Managing the Secure Software Development
Identifikátory výsledku
Kód výsledku v IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26220%2F19%3APU133368" target="_blank" >RIV/00216305:26220/19:PU133368 - isvavai.cz</a>
Výsledek na webu
<a href="https://ieeexplore.ieee.org/abstract/document/8763845" target="_blank" >https://ieeexplore.ieee.org/abstract/document/8763845</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1109/NTMS.2019.8763845" target="_blank" >10.1109/NTMS.2019.8763845</a>
Alternativní jazyky
Jazyk výsledku
angličtina
Název v původním jazyce
Managing the Secure Software Development
Popis výsledku v původním jazyce
Nowadays, software development is a more complex process than ever was and it faces the challenges, where security became one of the most crucial. The security issues became an essential part of software engineers and understanding the vulnerabilities, risks and others became the everyday bread. The needs of security in software development resulted in the creation of the so-called Secure Software Development Life Cycle (SSDLC). This is a methodological concept included in classical Software Development Life-Cycle, which is described by five main phases - analysis, design, implementation (building), testing, and evaluation (deployment and maintenance). The SSDLC adds another dimension ensuring the security. We introduce our same named tool "Secure Software Development Life-cycle", which follows the general idea and goes beyond it. Our tool helps to create security, hardening, testing, and validation reporting guidelines for selected use-cases. This tool is an environment for defining the current and future security requirements based on the collection of standards, recommendations, best practice, and many others. Connecting the SSDLC with other tools improves the general level of automation of the Product Life Cycle (PLC). The SSDLC gives a connection and context among security, safety and performance parameters. Compared with static security requirements definition, the SSDLC provides simple future extension and straight integration to the PLC process with non- or nearly-non personal (human) interaction.
Název v anglickém jazyce
Managing the Secure Software Development
Popis výsledku anglicky
Nowadays, software development is a more complex process than ever was and it faces the challenges, where security became one of the most crucial. The security issues became an essential part of software engineers and understanding the vulnerabilities, risks and others became the everyday bread. The needs of security in software development resulted in the creation of the so-called Secure Software Development Life Cycle (SSDLC). This is a methodological concept included in classical Software Development Life-Cycle, which is described by five main phases - analysis, design, implementation (building), testing, and evaluation (deployment and maintenance). The SSDLC adds another dimension ensuring the security. We introduce our same named tool "Secure Software Development Life-cycle", which follows the general idea and goes beyond it. Our tool helps to create security, hardening, testing, and validation reporting guidelines for selected use-cases. This tool is an environment for defining the current and future security requirements based on the collection of standards, recommendations, best practice, and many others. Connecting the SSDLC with other tools improves the general level of automation of the Product Life Cycle (PLC). The SSDLC gives a connection and context among security, safety and performance parameters. Compared with static security requirements definition, the SSDLC provides simple future extension and straight integration to the PLC process with non- or nearly-non personal (human) interaction.
Klasifikace
Druh
D - Stať ve sborníku
CEP obor
—
OECD FORD obor
20202 - Communication engineering and systems
Návaznosti výsledku
Projekt
Výsledek vznikl pri realizaci vícero projektů. Více informací v záložce Projekty.
Návaznosti
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)
Ostatní
Rok uplatnění
2019
Kód důvěrnosti údajů
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Údaje specifické pro druh výsledku
Název statě ve sborníku
2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS)
ISBN
978-1-7281-1542-9
ISSN
—
e-ISSN
—
Počet stran výsledku
4
Strana od-do
1-4
Název nakladatele
Neuveden
Místo vydání
Neuveden
Místo konání akce
Kanárské ostrovy Gran Canary
Datum konání akce
24. 6. 2019
Typ akce podle státní příslušnosti
WRD - Celosvětová akce
Kód UT WoS článku
000492033300051