Secure software implies that the process used in its development includes activities to insert, monitor and ensure security from the early stages of the software process. This article proposes the Security Process Framework that aims to facilitate the task of creating secure processes through the reuse of process components developed from security patterns. The components are recovered and prioritized from a repository through multicriteria techniques that consider security requirements and characteristics related to the project context. Software process lines are used to organize the selected components and to assemble the secure software process. Furthermore, a tool called SPro System was developed to support the use of the framework. Case studies were used to verify the applicability of the proposal, which showed that the framework and SPro System) facilitated the tailoring and decreased the time spent in the definition of security processes.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.