Software development initiatives to identify and mitigate security threats-A systematic mapping. Matalonga, S., Noël, R., Astudillo, H., Gallego, M. D., & Silva, P. In pages 257-270, 2016. abstract bibtex The effective building of secure software systems has been addressed by security experts and software development experts through several techniques for identifing and mitigating security threats. Many techniques had been theoretically developed, however, for most of these proposals there is few empirical evidence of its application in building secure software systems. A systematic mapping has been conducted to cover the existent technologies for identification and mitigation of security threats. A total of 10 different techniques covering threats identification and 8 covering the mitigation of threats were found. All the initiatives were integrated to at least one activity of the Software Development Lifecycle (SDLC), while 7 show signs of being adopted in the industry. The mapping found only 15 studies that covered 11 different iniatiatives. Only two techniques presented scientific evidence of its results through controlled experiments, while others selected studies presented informal case studies or examples.
@inproceedings{84988316945,
abstract = "The effective building of secure software systems has been addressed by security experts and software development experts through several techniques for identifing and mitigating security threats. Many techniques had been theoretically developed, however, for most of these proposals there is few empirical evidence of its application in building secure software systems. A systematic mapping has been conducted to cover the existent technologies for identification and mitigation of security threats. A total of 10 different techniques covering threats identification and 8 covering the mitigation of threats were found. All the initiatives were integrated to at least one activity of the Software Development Lifecycle (SDLC), while 7 show signs of being adopted in the industry. The mapping found only 15 studies that covered 11 different iniatiatives. Only two techniques presented scientific evidence of its results through controlled experiments, while others selected studies presented informal case studies or examples.",
year = "2016",
title = "Software development initiatives to identify and mitigate security threats-A systematic mapping",
keywords = "Architectural tactics , Secure software development , Security patterns , Security threats , Systematic mapping",
pages = "257-270",
journal = "CIBSE 2016 - XIX Ibero-American Conference on Software Engineering",
author = "Matalonga, Santiago and Noël, René and Astudillo, Hernán and Gallego, Mauricio D. and Silva, Paulina"
}