Remember Me
Or use your Academic/Social account:


Or use your Academic/Social account:


You have just completed your registration at OpenAire.

Before you can login to the site, you will need to activate your account. An e-mail will be sent to you with the proper instructions.


Please note that this site is currently undergoing Beta testing.
Any new content you create is not guaranteed to be present to the final version of the site upon release.

Thank you for your patience,
OpenAire Dev Team.

Close This Message


Verify Password:
Verify E-mail:
*All Fields Are Required.
Please Verify You Are Human:
fbtwitterlinkedinvimeoflicker grey 14rssslideshare1
Ramachandran, M (2015)
Languages: English
Types: Article
Software Engineering has established techniques, methods and technology over two decades. However, due to the lack of understanding of software security vulnerabilities, we have not been so successful in applying software engineering principles that have been established for the past at least 25 years, when developing secure software systems. Therefore, software security can not be just added after a system has been built and delivered to customers as seen in today’s software applications. This keynote paper provides concise methods, techniques, and best practice requirements guidelines on software security and also discusses an Integrated-Secure SDLC model (IS-SDLC), which will benefit practitioners, researchers, learners, and educators.
  • The results below are discovered through our pilot algorithms. Let us know how we are doing!

    • 1. McGraw, G (2006) Software security: building security in, Addison Wesley, USA
    • 2. Ashford, W (2009) http://www.computerweekly.com/Articles/2009/07/14/236875/ondemand-service-aims-to-cut-cost-of-fixing-software-security.htm
    • 3. Allen, J. H., et al. (2008) Software security engineering: a guide for project managers, Addison Wesley, 2008
    • 4. Jacobson, I (1992) Object oriented software engineering: use case driven approach, Addison Wesley
    • 5. Kotonya, G and Sommerville, I (1998) Requirements Engineering: Processes and Techniques, Wiley.
    • 6. Lamsweerde, van A (2009) Requirements Engineering: From system goals to UML models to software specifications, Wiley, UK.
    • 7. Sommerville, I and Sawyer, P (1998) Requirements Engineering: A good practice guide, Wiley.
    • 8. Firesmith, D (2007) Engineering Safety- & Security-Related Requirements ICCBSS Tutorial, SEI, Carnegie Mellon University, 27 February.
    • 9. Firesmith, D (2003) Engineering security requirements, Journal of Object Technology, Volume 2, No. 1, 2003
    • 10. CERT-SEI, www.cert.org
    • 11. CERT-UK, https://www.cert.gov.uk/
    • 12. BSI (2013) Attack patterns articles, https://buildsecurityin.uscert.gov/articles/knowledge/attack-patterns
    • 13. Schneier, B (1999) Attack Trees: modelling security threats, Dr Dobbs Journal, December, http://www.schneier.com/paper-attacktrees-ddj-ft.html
    • 14. Schneier, B (2000) Secrets and Lies: Digital Security in a Networked World. New York, NY: John Wiley & Sons
    • 15. Ellison, R.J. and Moore, A. P (2003) Trustworthy Refinement Through Intrusion-Aware Design (CMU/SEI-2003-TR-002, ADA414865). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2003.
    • 16. Howard, M and LeBlanc, D. C (2002) Writing Secure Code (2nd ed.). Redmond, WA: Microsoft Press.
    • 17. Mead, N. R et al. (2008) Incorporating Security Quality Requirements Engineering (SQUARE) into Standard Life-Cycle Models, SEI Technical Note CMU/SEI-2008-TN006, http://www.sei.cmu.edu
    • 18. Caralli, R. A et al. (2007) Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process, TECHNICAL REPORT, CMU/SEI-2007-TR-012
    • 19. Alberts, C and Dorofee, A (2002) Managing Information Security Risks: The OCTAVESM Approach, Addison Wesley
    • 20. Woody, C and Alberts, C (2007) Considering Operational Security Risk during System Development”, C Woody, C Alberts, IEEE Security & Privacy, pp. 30-43
    • 21. CLASP (2006) OWASP CLASP Version 1.2, http://www.lulu.com/items/volume_62/1401000/1401307/3/print/OWASP_CLASP_v1.2_f or_print_LULU.pdf
    • 22. S-SDLC: Introducing Secure Software development Life Cycle (S-SDLC), Infosec Institute, http://resources.infosecinstitute.com/intro-secure-software-development-life-cycle/
    • 23. Ramachandran, M (2012) Software Security Engineering: Design and Applications, Nova Science Publishers, New York, USA, 2012. ISBN: 978-1-61470-128-6, https://www.novapublishers.com/catalog/product_info.php?products_id=26331
    • 24. Chen, A. Jia (2004) Security engineering for software (SES), CS996-CISM, isis.poly.edu/courses/cs996-management/Lectures/SES.pdf
    • 25. Belapurkar, A., et al. (2009) Distributed system security: issues, processes and solutions, Wiley.
    • 26. Ramachandran, M., Chang, V., and Li, C-S (2015) The Improved Cloud Computing Adoption Framework to deliver secure services, Emerging Software as a Service and Analytics -
  • No related research data.
  • Discovered through pilot similarity algorithms. Send us your feedback.

Share - Bookmark

Download from

Cite this article