Secure Software Engineering: Learning from the Past to Address Future Challenges

This paper provides a taxonomy of secure software systems engineering (SSE) by surveying and organizing relevant SSE research and presents current trends in SSE, on-going challenges, and models for reasoning about threats and vulnerabilities. Several challenging questions related to risk assessment/...

Full description

Saved in:
Bibliographic Details
Published in:Information security journal. 2009-01, Vol.18 (1), p.8-25
Main Authors: Hein, Daniel, Saiedian, Hossein
Format: Article
Language:English
Subjects:
metrics for software security
secure software systems engineering
security threats
software security vulnerabilities
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:This paper provides a taxonomy of secure software systems engineering (SSE) by surveying and organizing relevant SSE research and presents current trends in SSE, on-going challenges, and models for reasoning about threats and vulnerabilities. Several challenging questions related to risk assessment/mitigation (e.g., "what is the likelihood of attack") as well as practical questions (e.g., "where do vulnerabilities originate" and "how can vulnerabilities be prevented") are addressed.
ISSN:1939-3555
1939-3547
DOI:10.1080/19393550802623206