scholarly journals An Approach to basic GUI-enabled CI/CD pipeline with Static Analysis tool

2021 ◽  
Vol 23 (06) ◽  
pp. 683-693
Author(s):  
Kiran Kumar H K ◽  
◽  
K Subrahmanya ◽  
Kavana R ◽  
Shwetha Baliga ◽  
...  
Keyword(s):  
Static Analysis ◽  
Best Practice ◽  
Analysis Tool ◽  
Basic Approach ◽  
Development Life Cycle ◽  
Secure Software ◽  
Secure Software Development ◽  
Software Development Life Cycle ◽  
Static Analysis Tool

Automation in the software delivery process is considered best practice in secure Software development life cycle(SDLC) and DevOps Deployment of software occurs multiple times in a week, day or within a span of few minutes. Manual deployment of the code and database which comprises the desired software is not only tedious but also prone to errors. The Continuous Integration and Continuous Deployment (CI/CD) pipeline ensure that the software delivery is done in an efficient and reliable way so that the software is available for use at any instant of time. In this paper, we discuss a basic approach towards the development of a customized CI/CD pipeline with static analysis tool (SAT) integration providing greater reliability to our architecture. SAT is one of the major components of SDLC which checks the codebase for static errors that helps in identifying potential bugs and vulnerabilities. This approach is vital for smaller teams in industries having less bandwidth or in long-term academic projects. We discuss the development of a customized CI/CD pipeline in detail. Finally, a ReactJS based GUI is designed to obtain the pipeline status and SAT results.

scholarly journals Keamanan Sistem Perangkat Lunak dengan Secure Software Development Lifecycle

2021 ◽  
Vol 12 (1) ◽  
pp. 88-101
Author(s):  
Muhammad Rizky Hasan ◽  
Suhermanto Suhermanto ◽  
Suharmanto Suharmanto
Keyword(s):  
Life Cycle ◽  
Software Development ◽  
Development Lifecycle ◽  
Development Life Cycle ◽  
Secure Software ◽  
Software Development Lifecycle ◽  
Secure Software Development ◽  
Software Development Life Cycle

Saat ini, pengembangan perangkat lunak lebih kompleks daripada sebelumnya di mana keamanan menjadi salah satu yang paling krusial. Masalah keamanan menjadi bagian penting untuk developer perangkat lunak.Kebutuhan keamanan dalam pengembangan perangkat lunak menghasilkanpenciptaan yang disebut Secure Software Development Life Cycle (SSDLC). Paper ini menyoroti kerentanan perangkat lunak dan pendekatan untuk mengatasinya. Untuk itu akan dibahas beberapa tool keamanan seperti OWASP dan ISSAF. Tujuannya agar dapat mengetahui sejauh mana tool-tool tersebut meminimalkan kerentanan dalam pengembangan perangkat lunak.

scholarly journals A Survey on Design Methods for Secure Software Development

2017 ◽  
Vol 16 (7) ◽  
pp. 7047-7064 ◽  
Author(s):  
Ola M.Surakhi ◽  
Amjad Hudaib ◽  
Mohammad AlShraideh ◽  
Mohammad Khanafseh
Keyword(s):  
Life Cycle ◽  
Software Development ◽  
Specification Languages ◽  
Software Developer ◽  
Advantages And Disadvantages ◽  
Development Life Cycle ◽  
Secure Software ◽  
Secure Software Development ◽  
Software Development Life Cycle ◽  
Paper List

Software provide services that may come with some vulnerabilities or risks. Attackers perform actions that break security of system through threats and cause a failure. To avoid security vulnerability, there are many security-specific concepts that should be determined as requirements during software development life cycle in order to deliver a strong and secure software. This paper first, survey a number of existing processes, life cycle and methodologies needed for developing secure software based on the related published works. It starts by presenting the most relevant Secure Software Development Lifecycles, a comparison between the main security features for each process is proposed. The results of the comparison will give the software developer with a guideline which will help on selecting the best secure process. Second, the paper list a set of the most widely used specification languages with the advantages and disadvantages for each.

scholarly journals PENETAPAN KONTROL KEAMANAN SISTEM TERPADU UNPAS (SITU) BERDASARKAN KONSEP SECURE SOFTWARE DEVELOPMENT LIFE DAN HASIL UJI PENETRASI

INFOMATEK ◽  
2019 ◽  
Vol 21 (2) ◽  
pp. 97-102
Keyword(s):  
Life Cycle ◽  
Software Development ◽  
Development Life Cycle ◽  
Secure Software ◽  
Secure Software Development ◽  
Software Development Life Cycle

Pemanfaatan teknologi dapat memunculkan usaha mendapatkan keuntungan yang dapat merugikan perorangan ataupun organisasi, fenomena ini juga terjadi pada Sistem Informasi Terpadu UNPAS (SITU), dimana sistem mengalami serangan yang menyebabkan kerugian layanan secara keseluruhan menjadi terganggu, sehingga dibutuhkan sebuah kontrol keamanan yang dapat menunjang kelancaran dari sistem berjalan. Proses penetapan kontrol keamanan yang dibuat mengacu pada konsep Secure Software Development Life Cycle (SSDLC), yang diawali dengan proses analisi hasil uji penetrasi, pemetaan tingkat keamanan berdasarkan konsep management risiko dan dikaitkan dengan kondisi lingkungan sistem, dan yang menjadi parameter penentu kontrol keamanan adalah ancaman dan keandalan dari sistem berjalan berdasarkan hasil dari uji penetrasi pada penelitian sebelumnnya “Penentuan Performansi Sistem Informasi Terpadu Unpas (SITU) melalui Uji Penetrasi.

Sign in / Sign up

Export Citation Format

Share Document