Abstract
Security is a significant concern in software development. Risks and errors should be reduced and as much as possible eliminated. Especially with how the computer and internet provide numerous technological benefits and are being optimally utilized in the present times, users have high expectations when it comes to secure software products. The development cycle in software design is comprised of a systematic process wherein security risk assessment should be integrated into each phase. In order to ensure quality software with a high level of security, the best practices in risk management should be implemented from the beginning and should be performed throughout the process. While developing highly secure software is a complex task, therefore, it must involve more dedicated security activities that are usually ignored in traditional SDLC. In this paper, the nature and phases of secure software development will be discussed as well as the security risk assessment models and practices involved in it. This will provide software developers, programmers, or engineers the awareness on secure software development cycle which will allow them to plan efficient strategies and enhance their performance, thus, resulting in quality and reliable output. In addition, we present a qualitative study looking at real-life practice employed towards software security risk. We reflect on how well current risk practices follow best practice, identify pitfalls, and explore why these occur & mitigate.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
