English
Related papers

Related papers: Software Security Mapping Framework: Operationaliz…

200 papers

The increasing frequency and sophistication of software supply chain attacks pose severe risks to critical infrastructure sectors, threatening national security, economic stability, and public safety. Despite growing awareness, existing…

Software Engineering · Computer Science 2025-10-31 Liming Dong , Sung Une Lee , Zhenchang Xing , Muhammad Ejaz Ahmed , Stefan Avgoustakis

[Background] The rapidly changing business environments in which many companies operate is challenging traditional Requirements Engineering (RE) approaches. This gave rise to agile approaches for RE. Security, at the same time, is an…

Software Engineering · Computer Science 2018-06-06 H. Villamizar , M. Kalinowski , M. Viana , D. Méndez Fernández

With the increasing adoption of Continuous Integration and Continuous Deployment pipelines, securing software supply chains has become a critical challenge for modern DevOps teams. This study addresses these challenges by applying a…

Software Engineering · Computer Science 2025-06-10 Sowmiya Dhandapani

Context: To effectively defend against ever-evolving cybersecurity threats, software systems should be made as secure as possible. To achieve this, software developers should understand potential vulnerabilities and apply secure coding…

Programming Languages · Computer Science 2024-07-11 Alina Torbunova , Adnan Ashraf , Ivan Porres

Software supply chain attacks have increased exponentially since 2020. The primary attack vectors for supply chain attacks are through: (1) software components; (2) the build infrastructure; and (3) humans (a.k.a software practitioners).…

Cryptography and Security · Computer Science 2025-09-11 Laurie Williams , Sammy Migues

Software containers are widely adopted for developing and deploying software applications. Despite their popularity, major security concerns arise during container development and deployment. Software Engineering (SE) research literature…

Software Engineering · Computer Science 2025-12-16 Maha Sroor , Teerath Das , Rahul Mohanani , Tommi Mikkonen

Security engineering in the software lifecycle aims at protecting information and systems to guarantee confidentiality, integrity, and availability. As security engineering matures and the number of research papers grows, there is an…

Software Engineering · Computer Science 2018-01-23 Michael Felderer , Jeffrey C. Carver

Security patterns are a means to encapsulate and communicate proven security solutions. They are well-established approaches for introducing security into the software development process. Our objective is to explore the research efforts on…

Software Engineering · Computer Science 2018-12-03 Abbas Javan Jafari , Abbas Rasoolzadegan

Information protection is becoming a focal point for designing, creating and implementing software applications within highly integrated technology environments. The use of a safe coding technique in the software development process is…

Software Engineering · Computer Science 2020-12-11 Isaac Chin Eian , Lim Ka Yong , Majesty Yeap Xiao Li , Noor Affan Bin Noor Hasmaddi , Fatima-tuz-Zahra

Context: Successfully addressing stakeholder concerns that are related to software system development and operation is crucial to achieving development goals. The importance of using a systematic approach to addressing these concerns…

Software Engineering · Computer Science 2023-02-14 Sandun Dasanayake , Jouni Markkula , Markku Oivo

Lack of security expertise among software practitioners is a problem with many implications. First, there is a deficit of security professionals to meet current needs. Additionally, even practitioners who do not plan to work in security may…

Software Engineering · Computer Science 2021-03-10 Sarah Elder , Nusrat Zahan , Val Kozarev , Rui Shu , Tim Menzies , Laurie Williams

Security must be considered in almost every software system. Unfortunately, selecting and implementing security features remains challenging due to the variety of security threats and possible countermeasures. While security standards are…

Implementing software security practices is a critical concern in modern software development. Industry practitioners, security tool providers, and researchers have provided standard security guidelines and sophisticated security…

Software Engineering · Computer Science 2022-05-26 Enrique Larios-Vargas , Omar Elazhary , Soroush Yousefi , Derek Lowlind , Michael L. W. Vliek , Margaret-Anne Storey

Software supply chain frameworks, such as the US NIST Secure Software Development Framework (SSDF), detail what tasks software development organizations are recommended or mandated to adopt to reduce security risk. However, to further…

Software Engineering · Computer Science 2025-07-24 Sivana Hamer , Jacob Bowen , Md Nazmul Haque , Robert Hines , Chris Madden , Laurie Williams

The rapid integration of Large Language Models (LLMs) across diverse sectors has marked a transformative era, showcasing remarkable capabilities in text generation and problem-solving tasks. However, this technological advancement is…

Cryptography and Security · Computer Science 2024-03-21 Rahul Pankajakshan , Sumitra Biswal , Yuvaraj Govindarajulu , Gilad Gressel

Software development projects management is a complex endeavor because it requires dealing with numerous unforeseen events that constantly arise along the way and that go against the expectations that had been established at the beginning.…

Software Engineering · Computer Science 2022-09-27 Fernando Pinciroli

The Proactive Software Supply Chain Risk Management Framework (P SSCRM) described in this document is designed to help you understand and plan a secure software supply chain risk management initiative. P SSCRM was created through a process…

Cryptography and Security · Computer Science 2025-05-16 Laurie Williams , Sammy Migues , Jamie Boote , Ben Hutchison

Software security visualization is an interdisciplinary field that combines the technical complexity of cybersecurity, including threat intelligence and compliance monitoring, with visual analytics, transforming complex security data into…

Software Engineering · Computer Science 2025-09-26 Ishara Devendra , Chaman Wijesiriwardana , Prasad Wimalaratne

System-Theoretic Process Analysis (STPA) is a recommended method for analysing complex systems, capable of identifying thousands of safety requirements often missed by traditional techniques such as Failure Mode and Effects Analysis (FMEA)…

Software Engineering · Computer Science 2025-08-26 Shufeng Chen , Halima El Badaoui , Mariat James Elizebeth , Takuya Nakashima , Siddartha Khastgir , Paul Jennings

The delivery of a framework in place for secure application development is of real value for application development teams to integrate security into their development life cycle, especially when a mobile or web application moves past the…

Cryptography and Security · Computer Science 2020-07-07 Jinfeng Li
‹ Prev 1 2 3 10 Next ›