Challenges of a project-based learning approach towards requirement engineering
SEPADS'11 Proceedings of the 10th WSEAS international conference on Software engineering, parallel and distributed systems
Building components with embedded security monitors
Proceedings of the joint ACM SIGSOFT conference -- QoSA and ACM SIGSOFT symposium -- ISARCS on Quality of software architectures -- QoSA and architecting critical systems -- ISARCS
| Hi-index | 0.00 |
To avoid security vulnerabilities, there are many secure software development efforts in the directions of secure software development life cycle processes, security specification languages, and security requirements engineering processes. In this paper, we compare and contrast various secure software development processes based on a number of characteristics that such processes should have. We also analyze security specification languages with respect to desirable properties of such languages. Furthermore, we identify activities that should be performed in a security requirements engineering process to derive comprehensive security requirements. We compare different security requirements engineering processes based on these activities. Our analysis shows that many of the secure software requirements engineering methods lack some of the desired properties. The comparative study presented in this paper will provide guidelines to software developers for selecting specific methods that will fulfill their needs in building secure software applications.