SecSDM: A usable tool to support IT undergraduate students in secure software development
نویسندگان
چکیده
Many IT undergraduate programs neglect to address the importance of integrating information security into the software development lifecycle. SecSDM is an integrated, risk-based methodology for supporting IT undergraduate students in secure software development. A software tool, based on the SecSDM methodology, has been developed to provide a means by which to apply this methodology to software development projects. However, from a developer’s perspective, any such software tool needs to be usable. This means that such a tool should have good utility, be effective to use, efficient to use, safe to use, easy to learn, easy to remember and satisfying to use. This paper provides an overview of the SecSDM methodology and presents the results of a user satisfaction survey relating to the SecSDM software tool.
منابع مشابه
SecSDM: A Model for Integrating Security into the Software Development Life Cycle
Most traditional software development methodologies do not explicitly include a standardised method for incorporating information security into their life cycles. It is argued that security considerations should provide input into every phase of the Software Development Life Cycle (SDLC), from requirements gathering to design, implementation, testing and deployment. Therefore, to build more sec...
متن کاملTowards Tool-Support for Usable Secure Requirements Engineering with CAIRIS
Understanding how to better elicit, specify, and manage requirements for secure and usable software systems is a key challenge in security software engineering, however, there lacks tool-support for specifying and managing the voluminous amounts of data the associated analysis yields. Without these tools, the subjectivity of analysis may increase as design activities progress. This paper descri...
متن کاملSoftware for Interactive Secure Systems Design: Lessons Learned Developing and Applying CAIRIS
As systems become more complex, the potential for security vulnerabilities being introduced increases. If we are to provide assurances about systems we design then we need the means of analysing, managing, and generally making sense of the data that contributes to the design. Unfortunately, despite ongoing research into tools for supporting secure software development, there are few examples of...
متن کاملA practical application of software security in an undergraduate software engineering course
Computer software is developed according to software engineering methodologies. However, as more of the economy and our social lives move online, software security has become a topic of increasing importance. Traditionally, courses in software security are offered at the graduate level or in a stand-alone course at the undergraduate level, with many undergraduate students being required to appl...
متن کاملUndergraduate Software Engineering Curriculum Enhancement via Human-Computer Interaction
More needs to be done to train students to deliver usable software. The current Software Engineering curriculum includes Human-Computer Interaction (HCI) topics in terms of a lecture. This paper presents how an undergraduate Software Engineering curriculum can be enhanced with HCI principles and techniques. The intent is to produce software engineers who value usable software and who can produc...
متن کامل