Related papers: An Integrity-Focused Threat Model for Software Dev…
Nowadays, the use of agile software development methods like Scrum is common in industry and academia. Considering the current attacking landscape, it is clear that developing secure software should be a main concern in all software…
In recent years, technology has advanced considerably with the introduction of many systems including advanced robotics, big data analytics, cloud computing, machine learning and many more. The opportunities to exploit the yet to come…
ICS environments are vital to the operation of critical infrastructure such as power grids, water treatment facilities, and manufacturing plants. However, these systems are vulnerable to cyber attacks due to their reliance on interconnected…
Threat modelling is foundational to secure systems engineering and should be done in consideration of the context within which systems operate. On the other hand, the continuous evolution of both the technical sophistication of threats and…
Formal verification and testing are complementary approaches which are used in the development process to verify the functional correctness of software. However, the correctness of software cannot ensure the safe operation of…
Security holds an important role in a software. Most people are not aware of the significance of security in software system and tend to assume that they will be fine without security in their software systems. However, the lack of security…
Driven by the need to coordinate activities of multiple agile development teams cooperating to produce a large software product, software-intensive organizations are turning to scaling agile software development frameworks. Despite the…
Technological advances have enabled multiple countries to consider implementing Smart City Infrastructure to provide in-depth insights into different data points and enhance the lives of citizens. Unfortunately, these new technological…
Software architecture has been a key research area in the software engineering community due to its significant role in creating high quality software. The trend of developing product lines rather than single products has made the software…
Traceability systems have become prevalent in supply chains because of the rapid development of RFID and IoT technologies. These systems facilitate product recall and mitigate problems such as counterfeiting, tampering, and theft by…
Integrating security into agile software development is an open issue for research and practice. Especially in strongly regulated industries, complexity increases not only when scaling agile practices but also when aiming for compliance…
In this research paper of secure software systems, authors have discussed what the proper development process is when it comes to creating a secure software, which will be suited for developers and relevent stakeholders alike. Secure…
In our digital world, access to personal and public data has become an item of concern, with challenging security and privacy aspects. Modern information systems are heterogeneous in nature and have an inherent security vulnerability, which…
Software has the potential to be a key driver in fostering sustainability. Despite this potential, it is not clear if and how the software industry integrates consideration of sustainability into its common software development processes.…
Companies are misled into thinking they solve their security issues by using a DevSecOps system. This paper aims to answer the question: Could a DevOps pipeline be misused to transform a securely developed application into an insecure one?…
The software supply chain comprises a highly complex set of operations, processes, tools, institutions and human factors involved in creating a piece of software. A number of high-profile attacks that exploit a weakness in this complex…
In the recent past, software product line engineering has become one of the most promising practices in software industry with the potential to substantially increase the software development productivity. Software product line engineering…
Traditional cybersecurity methodologies target deterministic systems and fail to address the probabilistic nature of AI, leaving systems vulnerable to attack vectors such as model inversion, data poisoning, and prompt injection. Recent…
As hardware components are becoming cheaper and powerful day by day, the expected services from modern software are increasing like any thing. Developing such software has become extremely challenging. Not only the complexity, but also the…
The rise of large-scale quantum computing poses a significant threat to traditional cryptographic security measures. Quantum attacks undermine current asymmetric cryptographic algorithms, rendering them ineffective. Even symmetric key…