Systematic Mapping Study on Security Approaches in Secure Software Engineering
Abstract
In the modern digital era, software systems are extensively adapted and have become an integral component of human society. Such wide use of software systems consists of large and more critical data that inevitably needs to be secured. It is imperative to make sure that these software systems not only satisfy the users' needs or functional requirements, but it is equally important to make sure the security of these software systems. However, recent research shows that many software development methods do not explicitly include software security measures during software development as they move from demand engineering to their final losses. Integrating software security at each stage of the software development life cycle (SDLC) has become an urgent need. Tackling software security, various methods, techniques, and models have been suggested and developed, however, only a few of them provide strong evidence for building secure software applications. The main purpose of this research is to study security measures in the context of the development of secure software (SSD) during the study of systematic mapping (SMS). Based on the inclusion and exclusion criteria, 116 studies were selected. After the data extraction from the selected 116 papers, these were classified based on the quality assessment, software security method, SDLC phases, publication venue, and SWOT analysis. The results indicate that this domain is still immature and sufficient research work needs to be carried out particularly on empirically evaluated solutions.
Collections
- Accounting & Information Systems [520 items ]
Related items
Showing items related by title, author, creator and subject.
-
Systematic Literature Review on Security Risks and its Practices in Secure Software Development
Khan, Rafiq Ahmad; Khan, Siffat Ullah; Khan, Habib Ullah; Ilyas, Muhammad ( IEEE , 2022 , Article)Security is one of the most critical aspects of software quality. Software security refers to the process of creating and developing software that assures the integrity, confidentiality, and availability of its code, data, ... -
Software-defined networking security: Pros and cons
Dabbagh, Mehiar; Hamdaoui, Bechir; Guizani, Mohsen; Rayes, Ammar ( Institute of Electrical and Electronics Engineers Inc. , 2015 , Article)Software-defined networking (SDN) is a new networking paradigm that decouples the forwarding and control planes, traditionally coupled with one another, while adopting a logically centralized architecture aiming to increase ... -
Security-oriented service composition and evolution
Khan, K.M.; Kowalczyk, R.; Jun, Han ( IEEE , 2006 , Conference Paper)This paper introduces a framework for security-oriented software service composition and evolution. Key building blocks of the framework are a semantic model for specifying the security objectives and properties at the ...