Phases Of Software Development Life Cycle Research Articles

A neuro-fuzzy security risk assessment system for software development life cycle

This study aims to protect software development by creating a Software Risk Assessment (SRA) model for each phase of the Software Development Life Cycle (SDLC) using an Adaptive Neuro-Fuzzy Inference System (ANFIS) model. Software developers discovered and validated the risk variables affecting each SDLC phase, following which relevant data about risk factors and associated SRA for each SDLC phase were collected. To create the SRA model for SDLC phases, risk factors were used as inputs, and SRA was used as an output. The formulated model was simulated using 70 % and 80 % of the data for training, while 30 % and 20 % were used for testing the model. The performance of the SRA models using the test datasets was evaluated based on accuracy. According to the study findings, many risk variables were discovered and confirmed for the requirement, design, implementation, integration, and operation phases of SDLC 11, 8, 9, 4, and 6, respectively. The SRA model was formulated using the risk factors using 2048, 256, 512, 16, and 64 inference rules for the requirement, design, implementation, integration, and operation phases, respectively. The study concluded that using the SRA model to assess security risk at each SDLC phase provided a secured software development process.

Analyst’s Perception on the Use of AI-based Tools in the Software Development Life Cycle

Artificial Intelligence (AI) integration has been the goal in many industries, including in the software development industry. One example of this integration comes in the form of integrating AI in the Software Development Lifecycle (SDLC). To date, the difficulties of incorporating AI-based tools into particular phases of SDLC have not received much attention in research. Using qualitative approach, this study aims to discover the perception on the use of AI-based tools and challenges in integrating them in the analysis phase of SDLC. The study finds out that analyst have positive perception about integrating this technology in their field of work but there are some challenges while integrating this technology such as data security and reliability concern, dependency, and adapting to this technology. This study also discovers some key factors of why some analysts adopt or refuse this technology namely time, urgency, budget, and insecurities of the users.

Generative AI in Responsible Conversational Agent Integration: Guidelines for Service Managers

Responsible integration of conversational agents (CAs) like chatbots is crucial for service firms to mitigate risks and foster positive outcomes. This article provides managerial guidelines through a Corporate Digital Responsibility (CDR) lens, focusing on CDR Culture, Management Structure, and Digital Governance across the service firm, software provider, and customers/society. It examines how organizational sensemaking processes of creation, interpretation, and enactment are triggered by CA-related issues and events. The research highlights the role of generative AI (GenAI) in implementing CDR factors and responsible CA software development lifecycle phases during development and integration. Guidelines are provided for leveraging GenAI to enhance CDR Culture, incorporate ethical considerations into CDR Management Structure, and enable robust Digital Governance mechanisms to prioritize customer/societal well-being. A multilevel framework illustrates reinforcing the guidelines through organizational sensemaking processes, and fostering responsible CA integration aligned with ethical principles and societal values.

Mitigating Software Vulnerabilities through Secure Software Development with a Policy-Driven Waterfall Model

For the past few years, software security has become a pressing issue that needs to be addressed during software development. In practice, software security is considered after the deployment of software rather than considered as an initial requirement. This delayed action leads to security vulnerabilities that can be catered for during the early stages of the software development life cycle (SDLC). To safeguard a software product from security vulnerabilities, security must be given equal importance with functional requirements during all phases of SDLC. In this paper, we propose a policy-driven waterfall model (PDWM) for secure software development describing key points related to security aspects in the software development process. The security requirements are the security policies that are considered during all phases of waterfall-based SDLC. A framework of PDWM is presented and applied to the e-travel scenario to ascertain its effectiveness. This scenario is a case of small to medium-sized software development project. The results of case study show that PDWM can identify 33% more security vulnerabilities as compared to other secure software development techniques.

Sustainability-centric integration software requirements validation

Software Development Life Cycle (SDLC) is enriched with different phases. Requirement Analysis is predominant in designing and developing the software application with proper functionality and to produce expected outcome. The client expects the great deal of functionality and ease of use application and outstanding performance from the application developed. If the application is appropriately demonstrating the outcome what the client expected the requirements have to be gathered once again and re do the application until the client satisfaction. Understanding the client specific requirements from the users’ point of view and smooth running of the operations with proper integration between the modules of the application. The requirements from the client would be vague and taken in the user’s perception. The requirements taken from the client’s user requirements should be integrated with realistic expectations and plan according to the project schedule for each stage of SDLC. The requirement gathering technique should replicate the software requirement engineering with proper integration oriented methods. So that the project development will be completed without facing the challenges and issues arise in the different stages of SDLC. This research is proposing the integration oriented scrutiny on the software requirement engineering mechanism in the requirement analysis phase of SDLC.

Genetic Programming in Software Engineering: A Systematic Literature Review

Software Engineering is present in all the Software Development Life Cycle phases, implying a systematic and disciplined development process. Nowadays, there are optimization problems within the phases and activities of Software Engineering, problems in which a Genetic Programming (GP) approach can give better results due to its representation of individuals. This Systematic Literature Review aims to analyze the current state of the application of GP in Software Engineering by collecting the phases and activities of software development where Genetic Programming has been used and summarizing the advantages of using this technique. The results show that GP has been used in every phase of software development, although mainly in the construction phase. In addition, a promising area is Program Synthesis, which substantially impacts new fields such as Genetic Improvement.

Nurses' Roles in mHealth App Development: Scoping Review.

Although mobile health (mHealth) apps for both health consumers and health care providers are increasingly common, their implementation is frequently unsuccessful when there is a misalignment between the needs of the user and the app's functionality. Nurses are well positioned to help address this challenge. However, nurses' engagement in mHealth app development remains unclear. This scoping review aims to determine the extent of the evidence of the role of nurses in app development, delineate developmental phases in which nurses are involved, and to characterize the type of mHealth apps nurses are involved in developing. We conducted a scoping review following the 6-stage methodology. We searched 14 databases to identify publications on the role of nurses in mHealth app development and hand searched the reference lists of relevant publications. Two independent researchers performed all screening and data extraction, and a third reviewer resolved any discrepancies. Data were synthesized and grouped by the Software Development Life Cycle phase, and the app functionality was described using the IMS Institute for Healthcare Informatics functionality scoring system. The screening process resulted in 157 publications being included in our analysis. Nurses were involved in mHealth app development across all stages of the Software Development Life Cycle but most frequently participated in design and prototyping, requirements gathering, and testing. Nurses most often played the role of evaluators, followed by subject matter experts. Nurses infrequently participated in software development or planning, and participation as patient advocates, research experts, or nurse informaticists was rare. Although nurses were represented throughout the preimplementation development process, nurses' involvement was concentrated in specific phases and roles.

Framework for the Automation of SDLC Phases using Artificial Intelligence and Machine Learning Techniques

Software Engineering acts as a foundation stone for any software that is being built. It provides a common road-map for construction of software from any domain. Not following a well-defined Software Development Model have led to the failure of many software projects in the past. Agile is the Software Development Life Cycle (SDLC) Model that is widely used in practice in the IT industries to develop software on various technologies such as Big Data, Machine Learning, Artificial Intelligence, Deep learning. The focus on Software Engineering side in the recent years has been on trying to automate the various phases of SDLC namely- Requirements Analysis, Design, Coding, Testing and Operations and Maintenance. Incorporating latest trending technologies such as Machine Learning and Artificial Intelligence into various phases of SDLC, could facilitate for better execution of each of these phases. This in turn helps to cut-down costs, save time, improve the efficiency and reduce the manual effort required for each of these phases. The aim of this paper is to present a framework for the application of various Artificial Intelligence and Machine Learning techniques in the different phases of SDLC.

A Review on Software Development Life Cycle

Efficiently developing dependable and high-quality software products within a strict timeframe should be a priority for those working within the technology sector. The Software Development Life Cycle (SDLC) process plays an integral role in this respect by offering various tried-and-tested methodologies such as Waterfall model Prototype model Spiral model Agile Incremental or Rapid Application Development model. Drawing from previous writings on this subject matter are used to investigate key SDCL principles outlined above.In this paper we are discussing about the SDLC phases and their different models.

Security Best Practices: A Critical Analysis Using IoT as a Case Study

Academic research has highlighted the failure of many Internet of Things (IoT) product manufacturers to follow accepted practices, while IoT security best practices have recently attracted considerable attention worldwide from industry and governments. Given current examples of security advice, confusion is evident from guidelines that conflate desired outcomes with security practices to achieve those outcomes. We explore a surprising lack of clarity, and void in the literature, on what (generically) best practice means, independent of identifying specific individual practices or highlighting failure to follow best practices. We consider categories of security advice, and analyze how they apply over the lifecycle of IoT devices. For concreteness in discussion, we use iterative inductive coding to code and systematically analyze a set of 1,013 IoT security best practices, recommendations, and guidelines collated from industrial, government, and academic sources. Among our findings, of all analyzed items, 68% fail to meet our definition of an (actionable) practice, and 73% of all actionable advice relates to the software development lifecycle phase, highlighting the critical position of manufacturers and developers. We hope that our work provides a basis for the community to better understand best practices, identify and reach consensus on specific practices, and find ways to motivate relevant stakeholders to follow them.

Review of ways to apply machine learning methods in software engineering

This article reviews the integration of machine learning (ML) techniques into Software Engineering (SE) across various phases of the software development life cycle (SDLC). The purpose is to investigate the applications of ML in SE, analyze its methodologies, present findings, and draw conclusions regarding its impact. The study categorized ML applications in SE and assessed the performance of various ML algorithms. Authors identified ML applications in SDLC phases, including requirements analysis, design, implementation, testing, and maintenance. ML algorithms, such as supervised and unsupervised learning, are employed for tasks like software requirement identification, design pattern recognition, code generation, and automated testing. In summary, we find that ML-based techniques are experiencing a substantial surge in adoption within the field of software engineering. Nevertheless, it is evident that substantial endeavors are needed to establish thorough comparisons and synergies among these approaches, perform meaningful evaluations grounded in detailed real-world implementations that are applicable to industrial software development. Therefore, our key takeaway is the necessity for a shift in focus towards reproducible research, prioritizing this over isolated novel concepts. Failure to do so may result in the limited practical implementation of these promising applications.

Security risks of global software development life cycle: Industry practitioner's perspective

AbstractSoftware security has become increasingly important because the malicious attack and other hacker risks of a computer system have grown popularity in the last few years. As a result, several researchers have examined security solutions as early as the requirement engineering phase. With the growth of the software business and the internet, there is a need to understand the security risks against each phase of the software development life cycle (SDLC). This study aims to empirically investigate and prioritize the risks that could negatively impact the software security aspects of SDLC in the context of global software development (GSD). To achieve the study objectives, we conducted an industrial empirical study to determine the impact of software security threats against each phase of SDLC. Furthermore, the fuzzy analytical hierarchy process (FAHP) was used to prioritize the list of software security risks against the SDLC. The results and analysis of this study provide a ranked‐based decision‐making framework, which assists the practitioners in considering the most critical security risks on priority. The results show “improper plan for secure requirement identification, inception, authentication, authorization, and privacy,” “lack of threat models updating,” “lack of output validation,” “lack of certification in the final release and archive,” and “spoofing” as the top‐ranked security risks of SDLC in GSD. In addition, the application of FAHP is novel in this domain as it is helpful to address multicriteria decision‐making problems.

Software Risk Prediction: Systematic Literature Review on Machine Learning Techniques

The Software Development Life Cycle (SDLC) includes the phases used to develop software. During the phases of the SDLC, unexpected risks might arise due to a lack of knowledge, control, and time. The consequences are severe if the risks are not addressed in the early phases of SDLC. This study aims to conduct a Systematic Literature Review (SLR) and acquire concise knowledge of Software Risk Prediction (SRP) from the published scientific articles from the year 2007 to 2022. Furthermore, we conducted a qualitative analysis of published articles on SRP. Some of the key findings include: (1) 16 articles are examined in this SLR to represent the outline of SRP; (2) Machine Learning (ML)-based detection models were extremely efficient and significant in terms of performance; (3) Very few research got excellent scores from quality analysis. As part of this SLR, we summarized and consolidated previously published SRP studies to discover the practices from prior research. This SLR will pave the way for further research in SRP and guide both researchers and practitioners.

Green Based Software Engineering Approach for Sustainable Protocol

Abstract: A sturdy green software model is the prominent necessity for various governments fields and banking areas for Energy utilization processing. The model should give all the Energy consumption aspects namely power consumption, utilization of Memory, (Co2) Carbon dioxide release which is related to development of software and make it energy efficient. For Software Development Life Cycle phases this research paper proposes a new green software model for the virtual host machine, which is the base for all the Green based Software Development process.

Swarm intelligence-based model for improving prediction performance of low-expectation teams in educational software engineering projects.

Software engineering is one of the most significant areas, which extensively used in educational and industrial fields. Software engineering education plays an essential role in keeping students up to date with software technologies, products, and processes that are commonly applied in the software industry. The software development project is one of the most important parts of the software engineering course, because it covers the practical side of the course. This type of project helps strengthening students’ skills to collaborate in a team spirit to work on software projects. Software project involves the composition of software product and process parts. Software product part represents software deliverables at each phase of Software Development Life Cycle (SDLC) while software process part captures team activities and behaviors during SDLC. The low-expectation teams face challenges during different stages of software project. Consequently, predicting performance of such teams is one of the most important tasks for learning process in software engineering education. The early prediction of performance for low-expectation teams would help instructors to address difficulties and challenges related to such teams at earliest possible phases of software project to avoid project failure. Several studies attempted to early predict the performance for low-expectation teams at different phases of SDLC. This study introduces swarm intelligence -based model which essentially aims to improve the prediction performance for low-expectation teams at earliest possible phases of SDLC by implementing Particle Swarm Optimization-K Nearest Neighbours (PSO-KNN), and it attempts to reduce the number of selected software product and process features to reach higher accuracy with identifying less than 40 relevant features. Experiments were conducted on the Software Engineering Team Assessment and Prediction (SETAP) project dataset. The proposed model was compared with the related studies and the state-of-the-art Machine Learning (ML) classifiers: Sequential Minimal Optimization (SMO), Simple Linear Regression (SLR), Naïve Bayes (NB), Multilayer Perceptron (MLP), standard KNN, and J48. The proposed model provides superior results compared to the traditional ML classifiers and state-of-the-art studies in the investigated phases of software product and process development.

Security Threat and Vulnerability Assessment and Measurement in Secure Software Development

Security is critical to the success of software, particularly in today's fast-paced, technology-driven environment. It ensures that data, code, and services maintain their CIA (Confidentiality, Integrity, and Availability). This is only possible if security is taken into account at all stages of the SDLC (Software Development Life Cycle). Various approaches to software quality have been developed, such as CMMI (Capability maturity model integration). However, there exists no explicit solution for incorporating security into all phases of SDLC. One of the major causes of pervasive vulnerabilities is a failure to prioritize security. Even the most proactive companies use the “patch and penetrate” strategy, in which security is accessed once the job is completed. Increased cost, time overrun, not integrating testing and input in SDLC, usage of third-party tools and components, and lack of knowledge are all reasons for not paying attention to the security angle during the SDLC, despite the fact that secure software development is essential for business continuity and survival in today's ICT world. There is a need to implement best practices in SDLC to address security at all levels. To fill this gap, we have provided a detailed overview of secure software development practices while taking care of project costs and deadlines. We proposed a secure SDLC framework based on the identified practices, which integrates the best security practices in various SDLC phases. A mathematical model is used to validate the proposed framework. A case study and findings show that the proposed system aids in the integration of security best practices into the overall SDLC, resulting in more secure applications.

Techniques for Calculating Software Product Metrics Threshold Values: A Systematic Mapping Study

Several aspects of software product quality can be assessed and measured using product metrics. Without software metric threshold values, it is difficult to evaluate different aspects of quality. To this end, the interest in research studies that focus on identifying and deriving threshold values is growing, given the advantage of applying software metric threshold values to evaluate various software projects during their software development life cycle phases. The aim of this paper is to systematically investigate research on software metric threshold calculation techniques. In this study, electronic databases were systematically searched for relevant papers; 45 publications were selected based on inclusion/exclusion criteria, and research questions were answered. The results demonstrate the following important characteristics of studies: (a) both empirical and theoretical studies were conducted, a majority of which depends on empirical analysis; (b) the majority of papers apply statistical techniques to derive object-oriented metrics threshold values; (c) Chidamber and Kemerer (CK) metrics were studied in most of the papers, and are widely used to assess the quality of software systems; and (d) there is a considerable number of studies that have not validated metric threshold values in terms of quality attributes. From both the academic and practitioner points of view, the results of this review present a catalog and body of knowledge on metric threshold calculation techniques. The results set new research directions, such as conducting mixed studies on statistical and quality-related studies, studying an extensive number of metrics and studying interactions among metrics, studying more quality attributes, and considering multivariate threshold derivation.

Modeling knowledge and practices in the software industry: An exploratory study of Turkey-educated practitioners

Modeling helps software professionals to achieve various purposes via different approaches. Modeling stakeholders, who have different academic backgrounds (e.g., not only based on ”computing disciplines”), might be lacking knowledge in key modeling topics, which might be learned or improved at the workplace. To better align the modeling skills learnt at the academia with the expectations of the industry, it is important to analyze the relation between the educational skill-set and the modeling practices of the practitioners based on various modeling approaches. Moreover, understanding the-state-of-the-practices for modeling characteristics (e.g., purposes, languages, software development lifecycle phases, where modeling is used) is also necessary to provide a view on various modeling approaches used in the software industry. To achieve these goals, we designed and conducted a practitioner survey. 628 software practitioners, whose undergraduate degree was completed in Turkey, working in 13 countries responded the survey. This paper sheds light on the latest modeling practices with various cross-factor analyses by analyzing the relation of educational background with those modeling practices. Investigating how the way(s) of learning about software modeling affect related practices helps bridge the knowledge gaps. We believe that our findings would provide practical benefits to all modeling professionals (from developers to systems engineers and testers) and educators by influencing both the academia (mostly Turkish universities) and the industry.

Test case prioritization techniques in software regression testing: An overview

The importance of Software Testing (ST) in the Software Development Life Cycle (SDLC) can never be ignored. Smarter ST can give us more relievable and defect-free products which are as per our stakeholder demand. That is the reason it takes more time and resources. But unfortunately, the limited time has left when the product reached the testing stage, especially in Regression Testing (RT). That is the reason proper planning is required in each SDLC phase, especially in the testing phase. Regression testing is an essential part of the testing phase. It guarantees defect-free software after any changes made to the requirement or software product. Because of the limited time available, it is impossible to execute all the test cases every time any changes made in the code there comes the role of the test case prioritization. TCP chooses only test cases that are most important to execute. The priority of test cases could be based on code, requirement, defects, execution time, cost, etc. After TCP the developer and tester have a minimum test case suite with better coverage in all respects. TCP definitely improves the quality of software and brings the best product within a limited time and cost. In this paper, we have provided a detailed survey of the TCP methodologies. This survey includes 2010 to the most recent studies. In this study, we have select carefully the most recent and relevant study of our topic.

RETRACTED ARTICLE: A Threat Categorization of Risk-Based approach for analyzing Security Threats early phase in SDLC

The security risk assessment is a daunting process that usually requires an in-depth knowledge of the pertinent attack scenarios and the technical understanding of all the security measures implemented in the organization. Small and medium-sized businesses are especially challenged as they can often not operate a full information security department. Sometimes the shortage of security skills and security data for the reason of limited IT resources. Software threats are progressively being used in internet-based, web-data servers, web services, and GUI-based applications. The type of threat modeling is intended for each phase before the accomplishment of the software product. Finding software and hardware threat is the most critical task in the software development life cycle (SDLC). The threat modeling process is included in SDLC at the beginning stage for minimizing the risks. This paper investigates threat attacks in the software development life cycle (SDLC) using threat categorization of risk-based approaches for security threats in the early phase. The intrusion detection attack has been identified for a web application of the healthcare management system. It is classified based on the severity of stages in the Life cycle. The proposed method findings are compared with the Microsoft stride to identify the boundaries of components, ranking of the attacks, and better understand software development and operation threats in software development process.