Abstract
Background: With the advancement in the field of software development, software poses threats and risks to customers’ data and privacy. Most of these threats are persistent because security is mostly considered as a feature or a non-functional requirement, not taken into account during the Software Development Life Cycle (SDLC).
Introduction: In order to evaluate the security performance of a software system, it is necessary to integrate the security metrics during the SDLC. The appropriate security metrics adopted for each phase of SDLC aids in defining the security goals and objectives of the software as well as quantify the security in the software. Methods: This paper presents a review and catalog of security metrics that can be adopted during the distinguishable phases of SDLC, security metrics for vulnerability and risk assessment reported in the literature for secure development of software. The practices of these metrics enable software security experts to improve the security characteristics of the software being developed. The critical analysis of security metrics of each phase and their comparison are also discussed. Results: Security metrics obtained during the development processes help to improve the confidentiality, integrity, and availability of software. Hence, it is imperative to consider security during the development of the software, which can be done with the use of software security metrics. Conclusion: This paper reviews the various security metrics that are meditated in the copious phases during the progression of the SDLC in order to provide researchers and practitioners with substantial knowledge for adaptation and further security assessment.Keywords: Security, metrics, software development life cycle, threats, risks, vulnerabilities, secure software.
Graphical Abstract
Call for Papers in Thematic Issues
Advancements in Brain Tumor Detection and Treatment using Machine Learning, Deep Learning, and Blockchain Technology
Brain tumors are among the most challenging diseases to diagnose and treat, requiring specialized expertise and advanced technology for accurate detection and effective treatment. In recent years, machine learning and deep learning algorithms have shown promise in improving the accuracy and efficiency of brain tumor detection through medical imaging analysis. ...read more
Advances of Biometric Data Analysis to Boost Intelligent Applications
With the rapid development of artificial intelligence (AI) technology, more and more intelligent devices and applications are appearing in our daily lives, such as smart home, smart agriculture, health diagnosis, educational support, and environmental monitoring. Interaction with these devices or applications has become a pressing issue that can greatly improve ...read more
Attainment of SDGs through the Advancement in Solar Energy Systems
With less than a decade until we reach 2030, it is crucial to address the deep inequalities affecting not only our health but also our quality of life, and the economy of countries worldwide. Few of the UN's Sustainable Development Goals (SDGs) can be directly and indirectly achieved through the ...read more
Emerging Intelligent Computing Techniques and their Applications Using Machine Learning
This special issue will aim to discuss computational intelligence approaches, initiatives and applications in engineering and science fields (including Machine Intelligence, Mining Engineering, Modeling and Simulation, Computer, Communication, Networking and Information Engineering, Systems Engineering, Innovative Computing Systems, Adaptive Technologies for Sustainable Growth, and Theoretical and Applied Sciences). This collection should ...read more
Related Journals
Recent Patents on Engineering
12