Security Assurance Model of Software Development for Global Software Development Vendors

The number of security attacks and the impact has grown considerably in recent several years. As a result, new emerging software development models are required that assist developing is secure by default. This article reviews most widely used models. It proposes Security Assurance Model (SAM) for Software Development adaptable to all contemporary scenarios, emphasizing global (GSD) vendor companies. SAM was developed after studying 11 well-known analyzing results obtained from systematic literature review (SLR) questionnaire survey. consists seven assurance levels: Governance Threat Analysis, Secure Requirement Design, Coding, Testing Review, Deployment, Improvement. levels consist 46 critical risks (CSSRs) 388 practices addressing these risks. proposed assessed based on tool created Motorola, which evaluate present state company’s processes find areas improvement. We conducted 3 case studies companies, using data real projects examine practical experiment each company. indicate helps measure level an organization. In addition, it can potentially serve as framework researchers develop measures.