Integrating a security plug-in with the OpenUP/Basic development process
2008 (English)In: Third International Conference on Availability, Reliability and Security, 2008, IEEE Computer Society, 2008, 284-291 p.Conference paper (Refereed)
In this paper we present a security plug-in for the OpenUP/Basic development process. Our security plug-in is based on a structured unified process for secure software development, named S3P (sustainable software security process). This process provides the formalism required to identify the causes of vulnerabilities and the mitigation techniques that prevent these vulnerabilities. We also present the results of an expert evaluation of the security plug-in. The lessons learned from development of the plug-in and the results of the evaluation will be used when adapting S3P to other software development processes.
Place, publisher, year, edition, pages
IEEE Computer Society, 2008. 284-291 p.
Security plug-in, Software development process, Software security
IdentifiersURN: urn:nbn:se:liu:diva-39935DOI: 10.1109/ARES.2008.132ISI: 000256665200038Local ID: 51775ISBN: 978-0-7695-3102-1OAI: oai:DiVA.org:liu-39935DiVA: diva2:260784
Third International Conference on Availability, Reliability and Security (ARES 2008), 4-7 March 2008, Barcelona, Spain