Security Risks in the Software Development Lifecycle
Mamdouh Alenezi1, Sadiq Almuairfi2
1Mamdoh Alenezi, College of Computer and Information Science, Prince Sultan University, Riyadh, Saudi Arabia.
2Sadiq Almuairfi, Information Technology Center, Prince Sultan University, Riyadh, Saudi Arabia.
Manuscript received on 09 August 2019. | Revised Manuscript received on 17 August 2019. | Manuscript published on 30 September 2019. | PP: 7048-7055 | Volume-8 Issue-3 September 2019 | Retrieval Number: C5374098319/2019©BEIESP | DOI: 10.35940/ijrte.C5374.098319
Open Access | Ethics and Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Security is a significant concern in software development. Risks and errors should be reduced and as much as possible eliminated. Especially with how the computer and internet provide numerous technological benefits and are being optimally utilized in the present times, users have high expectations when it comes to secure software products. The development cycle in software design is comprised of a systematic process wherein security risk assessment should be integrated into each phase. In order to ensure quality software with a high level of security, the best practices in risk management should be implemented from the beginning and should be performed throughout the process. While developing highly secure software is a complex task, therefore, it must involve more dedicated security activities that are usually ignored in traditional SDLC. In this paper, the nature and phases of secure software development will be discussed as well as the security risk assessment models and practices involved in it. This will provide software developers, programmers, or engineers the awareness on secure software development cycle which will allow them to plan efficient strategies and enhance their performance, thus, resulting in quality and reliable output. In addition, we present a qualitative study looking at real-life practice employed towards software security risk. We reflect on how well current risk practices follow best practice, identify pitfalls, and explore why these occur & mitigate.
Keywords: Risk Management, Security, Software Development Cycle, Software Engineering.
Scope of the Article: Simulation Optimization and Risk Management