Litcius/Paper detail

Security risks in the software development lifecycle: A review

David Odera, Martin Otieno, Jairus Ekume Ounza

2023World Journal of Advanced Engineering Technology and Sciences12 citationsDOIOpen Access PDF

Abstract

Software security is one of the most critical concerns in modern software development, especially in safety-critical systems whose failure can lead to environmental damage, substantial property, or loss of human lives. In addition, flawed applications have been shown to exhibit unpredictable behavior while software products with numerous vulnerabilities present attack vectors that can be exploited by attackers. To address some of these problems, vulnerability prediction has been deployed for early detection of security risks in the software development lifecycle (SDLC). This can potentially facilitate decision making during the SDLC, resulting in the production of more secure software. Prioritizing security during SDLC permits developers and stakeholders to identify and resolve possible security concerns early on in the process. The aim of this paper is therefore to offer some in-depth review of software systems security issues. In addition, the various measures that have been put in place to mitigate security issues during SDLC are discussed.

Topics & Concepts

Systems development life cycleVulnerability (computing)Computer securityComputer scienceSoftware security assuranceRisk analysis (engineering)Security bugSecure codingSoftware development processSoftware developmentSecurity testingVulnerability managementSecurity information and event managementSoftwareInformation securityBusinessVulnerability assessmentSecurity serviceCloud computing securityPsychological resiliencePsychotherapistOperating systemProgramming languageCloud computingPsychologySoftware Reliability and Analysis ResearchSoftware Engineering ResearchInformation and Cyber Security