research-article

Understanding Software Security from Design to Deployment

Authors:

Mehdi Mirakhorli,

Matthias Galster,

Laurie WilliamsAuthors Info & Claims

ACM SIGSOFT Software Engineering Notes, Volume 45, Issue 2

Pages 25 - 26

https://doi.org/10.1145/3385678.3385687

Published: 03 May 2020 Publication History

Get Access

Abstract

Analyzing, implementing and maintaining security requirements of software-intensive systems and achieving truly secure software requires planning for security from ground up, and continuously assuring that security is maintained across the software's lifecycle and even after deployment when software evolves. Given the increasing complexity of software systems, new application domains, dynamic and often critical operating conditions, the distributed nature of many software systems, and fast moving markets which put pressure on software vendors, building secure systems from ground up becomes even more challenging. Security-related issues have previously been targeted in software engineering sub-communities and venues. In the second edition of the International Workshop on Security from Design to Deployment (SEAD) at the International Conference on Automated Software Engineering (ASE) 2020, we aimed to bring the research and practitioner communities of requirements engineers, security experts, architects, developers, and testers together to identify foundations, and challenges, and to formulate solutions related to automating the analysis, design, implementation, testing, and maintenance of secure software systems.

References

[1]

J. Santos et al., "Understanding Software Vulnerabilities Related to Architectural Security Tactics: An Empirical Investigation of Chromium, PHP and Thunderbird", IEEE International Conference on Software Architecture (ICSA) 2017.

Crossref

Google Scholar

[2]

J. Santos et al., "A Catalog of Security Architecture Weaknesses", IEEE International Conference on Software Architecture Workshops (ICSAW) 2017.

Google Scholar

Cited By

View all

Maksymovych MMychuda L(2024)ROLE, PROBLEMS, AND METHODS OF SOFTWARE SECURITY TESTING AUTOMATIONComputer systems and network10.23939/csn2024.02.1316:2(131-141)Online publication date: Dec-2024
https://doi.org/10.23939/csn2024.02.131
Carrillo-de-Gea JEbert CHosni MVizcaíno ANicolás JFernández-Alemán J(2024)Tools for Requirements EngineeringIEEE Software10.1109/MS.2024.338546641:4(30-37)Online publication date: 4-Jun-2024
https://dl.acm.org/doi/10.1109/MS.2024.3385466
Almufareh MHumayun M(2023)Improving the Safety and Security of Software Systems by Mediating SAP VerificationApplied Sciences10.3390/app1301064713:1(647)Online publication date: 3-Jan-2023
https://doi.org/10.3390/app13010647
Show More Cited By

Index Terms

Understanding Software Security from Design to Deployment

Index terms have been assigned to the content through auto-classification.

Recommendations

Security Engineering Approach to Support Software Security
SERVICES '10: Proceedings of the 2010 6th World Congress on Services

As information security and privacy become increasingly important to organizations, the demand grows for software development processes that assure information integrity, availability, and confidentiality. Unfortunately, despite the investments made in ...
Building Security In: Preparing for a Software Security Career

Carnegie Mellon University's Software Engineering Institute (SEI) has developed a set of software assurance curriculum guidance documents, which provides a foundation for preparing a software security workforce. This article describes the SEI Software ...
An Analyzer-Based Software Security Measurement Model for Enhancing Software System Security
WCSE '10: Proceedings of the 2010 Second World Congress on Software Engineering - Volume 01

Software security has become an increasingly important issue for computer and software system. Secure holes of software system may cause a company out of business and even destroy social normal operation. How to improve software security becomes a ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGSOFT Software Engineering Notes

ACM SIGSOFT Software Engineering Notes Volume 45, Issue 2

April 2020

25 pages

ISSN:0163-5948

DOI:10.1145/3385678

Editor:
Dietmar Pfahl

Issue’s Table of Contents

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 May 2020

Published in SIGSOFT Volume 45, Issue 2

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
530
Total Downloads

Downloads (Last 12 months)50
Downloads (Last 6 weeks)1

Reflects downloads up to 01 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Maksymovych MMychuda L(2024)ROLE, PROBLEMS, AND METHODS OF SOFTWARE SECURITY TESTING AUTOMATIONComputer systems and network10.23939/csn2024.02.1316:2(131-141)Online publication date: Dec-2024
https://doi.org/10.23939/csn2024.02.131
Carrillo-de-Gea JEbert CHosni MVizcaíno ANicolás JFernández-Alemán J(2024)Tools for Requirements EngineeringIEEE Software10.1109/MS.2024.338546641:4(30-37)Online publication date: 4-Jun-2024
https://dl.acm.org/doi/10.1109/MS.2024.3385466
Almufareh MHumayun M(2023)Improving the Safety and Security of Software Systems by Mediating SAP VerificationApplied Sciences10.3390/app1301064713:1(647)Online publication date: 3-Jan-2023
https://doi.org/10.3390/app13010647
Peldszus SBürger JJürjens J(2023)UMLsecRT: Reactive Security Monitoring of Java Applications With Round-Trip EngineeringIEEE Transactions on Software Engineering10.1109/TSE.2023.332636650:1(16-47)Online publication date: 23-Oct-2023
https://dl.acm.org/doi/10.1109/TSE.2023.3326366
Wan BXu CMahapatra RSelvaraj P(2022)Understanding the Cyber-Physical System in International Stadiums for Security in the Network from Cyber-Attacks and Adversaries using AIWireless Personal Communications: An International Journal10.1007/s11277-021-08573-2127:2(1207-1224)Online publication date: 1-Nov-2022
https://dl.acm.org/doi/10.1007/s11277-021-08573-2
Zheng WZhang MTang HCai YChen XWu XAbdallah Semasaba A(2021)Automatically Identifying Bug Reports with Tactical Vulnerabilities by Deep Feature Learning2021 IEEE 32nd International Symposium on Software Reliability Engineering (ISSRE)10.1109/ISSRE52982.2021.00043(333-344)Online publication date: Oct-2021
https://doi.org/10.1109/ISSRE52982.2021.00043
Garn BSebastian Lang DLeithner MRichard Kuhn DKacker RSimos D(2021)Combinatorially XSSing Web Application Firewalls2021 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW)10.1109/ICSTW52544.2021.00026(85-94)Online publication date: Apr-2021
https://doi.org/10.1109/ICSTW52544.2021.00026
Braz LFregnan EÇalikli GBacchelli A(2021)Why Don't Developers Detect Improper Input Validation?'Proceedings of the 43rd International Conference on Software Engineering10.1109/ICSE43902.2021.00054(499-511)Online publication date: 22-May-2021
https://dl.acm.org/doi/10.1109/ICSE43902.2021.00054

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Security Engineering Approach to Support Software Security

Building Security In: Preparing for a Software Security Career

An Analyzer-Based Software Security Measurement Model for Enhancing Software System Security

Comments

Information

Published In

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations