Show simple item record

AuthorKhan, Rafiq Ahmad
AuthorKhan, Siffat Ullah
AuthorKhan, Habib Ullah
AuthorIlyas, Muhammad
Available date2022-12-26T11:11:49Z
Publication Date2022-01-05
Publication NameIEEE Access
Identifierhttp://dx.doi.org/10.1109/ACCESS.2022.3140181
CitationKhan, R. A., Khan, S. U., Khan, H. U., & Ilyas, M. (2022). Systematic Literature Review on Security Risks and its Practices in Secure Software Development. IEEE Access.
ISSN2169-3536
URIhttps://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85122573397&origin=inward
URIhttp://hdl.handle.net/10576/37600
AbstractSecurity is one of the most critical aspects of software quality. Software security refers to the process of creating and developing software that assures the integrity, confidentiality, and availability of its code, data, and services. Software development organizations treat security as an afterthought issue, and as a result, they continue to face security threats. Incorporating security at any level of the Software Development Life Cycle (SDLC) has become an urgent requirement. Several methodologies, strategies, and models have been proposed and developed to address software security, but only a few of them give reliable evidence for creating secure software applications. Software security issues, on the other hand, have not been adequately addressed, and integrating security procedures into the SDLC remains a challenge. The major purpose of this paper is to learn about software security risks and practices so that secure software development methods can be better designed. A systematic literature review (SLR) was performed to classify important studies to achieve this goal. Based on the inclusion, exclusion, and quality assessment criteria, a total of 121 studies were chosen. This study identified 145 security risks and 424 best practices that help software development organizations to manage the security in each phase of the SDLC. To pursue secure SDLC, this study prescribed different security activities, which should be followed in each phase of the SDLC. Successful integration of these activities minimizing effort, time, and budget while delivering secure software applications. The findings of this study assist software development organizations in improving the security level of their software products and also enhancing their security efficiency. This will raise the developer's awareness of secure development practices as well.
Languageen
PublisherIEEE
SubjectSDLC
secure software development
secure software engineering
security risks and practices
Software security
systematic literature review
TitleSystematic Literature Review on Security Risks and its Practices in Secure Software Development
TypeArticle
Pagination5456-5481
Volume Number10
dc.accessType Open Access


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record