A systematic review on security metric in secure software development lifecycle

2021 ◽  
pp. 331-336
Author(s):  
G.C. Sampada ◽  
T.I. Sake ◽  
Amrita
Keyword(s):  
Systematic Review ◽  
Software Development ◽  
Development Lifecycle ◽  
Secure Software ◽  
Software Development Lifecycle ◽  
Secure Software Development

scholarly journals Keamanan Sistem Perangkat Lunak dengan Secure Software Development Lifecycle

2021 ◽  
Vol 12 (1) ◽  
pp. 88-101
Author(s):  
Muhammad Rizky Hasan ◽  
Suhermanto Suhermanto ◽  
Suharmanto Suharmanto
Keyword(s):  
Life Cycle ◽  
Software Development ◽  
Development Lifecycle ◽  
Development Life Cycle ◽  
Secure Software ◽  
Software Development Lifecycle ◽  
Secure Software Development ◽  
Software Development Life Cycle

Saat ini, pengembangan perangkat lunak lebih kompleks daripada sebelumnya di mana keamanan menjadi salah satu yang paling krusial. Masalah keamanan menjadi bagian penting untuk developer perangkat lunak.Kebutuhan keamanan dalam pengembangan perangkat lunak menghasilkanpenciptaan yang disebut Secure Software Development Life Cycle (SSDLC). Paper ini menyoroti kerentanan perangkat lunak dan pendekatan untuk mengatasinya. Untuk itu akan dibahas beberapa tool keamanan seperti OWASP dan ISSAF. Tujuannya agar dapat mengetahui sejauh mana tool-tool tersebut meminimalkan kerentanan dalam pengembangan perangkat lunak.

Assimilating and Optimizing Software Assurance in the SDLC

2012 ◽  
pp. 16-34
Author(s):  
Aderemi O. Adeniji ◽  
Seok-Won Lee
Keyword(s):  
Software Development ◽  
Development Lifecycle ◽  
Secure Software ◽  
Software Development Lifecycle ◽  
Software Processes ◽  
Software Lifecycle ◽  
Software Assurance

Software Assurance is the planned and systematic set of activities that ensures software processes and products conform to requirements while standards and procedures in a manner that builds trusted systems and secure software. While absolute security may not yet be possible, procedures and practices exist to promote assurance in the software lifecycle. In this paper, the authors present a framework and step-wise approach towards achieving and optimizing assurance by infusing security knowledge, techniques, and methodologies into each phase of the Software Development Lifecycle (SDLC).

scholarly journals A Secure Software Specification Development Strategy for Enterprises : A Case Study Approach

2021 ◽  
pp. 260-266
Author(s):  
Sifat Ali Sathio ◽  
Isma Farah Siddiqui ◽  
Qasim Ali Arain
Keyword(s):  
Software Development ◽  
Web Application ◽  
Assessment Model ◽  
Case Study Approach ◽  
Software Specification ◽  
Study Approach ◽  
Development Lifecycle ◽  
Secure Software ◽  
Software Development Lifecycle

Although Security is a non-functional requirement, it is a very essential requirement for software systems, to achieve secure software specification development for enterprises we need to find and fix vulnerabilities in the early phase of SDLC. For the successful achievement of secure software specification development in the software enterprise, the security of software application plays a very vital role. During the software development lifecycle, improper security can lead to thoughtful and serious consequences in any enterprise. In this paper, the case study approach is followed regarding the achievement of a secure web application, finding and fixing vulnerabilities in the early software development lifecycle, and applying the re-engineering process on a developed web application using the best security assessment model considering the literature review. Also, validation of the developed application is done with the help of Penetration testing.

scholarly journals Software Development Initiatives to Identify and Mitigate Security Threats - Two Systematic Mapping Studies

2016 ◽  
Author(s):  
Paulina Silva ◽  
René Noël ◽  
Santiago Matalonga ◽  
Hernán Astudillo ◽  
Diego Gatica ◽  
...  
Keyword(s):  
Software Development ◽  
Software Security ◽  
The Other ◽  
Software Systems ◽  
Security Threats ◽  
Controlled Experiments ◽  
Systematic Mapping ◽  
Development Lifecycle ◽  
Secure Software ◽  
Software Development Lifecycle

Software Security and development experts have addressed the problem of building secure software systems. There are several processes and initiatives to achieve secure software systems. However, most of these lack empirical evidence of its application and impact in building secure software systems. Two systematic mapping studies (SM) have been conducted to cover the existent initiatives for identification and mitigation of security threats. The SMs created were executed in two steps, first in 2015 July, and complemented through a backward snowballing in 2016 July. Integrated results of these two SM studies show a total of 30 relevant sources were identified; 17 different initiatives covering threats identification and 14 covering the mitigation of threats were found. All the initiatives were associated to at least one activity of the Software Development Lifecycle (SDLC); while 6 showed signs of being applied in industrial settings, only 3 initiatives presented experimental evidence of its results through controlled experiments, some of the other selected studies presented case studies or proposals.

A Survey on Secure Software Development Lifecycles

2014 ◽  
pp. 17-33
Author(s):  
José Fonseca ◽  
Marco Vieira
Keyword(s):  
Software Development ◽  
Software Security ◽  
Software Products ◽  
Development Lifecycle ◽  
Software Product ◽  
Secure Software ◽  
Secure Software Development ◽  
Software Development Practices ◽  
Complete Solutions ◽  
The Web

This chapter presents a survey on the most relevant software development practices that are used nowadays to build software products for the web, with security built in. It starts by presenting three of the most relevant Secure Software Development Lifecycles, which are complete solutions that can be adopted by development companies: the CLASP, the Microsoft Secure Development Lifecycle, and the Software Security Touchpoints. However it is not always feasible to change ongoing projects or replace the methodology in place. So, this chapter also discusses other relevant initiatives that can be integrated into existing development practices, which can be used to build and maintain safer software products: the OpenSAMM, the BSIMM, the SAFECode, and the Securosis. The main features of these security development proposals are also compared according to their highlights and the goals of the target software product.

Sign in / Sign up

Export Citation Format

Share Document