Process patterns: building large-scale systems using object technology
Process patterns: building large-scale systems using object technology
Product families and process families
ISPW '96 Proceedings of the 10th International Software Process Workshop
Adopting a Software Security Improvement Program
IEEE Security and Privacy
Process Patterns for Software Systems In-house Integration and Merge Experiences from Industry
EUROMICRO '05 Proceedings of the 31st EUROMICRO Conference on Software Engineering and Advanced Applications
Software Security: Building Security In
Software Security: Building Security In
Extending XP practices to support security requirements engineering
Proceedings of the 2006 international workshop on Software engineering for secure systems
The Security Development Lifecycle
The Security Development Lifecycle
Design of a Process for Software Security
ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
A Process Pattern Language for Agile Methods
APSEC '07 Proceedings of the 14th Asia-Pacific Software Engineering Conference
On the secure software development process: CLASP, SDL and Touchpoints compared
Information and Software Technology
Representing process variation with a process family
ICSP'07 Proceedings of the 2007 international conference on Software process
Hi-index | 0.00 |
Defining secure processes is an important means for assuring software security. A wealth of dedicated secure processes has emerged in these years. These processes are similar to some extent, while differ from one another in detail. Conceptually, they can be further regarded as a so called "Process Family". In order to integrate practices from different family members, and further improve efficiency and effectiveness compared to using a single process, in this paper we propose an automatic approach to implement the integration of the three forefront secure processes, namely, CLASP, SDL and Touchpoints. Moreover, we select a module from an e-government project in China, and conduct an exploratory experiment to compare our approach with cases when one single secure process is employed. The empirical result confirms the positive effects of our approach.