Integrating Software Lifecycle Process Standards with Security Engineering

doi:10.1016/S0167-4048(02)00413-3

Computers & Security

Volume 21, Issue 4, 1 August 2002, Pages 345-355

https://doi.org/10.1016/S0167-4048(02)00413-3 Get rights and content

Abstract

Since the advent and astronomical rise of the Internet and E-business, organizations must secure their computer systems or risk malicious attacks. While there have been several software lifecycle process standards (SLPS) for both military and industrial software development, their activities and deliverables are not yet integrated with security engineering (SE) activities. This lack of integration has created conflicts among the system development stakeholders (e.g. system acquirers and developers) during secure information systems development projects. This paper proposes an integration model that interweaves all the process activities and deliverables of SLPS with SE activities, taking IEEE/EIA 12207 as an example of SLPS. This model provides practical guidelines for the development of secure information systems while informing stakeholders how SLPS is related to the SE activities.

Introduction

As organizations’ computing environments are increasingly exposed to security risks with their reliance on the Internet, ironclad safeguards for information systems have become essential. The development of secure information systems is counted as one of the top priorities in today’s businesses [1], [2], [3]. There has been improvement in both the software lifecycle process standard (SLPS) and the security engineering (SE) approach¹ for both military and industrial software development. In SE, efforts have been made to define and elaborate its activities for more secure information systems. However, the stakeholders in the development of secure information systems are still at odds without predefined guidelines for the integration of the activities and deliverables of SLPS with the SE activities (Figure 1). This conflict has caused project delay, morale deterioration and a less secure system development. Many researchers [4], [5] warn that this separation of the SE activities from the system development engineering activities has led to an unsecured system, as each group develops a secure IS to meet its own objective.

This paper proposes an integration model that interweaves all the process activities and deliverables of SLPS with SE activities, taking IEEE/EIA 12207 as an example of SLPS. Higginbotham and Maley [6] pointed out that by integrating SE process into system development, system developers can satisfy acquirers’ concerns and acquirers can be satisfied with the quality of security services offered. We developed such an integration model by improving upon a pre-established SE model and integrating it with IEEE/EIA 12207 through a Delphi analysis. Thirty-three experts worked for over three months in the development of this model [7].

Instead of adopting a predefined SE model such as the Security System Engineering Capability Maturity Model (SSE-CMM) [8], we developed a new SE model for this study. We chose to do so because the objective of this study was to provide integration guidelines covering as many of the SE activities that can be applicable to a software development life cycle as possible. For this purpose, it was important to integrate all the SE activities, both managerial and technical, that have been identified in various studies into an overall SE model. This decision was based on the assumption that integrating the most effective SE activities into the software development life cycle will ensure the development of the most secure system technologically possible.

We expect the integration model to provide practical guidelines for the development of secure information systems. Such guidelines will provide stakeholders with a better understanding of how SLPS is related with SE activities, thereby reducing conflicts to a minimum. This paper is organized as follows: In section II, we briefly explain IEEE/EIA 12207, the SE approach and the SE model used for the integration. In section III, we describe the Delphi analysis results, the integration model of IEEE/EIA 12207, and the SE approach. We conclude by assessing how this study contributes to security engineering research.

Section snippets

IEEE/EIA 12207

IEEE/EIA 12207, a Software Lifecycle Process Standard, officially introduced in 1998, has become the de facto model of both industry and military software development projects in the United States [9], superceding both the previous military standard (MIL-STD-498²) and the industry standard (ISO/IEC 12207³). It defines the role of acquirer, supplier, developer, operator and

Results

The results of the analysis are shown in Figure 4 and Appendix A. Three issues were raised after our first round of Delphi analysis. First, noting that the questionnaire included only the primary processes of IEEE/EIA 12207, 21 experts suggested incorporating two of its non-primary processes: organizational and supporting processes which were not included in the first round questionnaire. They suggested that these two processes allow more unambiguous mapping between the IEEE model and some of

Integration with other Security models

Although we developed an integration model based on IEEE/EIA 12207, we can generalize and integrate this model with other security models. Here we suggest general guidelines for such attempts in the future. We believe that further studies in this area will further enhance our knowledge of SE in system development.

Conclusion

This study has presented a model that integrates all the process activities and data items of IEEE/EIA 12207 with the security engineering activities from a pre-established SE model that synthesizes 25 SE activities [8]. We developed the integration model through a Delphi analysis with 33 software engineering, project management, and security experts. In the course of the analysis, we have resolved a number of discrepancies and have been able to reach a high consensus on the model among the

References (23)

Friedman, B., Kahn, P. H. Jr, and Howe, D.C. “Trust online” Communications of the ACM, Vol. 43(12), pp. 34–40,...
Hinde, S., “Privacy and security — The drivers for growth of E-commerce”, Computers & Security, Vol. 17(6), pp.475–478,...
Talwatte, G “E-commerce is key to global competitiveness — but is there anyone you can trust in the online world?”...
Baskerville, R., “The Developmental Duality of Information Systems Security,” Journal of Management Systems, Vol. 4(1),...
Baskerville, R., “Information Systems Security Design Methods: Implications for Information Systems Development,” ACM...
SSE-CMM Project, Systems SE Capability Maturity Model-Version 2.0, April 1999,...
Higginbotham, M. D., Maley, J., Milheizler, A.J., and Suskie, B.J., “Integrating Information SE with System Engineering...
Lee, Y., Lee, C., and Lee, Z. “A Study of Integrating the Security Engineering Process into the Software Lifecycle...
IEEE, IEEE/EIA 12207 — Industry Implementation of International Standard ISO/IEC 12207,...
Moore, J.W., IEEE/EIA 12207 as the foundation for enterprise software processes,” Proceedings of 16th Annual Pacific...

DoD, Trusted Computer System Evaluation Criteria, DoD-Std-5200.28,...

Cited by (19)

Employees' in-role and extra-role information security behaviors from the P-E fit perspective
2023, Computers and Security
Organizations are increasingly seeking ways to encourage employee in-role and extra-role information security (InfoSec) behaviors for enhancing organizational InfoSec. One important consideration is the InfoSec congruence between the person and the organizational environment. Accordingly, drawing on person–environment (P–E) fit theory, we conducted an empirical investigation that examined (1) the effect of key components in organizational InfoSec management practice on InfoSec value P–E fit, and (2) the role of InfoSec value P–E fit on employees’ InfoSec in-role and extra-role behaviors in the organization. The results suggest that three practices—InfoSec policies; security education, training, and awareness programs; and computer monitoring—cultivate InfoSec value P–E fit, leading to an increase in employees’ InfoSec in-role and extra-role behaviors.
Engineering secure systems: Models, patterns and empirical validation
2018, Computers and Security
Citation Excerpt :
In addition to guidelines for modeling security aspects, the framework offers verification based on a formal approach for the produced models (Grandy et al., 2006). In addition to the above approaches, Lee et al. (Lee et al., 2002; 2000) propose an integration model for integrating security engineering approaches into software lifecycle standards, mapping the concepts of the software lifecycle (IEEE 12207) to security engineering concepts (a set of concepts collected from various security engineering approaches (Lee et al., 2000)). The approach attempts to provide an understanding to stakeholders of where and when security activities intervene and interact with standard process lifecycle activities.
Several development approaches have been proposed to handle the growing complexity of software system design. The most popular methods use models as the main artifacts to construct and maintain. The desired role of such models is to facilitate, systematize and standardize the construction of software-based systems. In our work, we propose a model-driven engineering (MDE) methodological approach associated with a pattern-based approach to support the development of secure software systems. We address the idea of using patterns to describe solutions for security as recurring security problems in specific design contexts and present a well-proven generic scheme for their solutions. The proposed approach is based on metamodeling and model transformation techniques to define patterns at different levels of abstraction and generate different representations according to the target domain concerns, respectively. Moreover, we describe an operational architecture for development tools to support the approach. Finally, an empirical evaluation of the proposed approach is presented through a practical application to a use case in the metrology domain with strong security requirements, which is followed by a description of a survey performed among domain experts to better understand their perceptions regarding our approach.
Security for Machine Learning-based Software Systems: A Survey of Threats, Practices, and Challenges
2024, ACM Computing Surveys
CIA-level driven secure SDLC framework for integrating security into SDLC process
2022, Journal of Ambient Intelligence and Humanized Computing
Security for Machine Learning-based Software Systems: a survey of threats, practices and challenges
2022, arXiv
Firefly Optimization Technique for Software Quality Prediction
2022, Lecture Notes in Networks and Systems

View all citing articles on Scopus

View full text