Skip to main content
SpringerLink
Log in

Developing secure software

A holistic approach to security testing

  • Aufsätze
  • Published:
Datenschutz und Datensicherheit - DuD Aims and scope Submit manuscript

Abstract

Building secure software requires a well-selected combination of security testing techniques during the whole software development lifecycle.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

Bibliography

  1. Mitre. 2011 CWE/SANS Top 25 Most Dangerous Software Errors. http://cwe.mitre.org/top25/, 2011. Site visited on 2014-01-06.

    Google Scholar 

  2. National Institute of Standards and Technology (NIST). National Vulnerability Database. http://nvd.nist.gov/. Site visited on 2014-01-06.

  3. M.P. Gallaher and B.M. Kropp. The Economic Impacts of Inadequate Infrastructure for Software Testing. Technical Report Planning Report 02-03, National Institute of Standards & Technology, May 2002.

    Google Scholar 

  4. Howard, Michael; Lipner, Steve (June 2006). The Security Development Lifecycle: SDL: A Process for Developing Demonstrably More Secure Software. Microsoft Press.

    Google Scholar 

  5. Achim D. Brucker and Uwe Sodan. Deploying Static Application Security Testing on a Large Scale. In GI Sicherheit 2014. Lecture Notes in Informatics, GI, 2014.

    Google Scholar 

  6. Patrice Godefroid, Michael Y. Levin, David A. Molnar: SAGE: whitebox fuzzing for security testing. Commun. ACM 55(3): 40–44 (2012)

    Article  Google Scholar 

  7. Riccardo Scandariato, James Walden, and Wouter Joosen. Static analysis versus penetration testing: a controlled experiment. In Proceedings of the 24th IEEE International Symposium on Software Reliability Engineering, pages 1–10. IEEE, November 2013.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Heidelberg, Deutschland

    Ruediger Bachmann

  2. Karlsruhe, Deutschland

    Achim D. Brucker

Authors
  1. Ruediger Bachmann
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Achim D. Brucker
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ruediger Bachmann.

Additional information

Ruediger Bachmann is a Development Architect at SAP AG (http://www.sap.com) working, as member of the central code analyses team, in the areas application security and code analysis.

Dr. Achim D. Brucker is a Security Expert and Senior Researcher at SAP AG (http://www.sap.com). He is working on a broad range of security topics both in development as well as in research. Further information can be found on his website: http://www.brucker.ch

Rights and permissions

Reprints and permissions

About this article

Cite this article

Bachmann, R., Brucker, A.D. Developing secure software. Datenschutz Datensich 38, 257–261 (2014). https://doi.org/10.1007/s11623-014-0102-0

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11623-014-0102-0

Keywords

Search

Navigation