Secure Global Software Development: A Practitioners’ Perspective-Reference-Cited by-同舟云学术

Secure Global Software Development: A Practitioners’ Perspective

Published:2023-02-14 Issue:4 Volume:13 Page:2465
ISSN:2076-3417
Container-title:Applied Sciences
language:en
Short-container-title:Applied Sciences

Author:

Humayun Mamoona¹^ORCID,Niazi Mahmood²³^ORCID,Assiri Mohammed⁴⁵^ORCID,Haoues Mariem⁵

Affiliation:

1. Department of Information Systems, College of Computer and Information Sciences, Jouf University, Sakaka 72388, Saudi Arabia

2. Department of Information and Computer Science, King Fahd University of Petroleum and Minerals, Dhahran 31261, Saudi Arabia

3. Interdisciplinary Research Centre for Intelligent Secure Systems, King Fahd University of Petroleum and Minerals, Dhahran 31261, Saudi Arabia

4. Department of Computer Science, College of Sciences and Humanities-Aflaj, Prince Sattam bin Abdulaziz University, Al-Kharjj 16278, Saudi Arabia

5. Department of Software Engineering, College of Computer Engineering and Sciences, Prince Sattam bin Abdulaziz University, Al-Kharj 16278, Saudi Arabia

Abstract

Global software development (GSD) is rapidly becoming standard practice in the software industry due to its many potential benefits. However, one of the biggest challenges in GSD projects is to explicitly include security in the different phases of the global software development life cycle (GSDLC). To make GSD projects secure and successful, it is necessary to identify secure software development (SSD) practices vital to GSD project success. This article aims to identify SSD practices critical for GSD projects. To do this, we selected 36 security practices vital to the security of non-GSD projects from existing scientific and grey literature on software security. From the identified security practices, we shortlisted the security practices which are critical for GSD projects based on practitioners’ opinions using an online survey. Fifty-four GSD practitioners participated in this survey. Participants who evaluated these practices were asked to score each SSD practice on a four-point scale to indicate its relevance to GSD projects. The results obtained from the survey uncovered critical SSD practices that are primarily applicable to GSD projects. Our findings reveal variations of opinion among GSD practitioners with varying experience and company size regarding the importance of selected security practices for GSD. According to study findings, 16/36 practices are critical for GSD projects. These identified security practices belong to various phases of GSDLC.

Funder

Prince Sattam bin Abdulaziz University

Publisher

MDPI AG

Subject

Fluid Flow and Transfer Processes,Computer Science Applications,Process Chemistry and Technology,General Engineering,Instrumentation,General Materials Science

Link

https://www.mdpi.com/2076-3417/13/4/2465/pdf

Reference45 articles.

1. Global software development governance: Challenges and solutions;Manjavacas;J. Softw. Evol. Process,2020

2. On the risks and safeguards for requirements engineering in global software development: Systematic literature review and quantitative assessment;Nicolas;IEEE Access,2018

3. Exploring the relationship between GSD, knowledge management, trust and collaboration;Humayun;J. Eng. Sci. Technol.,2019

4. Success factors during requirements implementation in global software development: A systematic literature review;Yaseen;Int. J. Comput. Sci. Softw. Eng.,2019

5. Gupta, R.K., Venkatachalapathy, M., and Jeberla, F.K. (2019, January 25–26). Challenges in adopting continuous delivery and DevOps in a globally distributed product team: A case study of a healthcare organization. Proceedings of the 2019 ACM/IEEE 14th International Conference on Global Software Engineering (ICGSE), Montreal, QC, Canada.

Cited by 6 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Secure software design evaluation and decision making model for ubiquitous computing: A two-stage ANN-Fuzzy AHP approach;Computers in Human Behavior;2024-04

2. Analysis of Strategies for the Integration of Security Practices in Agile Software Development: A Sustainable SME Approach;IEEE Access;2024

3. A Comprehensive Analysis of Trust, Privacy, and Security Measures in the Digital Age;2023 5th IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA);2023-11-01

4. Security Requirements Assurance: An Assurance Case Perspective;2023 IEEE 8th International Conference On Software Engineering and Computer Systems (ICSECS);2023-08-25

5. A Hybrid Approach Using Survey and Ism Analysis for Security Coding Risks and Best Practices for Gsd Enterprises;2023