Software problems are the main causes of system failures today. There are many well-known cases of the tragic consequences of software failures. In critical systems, very high reliability is naturally expected. Software packages used everyday also need to be highly reliable, because the enormous investment of the software developer is at stake. Studies have shown that reliability is regarded as...

The rapid growth of communication and globalization has changed the software engineering process. Security has become a crucial component of any software system. However, software developers often lack the knowledge and skills needed to develop secure software. Clearly, the creation of secure software requires more than simply mandating the use of a secure software development lifecycle; the co...

This paper describes an approach to modeling the evolution of an application system to a secure application system in terms of the software requirements model and software architecture model. The requirements for security services are captured separately from application requirements, and the security services are encapsulated in connectors in the software architecture, separately from the comp...

This dissertation is the result of my own work and includes nothing which is the outcome of work done in collaboration except where specifically indicated in the text. This dissertation does not exceed the regulation length of 60,000 words, including tables and footnotes, but excluding the bibliography and appendix. Acknowledgements My work has been supported at various times by a Marshall Scho...

When people talk about software security, they usually refer to security applications such as antivirus software, firewalls and intrusion detection systems. There is little emphasis on the security in the software itself Therefore the thesis sets out to investigate if we can develop secure software in the first place. It first starts with a survey of the software security field, including the d...

0 7 4 0 7 4 5 9 / 0 2 / $ 1 7 . 0 0 © 2 0 0 2 I E E E benefits of software reusability. While software components have become popular, security concerns are paramount. Their composition can be considered risky because of the “plug and play” with unknown third-party components. In dynamic runtime applications for critical systems such as e-commerce and ehealth, the risk could be much higher. Com...

A reoccurring problem with software security is that programmers are encouraged to reason about correctness either at code-level or at the design level, while attacks often tend to take places on intermediary layers of abstraction. It may happen that the code itself may seem correct and secure as long as its functionality has been demonstrated for example, by showing that some invariant has bee...

Computer security is taking on new importance as electronic commerce metamorphoses from hype to reality. Large and small businesses alike are reinventing themselves as e-commerce players. The implications for computer security practice are immense. When bits count as money, protecting bits becomes as important as any other aspect of running a successful business. One essential element shared by...

1 A Lightweight Measurement of Software Security Skills, Usage and Training Needs in Agile Teams; Tosin Daniel Oyetoyan, Department of Software Engineering, Safety & Security, SINTEF Digital, Trondheim, Norway Martin Gilje Jaatun, Department of Software Engineering, Safety & Security, SINTEF Digital, Trondheim, Norway Daniela Soares Cruzes, Department of Software Engineering, Safety & Security,...