Investigate How Developers and Managers View Security Design in Software

Asif Imran

doi:10.5220/0011994700003464

Investigate How Developers and Managers View Security Design in Software

Asif Imran

2023

Abstract

Software security requirements have been traditionally considered as a non-functional attribute of the soft- ware. However, as more software started to provide services online, existing mechanisms of using firewalls and other hardware to secure software have lost their applicability. At the same time, under the current world circumstances, the increase of cyber-attacks on software is ever increasing. As a result, it is important to con- sider the security requirements of software during its design. To design security in the software, it is important to obtain the views of the developers and managers of the software. Also, it is important to evaluate if their viewpoints match or differ regarding the security. Conducting this communication through a specific model will enable the developers and managers to eliminate any doubts on security design and adopt an effective strategy to build security into the software. In this paper, we analyzed the viewpoints of developers and man- agers regarding their views on security design. We interviewed a team of 7 developers and 2 managers, who worked in two teams to build a real-life software product that was recently compromised by a cyber-attack. We obtained their views on the reasons for the successful attack by the malware and took their recommendations on the important aspects to consider regarding security. Based on their feedback, we coded their open-ended responses into 4 codes, which we recommended using for other real-life software as well.

Download

Paper Citation

in Harvard Style

Imran A. (2023). Investigate How Developers and Managers View Security Design in Software. In Proceedings of the 18th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE, ISBN 978-989-758-647-7, SciTePress, pages 693-700. DOI: 10.5220/0011994700003464

in Bibtex Style

@conference{enase23,
author={Asif Imran},
title={Investigate How Developers and Managers View Security Design in Software},
booktitle={Proceedings of the 18th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE,},
year={2023},
pages={693-700},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011994700003464},
isbn={978-989-758-647-7},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 18th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE,
TI - Investigate How Developers and Managers View Security Design in Software
SN - 978-989-758-647-7
AU - Imran A.
PY - 2023
SP - 693
EP - 700
DO - 10.5220/0011994700003464
PB - SciTePress