are persistent because security is mostly considered as a feature or a non-functional requirement, not taken into account during the software development life cycle (SDLC). Introduction: In order to evaluate the security performance of a software system, it is necessary to integrate the security metrics during the SDLC. The appropriate security metrics adopted for each phase of SDLC aids in defining the security goals and objectives of the software as well as quantify the security in the software. Methods: This paper presents systematic review and catalog of security metrics that can be adopted during the distinguishable phases of SDLC, security metrics for vulnerability and risk assessment reported in the literature for secure development of software. The practices of these metrics enable software security experts to improve the security characteristics of the software being developed. The critical analysis of security metrics of each phase and their comparison are also discussed. Results: Security metrics obtained during the development processes help to improve the confidentiality, integrity, and availability of software. Hence, it is imperative to consider security during the development of the software, which can be done with the use of software security metrics. Conclusion: This paper reviews the various security metrics that are meditated in the copious phases during the progression of the SDLC in order to provide researchers and practitioners with substantial knowledge for adaptation and further security assessment.

Get full-text (via PubEx)

Analysis of Software Development Life Cycle Models

Lecture Notes in Electrical Engineering - Proceeding of the Second International Conference on Microelectronics, Computing & Communication Systems (MCCS 2017) ◽

10.1007/978-981-10-8234-4_55 ◽

2018 ◽

pp. 689-699

Author(s):

Amninder Singh ◽

Puneet Jai Kaur

Keyword(s):

Life Cycle ◽

Software Development ◽

Development Life Cycle ◽

Software Development Life Cycle ◽

Life Cycle Models

Get full-text (via PubEx)