Publication | Closed Access
Security by Design in Software Engineering
20
Citations
3
References
2019
Year
Software MaintenanceEngineeringInformation SecuritySoftware EngineeringSource Code AnalysisSoftware AnalysisFormal VerificationHardware SecuritySecurity ModellingAutomated Software EngineeringContinuous Security InspectionDesignSecure By DesignStatic Program AnalysisSoftware DesignData SecuritySecurity Testing MethodSoftware SecuritySoftware DevelopmentProgram AnalysisSoftware TestingSecurity
Security is a non-functional requirement difficult-to-handle during software development. However, it appears to be common in software engineering, that security is taken care of during the design- and test-phase only. If security is neglected during the implementation phase, flaws will be introduced. Those may be - if at all - found during testing where the cost-to-fix is higher as if found during the implementation phase. Hence, this research proposal suggests to investigate the extent to which code analysis tools can be used as a step towards continuous security inspection in software engineering projects. By automating security testing in development flaws can be found as soon as they are introduced. This could greatly reduce the cost to fix flaws and help building more secure software.
| Year | Citations | |
|---|---|---|
Page 1
Page 1