Abstract
Software Security and development experts have addressed the problem of building secure software systems. There are several processes and initiatives to achieve secure software systems. However, most of these lack empirical evidence of its application and impact in building secure software systems. Two systematic mapping studies (SM) have been conducted to cover the existent initiatives for identification and mitigation of security threats. The SMs created were executed in two steps, first in 2015 July, and complemented through a backward snowballing in 2016 July. Integrated results of these two SM studies show a total of 30 relevant sources were identified; 17 different initiatives covering threats identification and 14 covering the mitigation of threats were found. All the initiatives were associated to at least one activity of the Software Development Lifecycle (SDLC); while 6 showed signs of being applied in industrial settings, only 3 initiatives presented experimental evidence of its results through controlled experiments, some of the other selected studies presented case studies or proposals.
Highlights
Security is a topic of interest in Information Technologies nowadays, and is considered a Quality Attribute of a System by software engineering (ISO 25010)
The Study Type selected consists of articles related to secure software development, and articles selected by the Inclusion Criteria (Table 3)
4.1 Results from main systematic mapping The trial was done on 27-07-15 according to all the previous sections, the results obtained are presented in table 4
Summary
Security is a topic of interest in Information Technologies nowadays, and is considered a Quality Attribute of a System by software engineering (ISO 25010) From this point of view, several initiatives, such as techniques, methodologies, methods and tools, have been proposed in order to add architectural and design decisions throughout the Software Development Life Cycle (SDLC) [1]. The rest of the paper goes as follows: Section 2 presents the related work, reporting previous work of authors in software security design studies, relevant systematic mapping studies that support our approach to answer our research questions, and some proposals of techniques, methods and tools that initially guided our search.
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call