Abstract
Security is a significant concern in software development. Risks and errors should be reduced and as much as possible eliminated. Especially with how the computer and internet provide numerous technological benefits and are being optimally utilized in the present times, users have high expectations when it comes to secure software products. The development cycle in software design is comprised of a systematic process wherein security risk assessment should be integrated into each phase. In order to ensure quality software with a high level of security, the best practices in risk management should be implemented from the beginning and should be performed throughout the process. While developing highly secure software is a complex task, therefore, it must involve more dedicated security activities that are usually ignored in traditional SDLC. In this paper, the nature and phases of secure software development will be discussed as well as the security risk assessment models and practices involved in it. This will provide software developers, programmers, or engineers the awareness on secure software development cycle which will allow them to plan efficient strategies and enhance their performance, thus, resulting in quality and reliable output. In addition, we present a qualitative study looking at real-life practice employed towards software security risk. We reflect on how well current risk practices follow best practice, identify pitfalls, and explore why these occur & mitigate.
Publisher
Blue Eyes Intelligence Engineering and Sciences Engineering and Sciences Publication - BEIESP
Subject
Management of Technology and Innovation,General Engineering
Cited by
10 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献