Related papers: SecuRe -- An Approach to Recommending Security Des…
Designing secure information infrastructure is a function of design and usability. However, security is seldom given priority when systems are being developed. Secure design practices should balance between functionality (i.e., proper…
Security patterns are a means to encapsulate and communicate proven security solutions. They are well-established approaches for introducing security into the software development process. Our objective is to explore the research efforts on…
Recommender systems are a valuable tool for software engineers. For example, they can provide developers with a ranked list of files likely to contain a bug, or multiple auto-complete suggestions for a given method stub. However, the way…
This paper proposes Architectural Pattern Recommender (APR) system which helps in such architecture selection process. Main contribution of this work is in replacing the manual effort required to identify and analyse relevant architectural…
The task of designing secure software systems is fraught with uncertainty, as data on uncommon attacks is limited, costs are difficult to estimate, and technology and tools are continually changing. Consequently, experts may interpret the…
In the last decade, a lot of effort has been put into securing software application during development in the software industry. Software security is a research field in this area which looks at how security can be weaved into software at…
Context: Software architecture is a knowledge-intensive field. One mechanism for storing architecture knowledge is the recognition and description of architectural patterns. Selecting architectural patterns is a challenging task for…
The specification, design, and assurance of safety encompasses various concepts and best practices, subject of reuse in form of patterns. This work summarizes applied research on such concepts and practices with a focus on the last two…
In this research paper of secure software systems, authors have discussed what the proper development process is when it comes to creating a secure software, which will be suited for developers and relevent stakeholders alike. Secure…
Security risk assessment is essential in establishing the trustworthiness and reliability of modern systems. While various security risk assessment approaches exist, prevalent applications are "pen and paper" implementations that -- even if…
Software security is of utmost importance for most software systems. Developers must systematically select, plan, design, implement, and especially, maintain and evolve security features -- functionalities to mitigate attacks or protect…
Software needs to be secure, in particular, when deployed to critical infrastructures. Secure coding guidelines capture practices in industrial software engineering to ensure the security of code. This study aims to assess the level of…
Nowadays, the use of agile software development methods like Scrum is common in industry and academia. Considering the current attacking landscape, it is clear that developing secure software should be a main concern in all software…
Software security requirements have been traditionally considered as a non-functional attribute of the software. However, as more software started to provide services online, existing mechanisms of using firewalls and other hardware to…
This paper systematizes knowledge about secure software supply chain patterns. It identifies four stages of a software supply chain attack and proposes three security properties crucial for a secured supply chain: transparency, validity,…
Many industrial IT security standards and policies mandate the usage of a secure coding methodology in the software development process. This implies two different aspects: first, secure coding must be based on a set of secure coding…
Context: To effectively defend against ever-evolving cybersecurity threats, software systems should be made as secure as possible. To achieve this, software developers should understand potential vulnerabilities and apply secure coding…
Often, security is considered in an advanced stage of the implementation of a system, rather than integrating it into the system design. This leads to less secure systems, as the security mechanisms are only applied as an afterthought and…
Security engineering in the software lifecycle aims at protecting information and systems to guarantee confidentiality, integrity, and availability. As security engineering matures and the number of research papers grows, there is an…
Security holds an important role in a software. Most people are not aware of the significance of security in software system and tend to assume that they will be fine without security in their software systems. However, the lack of security…