Integration of Security Modules in Software Development Lifecycle Phases

12/10/2020
by   Isaac Chin Eian, et al.
0

Information protection is becoming a focal point for designing, creating and implementing software applications within highly integrated technology environments. The use of a safe coding technique in the software development process is required by many industrial IT security standards and policies. Despite current cyber protection measures and best practices, vulnerabilities still remain strong and become a huge threat to every developed software. It is crucial to understand the position of secure software development for security management, which is affected by causes such as human security-related factors. Although developers are often held accountable for security vulnerabilities, in reality, many problems often grow from a lack of organizational support during development tasks to handle security. While abstract safe coding guidelines are generally recognized, there are limited low-level secure coding guidelines for various programming languages. A good technique is required to standardize these guidelines for software developers. The goal of this paper is to address this gap by providing software designers and developers with direction by identifying a set of secure software development guidelines. Additionally, an overview of criteria for selection of safe coding guidelines is performed along with investigation of appropriate awareness methods for secure coding.

READ FULL TEXT
research
02/20/2021

Raising Secure Coding Awareness for Software Developers in the Industry

Many industrial IT security standards and policies mandate the usage of ...
research
06/05/2019

Inspection Guidelines to Identify Security Design Flaws

Recent trends in the software development practices (Agile, DevOps, CI) ...
research
05/24/2022

DASP: A Framework for Driving the Adoption of Software Security Practices

Implementing software security practices is a critical concern in modern...
research
11/23/2022

Guidelines for Developing Bots for GitHub

Projects on GitHub rely on the automation provided by software developme...
research
12/20/2020

Software, Attacker and Asset-centric Approach for Improving Security in System Development Process

Secure development process is a procedure taken by developers to ensure ...
research
11/04/2022

Better Call Saltzer & Schroeder: A Retrospective Security Analysis of SolarWinds & Log4j

Saltzer & Schroeder's principles aim to bring security to the design of ...

Please sign up or login with your details

Forgot password? Click here to reset