A Review Paper: Security Requirement Patterns for a Secure Software Development

Yahya, Syazwani; Kamalrudin, Massila; Sidek, Safiah; Jaimun, Munaliza; Yusof, Junaidah; Hua, Ang Kean; Gani, Paran

doi:10.1109/aidas47888.2019.8971014

Cited by 2 publications

(5 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this stage, it is important to monitor responses to flaws and vulnerabilities of the system to check for newly evolved security threats. "After identifying new security risks, the same should be included in the requirement stage for further security improvements in subsequent releases" [67,103]. "Static analysis and peer review are two useful procedures for mitigating or minimizing newly discovered vulnerabilities" [14].…”

Section: Discussionmentioning

confidence: 99%

“…"After the software is deployed into its operational environment, it is important to monitor responses to flaws and vulnerabilities of the system to check for new evolved security patterns" [67,103]. "After identifying new security patterns, the same should bed included in the requirement stage for further security improvements in subsequent releases" [67,103]. "Static analysis and peer review are two useful procedures for mitigating or minimizing newly discovered vulnerabilities" [14].…”

Section: ) Best Practices For Deploying Secure Softwarementioning

confidence: 99%

See 1 more Smart Citation

Systematic Literature Review on Security Risks and its Practices in Secure Software Development

Khan

et al. 2022

IEEE Access

View full text Add to dashboard Cite

Security is one of the most critical aspects of software quality. Software security refers to the process of creating and developing software that assures the integrity, confidentiality, and availability of its code, data, and services. Software development organizations treat security as an afterthought issue, and as a result, they continue to face security threats. Incorporating security at any level of the Software Development Life Cycle (SDLC) has become an urgent requirement. Several methodologies, strategies, and models have been proposed and developed to address software security, but only a few of them give reliable evidence for creating secure software applications. Software security issues, on the other hand, have not been adequately addressed, and integrating security procedures into the SDLC remains a challenge. The major purpose of this paper is to learn about software security risks and practices so that secure software development methods can be better designed. A systematic literature review (SLR) was performed to classify important studies to achieve this goal. Based on the inclusion, exclusion, and quality assessment criteria, a total of 121 studies were chosen. This study identified 154 security risks and 424 best practices that help software development organizations to manage the security in each phase of the SDLC. To pursue secure SDLC, this study prescribed different security activities, which should be followed in each phase of the SDLC. Successful integration of these activities minimizing effort, time, and budget while delivering secure software applications. The findings of this study assist software development organizations in improving the security level of their software products and also enhancing their security efficiency. This will raise the developer's awareness of secure development practices as well.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: ) Best Practices For Deploying Secure Softwarementioning

confidence: 99%

Systematic Literature Review on Security Risks and its Practices in Secure Software Development

Khan

et al. 2022

IEEE Access

View full text Add to dashboard Cite

show abstract

“…The current literature on requirement security has yielded different security risks that might occur if security is not incorporated from the beginning [157]. For instance, some security risks inherent in the requirement phase of SDLC are discussed in [10], [83], [112], [150], [158], [159]. In addition, design flaws have been noted to be one of the most common sources of security threats [160] in software systems [75], [161].…”

Section: The Rising Need For Software Quality and Securitymentioning

confidence: 99%

“…As discussed in [99] and [158], after the software is deployed into its operational environment, it is critical to monitor responses to flaws and vulnerabilities of the system to check for new evolved security patterns. After the identification of new security patterns, the same should be included in the requirement stage for further security improvements in subsequent releases.…”

Section: Approaches To Software Quality and Securitymentioning

confidence: 99%

“…As such, there is need to monitor responses to flaws and vulnerabilities of the system so as to discover newly evolved security threats. After identifying these new security risks, they should be included in the requirement stage for further security improvements in subsequent releases [99], [158]. In this regard, static analysis and peer review are two useful procedures for mitigating or minimizing newly discovered vulnerabilities [29].…”

Section: Research Gaps and Future Research Directionsmentioning

confidence: 99%

See 1 more Smart Citation

An investigation into software quality and security: Past research works and existing gaps

Korir¹

2023

Global J. Eng. Technol. Adv.

View full text Add to dashboard Cite

Software security is concerned with the protection of data, facilities and applications from harm that may be occasioned by malware attacks such as password sniffing, viruses and hijacking. It is a system-wide concept that takes into account both security mechanisms such as access control as well as the design for security, such as a robust design that renders software attack complicated. It may encompass building of secure software, which comprises of the designing of software to be attack-resistant, ensuring that software is error-free, and educating software developers, architects, and users about the building of secure artifacts. In this regard, insecure software negatively affects organization’s reputations with customers, partners, and investors. The goal of this paper is to investigate some of the issues that make the software insecure, as well as the approaches that have been developed to boost software quality and security. The outcomes indicate that various models, techniques, frameworks and approaches to software quality have been developed over the recent past. However, only a few of them give reliable evidence for creating secure software applications.

show abstract

A Review Paper: Security Requirement Patterns for a Secure Software Development

Cited by 2 publications

References 17 publications

Systematic Literature Review on Security Risks and its Practices in Secure Software Development

Systematic Literature Review on Security Risks and its Practices in Secure Software Development

An investigation into software quality and security: Past research works and existing gaps

Contact Info

Product

Resources

About