Adherence to Secure Software Development Lifecycle

被引：0

作者：

Omar, Alaa' ^{[1
]}

Alsadeh, Ahmad ^{[2
]}

Nawahdah, Mamoun ^{[3
]}

机构：

[1] Birzeit Univ, Software Engn, Almarj Str 1, Birzeit, Palestine

[2] Birzeit Univ, Elect & Comp Engn, Almarj Str 1, Birzeit, Palestine

[3] Birzeit Univ, Comp Sci, Almarj Str 1, Birzeit, Palestine

来源：

PROCEEDINGS OF THE 17TH INTERNATIONAL CONFERENCE ON SOFTWARE TECHNOLOGIES (ICSOFT) | 2022年

关键词：

Secure Software Development; Software Security Engineering; Software Security Principles;

D O I：

10.5220/0011263700003266

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

Security in software development lifecycle (SDL) is a comprehensive development process for detecting, preventing security defects, and responding to the exploits. In this study, we investigate to what extent the software security principles are adopted in the Palestinian IT sector. Thus, we conducted an online self-administered questionnaire that targeted the Palestinian IT sector on a random sample of participants. The results revealed that most of the security practices are not fully applied by the surveyed enterprises. We found that the security background, company domain, budget, and timeline are influential factors that affect the adoption of security principles during the SDL. In addition, we found that software security is often neglected by most developers, although they are willing to comply with security principles when needed.

引用

页码：410 / 417

页数：8

共 50 条

[1] Adaption of Integrated Secure Guide for Secure Software Development Lifecycle
Lee, Ki-Hyun
Park, Young B.
INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS, 2016, 10 (06): : 145 - 154
[2] CryptSDLC: Embedding Cryptographic Engineering into Secure Software Development Lifecycle
Loruenser, Thomas
Poehls, Henrich C.
Sell, Leon
Laenger, Thomas
13TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY (ARES 2018), 2019,
[3] Synthesizing secure software development activities for linear and agile lifecycle models
Alenezi, Mamdouh
Basit, Hamid Abdul
Beg, Maham Anwar
Shaukat, Muhammad Saad
SOFTWARE-PRACTICE & EXPERIENCE, 2022, 52 (06): : 1426 - 1453
[4] Towards a Secure Software Lifecycle for Autonomous Vehicles
Moukahal, Lama J.
Zulkernine, Mohammad
Soukup, Martin
2021 IEEE INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING WORKSHOPS (ISSREW 2021), 2021, : 371 - 377
[5] Security in the Software Development Lifecycle
Assal, Hala
Chiasson, Sonia
PROCEEDINGS OF THE FOURTEENTH SYMPOSIUM ON USABLE PRIVACY AND SECURITY, 2018, : 281 - 296
[6] A progressive software development lifecycle
Turpin, R
SECOND IEEE INTERNATIONAL CONFERENCE ON ENGINEERING OF COMPLEX COMPUTER SYSTEMS: HELD JOINTLY WITH 6TH CSESAW, 4TH IEEE RTAW, AND SES'96, 1996, : 208 - 211
[7] Model-driven Secure Development Lifecycle
Ma, Zhendong
Wagner, Christian
Bonitz, Arndt
Bleier, Thomas
Woitsch, Robert
Nichterl, Markus
INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS, 2012, 6 (02): : 443 - 448
[8] Generative AI in the Software Development Lifecycle
Bannon, Tracy
Laplante, Phil
COMPUTER, 2024, 57 (12) : 27 - 34
[9] Threat analysis in the software development lifecycle
Whitmore, J.
Tuerpe, S.
Triller, S.
Poller, A.
Carlson, C.
IBM JOURNAL OF RESEARCH AND DEVELOPMENT, 2014, 58 (01)
[10] Quantum software engineering and quantum software development lifecycle: a survey
Dwivedi, Kanishk
Haghparast, Majid
Mikkonen, Tommi
CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS, 2024, 27 (06): : 7127 - 7145

← 1 2 3 4 5 →