Software development initiatives to identify and mitigate security threats: two systematic mapping studies

Paulina Silva, René Noël, Santiago Matalonga, Hernán Astudillo, Diego Gatica, Gastón Marquez

Research output: Contribution to journalArticle

12 Downloads (Pure)

Abstract

Software Security and development experts have addressed the problem of building secure software systems. There are several processes and initiatives to achieve secure software systems. However, most of these lack empirical evidence of its application and impact in building secure software systems. Two systematic mapping studies (SM) have been conducted to cover the existent initiatives for identification and mitigation of security threats. The SMs created were executed in two steps, first in 2015 July, and complemented through a backward snowballing in 2016 July. Integrated results of these two SM studies show a total of 30 relevant sources were identified; 17 different initiatives covering threats identification and 14 covering the mitigation of threats were found. All the initiatives were associated to at least one activity of the Software Development Lifecycle (SDLC); while 6 showed signs of being applied in industrial settings, only 3 initiatives presented experimental evidence of its results through controlled experiments, some of the other selected studies presented case studies or proposals.
Original languageEnglish
Article number5
JournalCLEI Electronic Journal
Volume19
Issue number3
DOIs
Publication statusPublished - 1 Dec 2016
Externally publishedYes

Keywords

  • Software Engineering
  • Secure Software Systems
  • Empirical Software Engineering

Fingerprint Dive into the research topics of 'Software development initiatives to identify and mitigate security threats: two systematic mapping studies'. Together they form a unique fingerprint.

  • Research Output

    Software development initiatives to identify and mitigate security threats: a systematic mapping

    Silva, P., Noël, R., Gallego, M., Matalonga, S. & Astudillo, H., 27 Apr 2016.

    Research output: Contribution to conferencePaper

    Open Access
    File

    Cite this