Securing Software Systems - A Survey

10.36227/techrxiv.12319598.v1 ◽

2020 ◽

Author(s):

Yong Weixiong ◽

Kohei Dozono ◽

Robin Lee ◽

Alvin Kon Soon Seng ◽

Fatima tuz Zahra

Keyword(s):

Development Process ◽

User Behavior ◽

Development Stage ◽

Security And Privacy ◽

Software Systems ◽

Privacy Concerns ◽

Policy Awareness ◽

Secure Software ◽

Different Types ◽

Development Processes

This paper aims to discuss the standard guidelines of the development process of secure software and will give justification on different types and ways of the software development processes. Additionally, a survey is conducted, the aim of which is to observe user behavior towards software system usage, user attitude in terms of privacy and policy awareness, security and privacy concerns. This is followed by discussion on how to secure software systems in development stage.

Understanding SDLC using CI/CD pipeline

International Journal of Soft Computing and Engineering - Regular Issue ◽

10.35940/ijsce.f3405.059620 ◽

2020 ◽

Vol 9 (6) ◽

pp. 22-25

Keyword(s):

Development Process ◽

Software Systems ◽

High Quality ◽

Continuous Integration ◽

Software Products ◽

Development Life Cycle ◽

Development Processes ◽

Recent Addition ◽

Software Development Life Cycle ◽

Feedback Time

Development of complex and quality software necessitates the use of a development model, so that the development process is efficient, reliable and faster. Software development life cycle (SDLC) is a well-defined and wellorganized process used to plan, develop, deploy and maintain high quality software systems. DevOps is one recent addition to SDLC that ensures that the development and operations team collaborate to accelerate the deployment and delivery of higher quality software products. This paper throws a light on how development processes are accelerated using DevOps tactics like continuous integration and deployment (CI/CD) pipelines. however, there are several factors that prevent the organizations from using these approaches. Discovering the evolution of DevOps and its continuous practices, gives a thorough understanding of the importance of the DevOps culture. Manual deployment and testing increase the feedback time of a commit operation. The paper discusses various tools available in the DevOps community that can be used to automate various stages of continuous integration and deployment pipeline, so that the feedback time is reduced.

Security and Privacy Requirements for the Internet of Things

ACM Transactions on Internet of Things ◽

10.1145/3437537 ◽

2021 ◽

Vol 2 (1) ◽

pp. 1-37

Author(s):

Nada Alhirabi ◽

Omer Rana ◽

Charith Perera

Keyword(s):

Software Engineering ◽

Internet Of Things ◽

Development Process ◽

Security And Privacy ◽

Functional Requirements ◽

Application Development ◽

Privacy Requirements ◽

Iot Applications ◽

Different Types ◽

Software And Hardware

The design and development process for internet of things (IoT) applications is more complicated than that for desktop, mobile, or web applications. First, IoT applications require both software and hardware to work together across many different types of nodes with different capabilities under different conditions. Second, IoT application development involves different types of software engineers such as desktop, web, embedded, and mobile to work together. Furthermore, non-software engineering personnel such as business analysts are also involved in the design process. In addition to the complexity of having multiple software engineering specialists cooperating to merge different hardware and software components together, the development process requires different software and hardware stacks to be integrated together (e.g., different stacks from different companies such as Microsoft Azure and IBM Bluemix). Due to the above complexities, non-functional requirements (such as security and privacy, which are highly important in the context of the IoT) tend to be ignored or treated as though they are less important in the IoT application development process. This article reviews techniques, methods, and tools to support security and privacy requirements in existing non-IoT application designs, enabling their use and integration into IoT applications. This article primarily focuses on design notations, models, and languages that facilitate capturing non-functional requirements (i.e., security and privacy). Our goal is not only to analyse, compare, and consolidate the empirical research but also to appreciate their findings and discuss their applicability for the IoT.

Towards Building Secure Software Systems

10.28945/2957 ◽

2006 ◽

Author(s):

Adesina Simon Sodiya ◽

Sadia Adebukola Onashoga ◽

Olutayo Bamidele Ajayi

Keyword(s):

Development Process ◽

Software Security ◽

Software Systems ◽

Security Breaches ◽

Software Products ◽

Secure Software ◽

Secure Software Development ◽

Software Development Model ◽

Day To Day Operations ◽

Design Defects

Software security breaches are now very extremely common and a larger percentage is caused by software design defects. Since individuals and organizations now completely depend on software systems for their day-to-day operations, it is then important to produce secure software products. This paper discusses the problems of producing secure software products and provides a model for improving software security. The model - Secure Software Development Model (SSDM), is unified model that integrates security engineering with software engineering so as to ensure effective production of secure software products. Supporting structure in form of laws is also presented to guide developers throughout the development process. We then present our experience that validates the model.

DASHBOARDS FOR INPUT-EVALUATION OF POLICY PROGRAMS: LESSONS LEARNED FROM AN ANTWERP DASHBOARD FOR GARDEN STREETS

ISPRS Annals of Photogrammetry Remote Sensing and Spatial Information Sciences ◽

10.5194/isprs-annals-vi-4-w2-2020-173-2020 ◽

2020 ◽

Vol VI-4/W2-2020 ◽

pp. 173-179

Author(s):

J. Vannieuwenhuyze

Keyword(s):

Performance Indicators ◽

Development Process ◽

Subjective Evaluation ◽

Evaluation Research ◽

Lessons Learned ◽

Data Driven ◽

Policy Makers ◽

Different Types ◽

Development Processes ◽

The City

Abstract. There is an ever-growing trend to pursue policies based on evidence-based and data-driven program evaluation research. In order to facilitate such evaluation research, electronic dashboards are increasingly used for translating sources of big and unstructured data into low-level summary visualizations understandable by layman policy-makers. In this paper, we report on the dashboard development process for an input-evaluation of new garden streets in the city of Antwerp. During this process, different lessons were learned. First, developers should start from a clearly defined policy question and analysis units in order to optimize the development process. Second, different types of key performance indicators exist, which should also be well-defined in advance so that appropriate data can be collected. Third, a dashboard should not be restricted to purely objective data-analyses but may also include features that facilitate subjective evaluation guided by assumptions and believes of the dashboard-user. These lessons helped us to make the dashboard requirements of Antwerp more concrete. Likewise, they may help other policy supporting dashboard developers to optimize their development processes.

A model of the analysis of the dynamics and structure of socio-economic development (an example of the set of the largest Polish cities in the years 1998–2015)

Urban Development Issues ◽

10.2478/udi-2019-0014 ◽

2019 ◽

Vol 63 (1) ◽

pp. 25-37

Author(s):

Lidia Mierzejewska ◽

Jerzy Parysek

Keyword(s):

Principal Component Analysis ◽

Economic Development ◽

Development Process ◽

Principal Component ◽

The State ◽

Geographical Research ◽

Development Policies ◽

Socio Economic Development ◽

Development Processes ◽

State Of Affairs

Abstract The complexity of the reality studied by geographical research requires applying such methods which allow describing the state of affairs and ongoing changes in the best possible way. This study aims to present a model of research on selected aspects of the dynamics and structure of socio-economic development. The idea was to determine whether we deal with the process of reducing or widening the differences in terms of individual features. The article primarily pursues a methodological goal, and to a lesser extent an empirical one. The methodological objective of the paper was to propose and verify a multi-aspect approach to the study of development processes. The analyses carried out reveal that in terms of the features taken into account in the set of 24 of the largest Polish cities the dominating processes are those increasing differences between cities, which are unfavourable in the context of the adopted development policies aiming at reducing the existing disparities. In relation to the methodological objective, the results of the conducted research confirm the rationale of the application of the measures of dynamics and the feature variance to determine the character (dynamics and structure) of the socio-economic development process of cities. Comparatively less effective, especially for interpretation, is the application of principal component analysis and a multivariate classification, which is mainly the result of differences in the variance of particular features.

Assessing Users’ Privacy and Security Concerns of Smart Home Technologies

i-com ◽

10.1515/icom-2019-0015 ◽

2019 ◽

Vol 18 (3) ◽

pp. 197-216 ◽

Cited By ~ 1

Author(s):

Verena Zimmermann ◽

Paul Gerber ◽

Karola Marky ◽

Leon Böck ◽

Florian Kirchbuchner

Keyword(s):

Smart Home ◽

Elderly Care ◽

Security And Privacy ◽

Structured Interviews ◽

Privacy And Security ◽

Privacy Concerns ◽

Private Lives ◽

Societal Level ◽

Home Users

AbstractSmart Home technologies have the potential to increase the quality of life, home security and facilitate elderly care. Therefore, they require access to a plethora of data about the users’ homes and private lives. Resulting security and privacy concerns form a relevant barrier to adopting this promising technology. Aiming to support end users’ informed decision-making through addressing the concerns we first conducted semi-structured interviews with 42 potential and little-experienced Smart Home users. Their diverse concerns were clustered into four themes that center around attacks on Smart Home data and devices, the perceived loss of control, the trade-off between functionality and security, and user-centric concerns as compared to concerns on a societal level. Second, we discuss measures to address the four themes from an interdisciplinary perspective. The paper concludes with recommendations for addressing user concerns and for supporting developers in designing user-centered Smart Home technologies.

Governance challenges of mobility platforms: the case of Merwede, Utrecht

European Transport Research Review ◽

10.1186/s12544-021-00483-5 ◽

2021 ◽

Vol 13 (1) ◽

Author(s):

Martijn van den Hurk ◽

Peter Pelzer ◽

Rianne Riemens

Keyword(s):

Decision Making ◽

The Netherlands ◽

Development Process ◽

Organizational Structures ◽

Development Stage ◽

Competing Interests ◽

Governance Challenges ◽

Decision Making Processes ◽

Instructive Case ◽

Empirical Illustration

Abstract Background Merwede is an envisioned neighbourhood in Utrecht (the Netherlands) that provides an instructive case to learn about the governance challenges of digital mobility platforms. Unique about Merwede is how the development of a mobility platform is envisioned to be integrated into the development of a new neighbourhood. Methodology This article discusses the case of Merwede and provides insights into its proposed mobility platform and how it is made. It illuminates governance challenges relevant to the design and operation of an unconventional mobility concept by disentangling outstanding practical issues concerning three key governance dimensions—organizational structures, decision-making processes, and instruments. Results The research provides an empirical illustration of governance questions that come up when mobility becomes a service and is integrated into the urban fabric from the very beginning of a development process. Already in the plan development stage, Merwede illustrates that difficult decisions are to be made and competing interests come to the fore.

La introducción del anglicismo berry/berries en el español de Chile: historia, proceso integrativo y consecuencias semánticas

Zeitschrift für romanische Philologie (ZrP) ◽

10.1515/zrp-2020-0040 ◽

2020 ◽

Vol 136 (3) ◽

pp. 789-832

Author(s):

Carsten Sinner ◽

Constanza Gerding Salas

Keyword(s):

Mixed Methods Research ◽

Development Process ◽

Cultural Relevance ◽

Market Model ◽

Open Market ◽

Different Types ◽

Chilean Spanish ◽

Innovation Mechanism ◽

English Loanword

AbstractLexical innovation is a continuous creative phenomenon which evinces language vitality. In today’s Spanish, borrowing words from other languages is a fruitful innovation mechanism. In Chilean Spanish, a significant portion of lexical neology comes from English loanwords, a fact that may be attributed in part to the global, open-market model upon which the country bases its economy. In this context and because of its linguistic and cultural relevance, we established the development process of the English loanword berry/berries in Chilean Spanish. To this end, this paper presents an analysis of the sociohistorical background that gave rise to the introduction of this Anglicism in Chile. This mixed-methods research includes the analysis of texts, interviews, surveys and field study. A contrastive lexicographic description of berry and its equivalents in Spanish is provided, the role of different types of speakers —from experts to laypeople— is analyzed in relation to the incorporation of this neologism in Chilean Spanish, the occurrence of different existing denominations is examined, some neologicity indicators are analyzed, possible combinations of berry/berries with other elements are classified, and the evolution of this Anglicism in Chilean Spanish use is confirmed.

Learning during developing and implementing new bank offerings

International Journal of Bank Marketing ◽

10.1108/02652320510577366 ◽

2005 ◽

Vol 23 (1) ◽

pp. 54-72 ◽

Cited By ~ 7

Author(s):

Eric Stevens ◽

Sergios Dimitriadis

Keyword(s):

Learning Strategies ◽

Qualitative Methodology ◽

Development Process ◽

Development Project ◽

Longitudinal Case Study ◽

Learning Mechanisms ◽

Content Type ◽

Development Processes ◽

Informal Development

PurposeKnowledge of the management issues for developing new bank offerings efficiently is limited. Furthermore, recent research suggests that organisational learning can contribute greatly to the success of innovation projects. The aims of this paper are to provide a detailed description of the development process of a new financial product and to identify learning actions that may contribute to its effectiveness.Design/methodology/approachReports findings from a qualitative, longitudinal case study of a well‐known French bank.FindingsThe results revealed an informal development process consisting of a sequence of issues to solve and decisions to make.Research limitations/implicationsThough observations fit with the theoretical model, the findings cannot be generalized due to the use of a qualitative methodology. Thus, selecting a development project that brings variance to the scope and degree of innovativeness could enrich the observed learning mechanisms. Second, as services are very heterogeneous, further research should be done on the development processes of different new services, for example standardised versus customised. Third, mechanisms of adoption or avoidance of learning procedures remain to be explored extensively. Understanding the reasons of choice and adoption of learning strategies according to the environment and nature of the project could lead to further managerial recommendations.Practical implicationsImplications for banks to encourage learning during innovation are discussed and several opportunities for further research are suggested.Originality/valueAn informal development process is revealed, consisting of a sequence of issues to solve and decisions to make. Multiple learning actions and strategies are identified that enhance process effectiveness and efficiency.