The unified software development process
The unified software development process
Extreme programming explained: embrace change
Extreme programming explained: embrace change
Building secure software: how to avoid security problems the right way
Building secure software: how to avoid security problems the right way
Writing Secure Code
Software Security: Building Security In
Software Security: Building Security In
SP 800-27 Rev. A. Engineering Principles for Information Technology Security (A Baseline for Achieving Security), Revision A
Analysis of Secure Mobile Grid Systems: A systematic approach
Information and Software Technology
An automatic approach to aid process integration within a secure software processes family
ICSP'10 Proceedings of the 2010 international conference on New modeling concepts for today's software processes: software process
Orchestrating security and system engineering for evolving systems
ServiceWave'11 Proceedings of the 4th European conference on Towards a service-based internet
A Tool Support for Secure Software Integration
International Journal of Secure Software Engineering
OSDC: adapting ODC for developing more secure software
Proceedings of the 28th Annual ACM Symposium on Applied Computing
| Hi-index | 0.00 |
Development processes for software construction are common knowledge and mainstream practice in most development organizations. Unfortunately, these processes offer little support in order to meet security requirements. Over the years, research efforts have been invested in specific methodologies and techniques for secure software engineering, yet dedicated processes have been proposed only recently. In this paper, three high-profile processes for the development of secure software, namely OWASP's CLASP, Microsoft's SDL and McGraw's Touchpoints, are evaluated and compared in detail. The paper identifies the commonalities, discusses the specificity of each approach, and proposes suggestions for improvement.