Abstract
Building secure software systems requires the intersection between two engineering disciplines, software engineering and security engineering. There is a lack of a defined security mechanism for each of the software development phases, which affects the quality of the software system intensively. In this paper, the authors are proposing a framework to consider the security aspects in all the phases of the software development process from the requirements until the deployment of the software product, with three additional phases that are important to automatically produce a secure system. The framework is developed after analyzing the existing models for secure system development. The key elements of the framework are the addition of the phases like physical, training, and auditing, where they improve the level of security in software engineering projects. The authors found so a solution for the replacement of the knowledge of the security engineer through the construction of an intelligent knowledge-based system, which provides the software developer with the security rules needed in each phase of the software development lifecycle and it improves the awareness of the software developer about the security-related issues in each phase of the software development lifecycle. The framework and the expert system are tested on a variety of software projects, where a significant improvement of security in each phase of the software development process is achieved.
Highlights
Software-intensive systems are a major factor in many business areas
In the (WB-SES-SEP) one could select each phase of the 8 phases of the proposed framework, where one could begin with each phase, or the user could add new security rules to the knowledgebased system of each phase
The researchers proposed a new framework for secure software development using a knowledge-based system, where the modeling of security activity rules on each phase of the software development process using the general process activities of the software engineering process in done
Summary
There is an increasing need for such software systems that could help us in the daily life. These software systems must fulfil certain requirements. There are many stages in a software development process, the requirement definition, system design, systems implementation, and other stages In all these different important stages security must be considered and developed in each stage and for each stage. Building secure software is a process in which software security is considered in all phases of a software engineering life cycle [3, 16]. The focus will be on the security activities at each phase of software development, and the authors will present a Knowledge-Based Expert System for Supporting Security in Software Engineering Projects.
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call