Risk Assessment, Threat Modeling and Security Testing in SDLC
December 14, 2020 Β· Declared Dead Β· π arXiv.org
"No code URL or promise found in abstract"
Evidence collected by the PWNC Scanner
Authors
Alya Hannah Ahmad Kamal, Caryn Chuah Yi Yen, Gan Jia Hui, Pang Sze Ling, Fatima-tuz-Zahra
arXiv ID
2012.07226
Category
cs.SE: Software Engineering
Citations
11
Venue
arXiv.org
Last Checked
4 months ago
Abstract
The software development process is considered as one of the key guidelines in the creation of said software and this approach is necessary for providing a more efficient yet satisfactory output. Without separation of work into distinct stages, it may lead to many delays and inefficiency of the project process where this disorganization can directly affect the product quality and reliability. Moreover, with this methodology established as the standard for any project, there are bound to be missteps specifically in regard to the involvement of security due to the lack of awareness. Therefore, the aim of this research is to identify and elaborate the findings and understanding of the security integrated into the process of software development as well as the related individual roles in ensuring that this security is maintained. Through thorough analysis and review of literature, an effort has been made through this paper to showcase the correct processes and ways for securing the software development process. At the same time, certain issues that pertain to this subject have been discussed together with proposing appropriate solutions. Furthermore, in depth discussion is carried out regarding methods such as security testing, risk assessment, threat modeling and other techniques that are able to create a more secure environment and systematic approach in a software development process.
Community Contributions
Found the code? Know the venue? Think something is wrong? Let us know!
π Similar Papers
In the same crypt β Software Engineering
R.I.P.
π»
Ghosted
R.I.P.
π»
Ghosted
Microservices: yesterday, today, and tomorrow
π
π
The Cartographer
A Survey of Machine Learning for Big Code and Naturalness
R.I.P.
π»
Ghosted
An Overview on Smart Contracts: Challenges, Advances and Platforms
R.I.P.
π»
Ghosted
Slither: A Static Analysis Framework For Smart Contracts
R.I.P.
π»
Ghosted
ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection
Died the same way β π» Ghosted
R.I.P.
π»
Ghosted
Federated Learning: Strategies for Improving Communication Efficiency
R.I.P.
π»
Ghosted
In-Datacenter Performance Analysis of a Tensor Processing Unit
R.I.P.
π»
Ghosted
Deep Convolutional Neural Networks for Computer-Aided Detection: CNN Architectures, Dataset Characteristics and Transfer Learning
R.I.P.
π»
Ghosted