Security risks in the software development lifecycle: A review

Abstract

Software security is one of the most critical concerns in modern software development, especially in safety-critical systems whose failure can lead to environmental damage, substantial property, or loss of human lives. In addition, flawed applications have been shown to exhibit unpredictable behavior while software products with numerous vulnerabilities present attack vectors that can be exploited by attackers. To address some of these problems, vulnerability prediction has been deployed for early detection of security risks in the software development lifecycle (SDLC). This can potentially facilitate decision making during the SDLC, resulting in the production of more secure software. Prioritizing security during SDLC permits developers and stakeholders to identify and resolve possible security concerns early on in the process. The aim of this paper is therefore to offer some in-depth review of software systems security issues. In addition, the various measures that have been put in place to mitigate security issues during SDLC are discussed.