Towards Evaluation of Security Assurance during the Software Development Lifecycle
2009
It is difficult to state whether a certain software productis developed securely enough. An evaluation methodology that takes the security assurance methods used during the software development lifecycle into account is one step closer to a solution to this problem. In this paper we discuss our first heuristics for security assurance evaluation that would give guidelines on the trustworthiness of the software development lifecycle. The input for evaluations include the context, expert opinions, outcome of the methods and reputation. Our evaluation heuristics are a step towards being able to deduce about the level of assurance for a software process, compared to a certain context-specific baseline.
Keywords:
- Data mining
- Software metric
- Package development process
- Systems engineering
- Backporting
- Software verification and validation
- Software quality analyst
- Software security assurance
- Software development
- Computer science
- Application lifecycle management
- Software development process
- Computer security
- Software engineering
- Correction
- Source
- Cite
- Save
- Machine Reading By IdeaReader
8
References
3
Citations
NaN
KQI