Software development initiatives to identify and mitigate security threats: two systematic mapping studies

Paulina Silva, René Noël, Santiago Matalonga, Hernán Astudillo, Diego Gatica, Gastón Marquez

Research output: Contribution to journalArticlepeer-review

26 Downloads (Pure)


Software Security and development experts have addressed the problem of building secure software systems. There are several processes and initiatives to achieve secure software systems. However, most of these lack empirical evidence of its application and impact in building secure software systems. Two systematic mapping studies (SM) have been conducted to cover the existent initiatives for identification and mitigation of security threats. The SMs created were executed in two steps, first in 2015 July, and complemented through a backward snowballing in 2016 July. Integrated results of these two SM studies show a total of 30 relevant sources were identified; 17 different initiatives covering threats identification and 14 covering the mitigation of threats were found. All the initiatives were associated to at least one activity of the Software Development Lifecycle (SDLC); while 6 showed signs of being applied in industrial settings, only 3 initiatives presented experimental evidence of its results through controlled experiments, some of the other selected studies presented case studies or proposals.
Original languageEnglish
Article number5
JournalCLEI Electronic Journal
Issue number3
Publication statusPublished - 1 Dec 2016
Externally publishedYes


  • Software Engineering
  • Secure Software Systems
  • Empirical Software Engineering


Dive into the research topics of 'Software development initiatives to identify and mitigate security threats: two systematic mapping studies'. Together they form a unique fingerprint.

Cite this