Log In Sign Up

Risk Assessment, Threat Modeling and Security Testing in SDLC

by   Alya Hannah Ahmad Kamal, et al.

The software development process is considered as one of the key guidelines in the creation of said software and this approach is necessary for providing a more efficient yet satisfactory output. Without separation of work into distinct stages, it may lead to many delays and inefficiency of the project process where this disorganization can directly affect the product quality and reliability. Moreover, with this methodology established as the standard for any project, there are bound to be missteps specifically in regard to the involvement of security due to the lack of awareness. Therefore, the aim of this research is to identify and elaborate the findings and understanding of the security integrated into the process of software development as well as the related individual roles in ensuring that this security is maintained. Through thorough analysis and review of literature, an effort has been made through this paper to showcase the correct processes and ways for securing the software development process. At the same time, certain issues that pertain to this subject have been discussed together with proposing appropriate solutions. Furthermore, in depth discussion is carried out regarding methods such as security testing, risk assessment, threat modeling and other techniques that are able to create a more secure environment and systematic approach in a software development process.


page 2

page 6

08/25/2021 Software Security Study

In recent years, the World Economic Forum has identified software securi...

STORE: Security Threat Oriented Requirements Engineering Methodology

As we are continuously depending on information technology applications ...

Semantic Similarity-Based Clustering of Findings From Security Testing Tools

Over the last years, software development in domains with high security ...

Design choices for productive, secure, data-intensive research at scale in the cloud

We present a policy and process framework for secure environments for pr...

An Integrity-Focused Threat Model for Software Development Pipelines

In recent years, there has been a growing concern with software integrit...

An Influence Diagram-Based Approach for Estimating Staff Training in Software Industry

The successful completion of a software development process depends on t...