ABSTRACT
DLR as research organization increasingly faces the task to share its self-developed software with partners or publish openly. Hence, it is very important to harden the softwares to avoid opening attack vectors. Especially since DLR software is typically not developed by software engineering or security experts. In this paper we describe the data-oriented approach of our new found secure software engineering group to improve the software development process towards more secure software. Therefore, we have a look at the automated security evaluation of software as well as the possibilities to capture information about the development process. Our aim is to use our information sources to improve software development processes to produce high quality secure software.
- Carina Haupt and Tobias Schlauch. 2017. The Software Engineering Community at DLR: How we got where we are, Neil Chue Hong, Stephan Druskat, Robert Haines, Caroline Jay, Daniel S. Katz, and Shoaib Sufi (Eds.). Proceedings of the Workshop on Sustainable Software for Science: Practice and Experiences (WSSSPE5.1). http://elib.dlr.de/114050/Google Scholar
- Victoria Stodden and Sheila Miguez. 2014. Best Practices for Computational Science: Software Infrastructure and Environments for Reproducible and Extensible Research. Journal of Open Research Software 2, 1 (jul 2014).Google ScholarCross Ref
Index Terms
- DLR secure software engineering: position and vision paper
Recommendations
Exploring Security Procedures in Secure Software Engineering: A Systematic Mapping Study
EASE '22: Proceedings of the 26th International Conference on Evaluation and Assessment in Software EngineeringVarious new technologies have developed as software security solutions have become more critical. One of the essential parts of software quality is the product's security. Though providing examples covering all phases of secure software development is ...
Security by Design in Software Engineering
Security is a non-functional requirement difficult-to-handle during software development. However, it appears to be common in software engineering, that security is taken care of during the design- and test-phase only. If security is neglected during ...
Secure software engineering teaching modules
InfoSecCD '06: Proceedings of the 3rd annual conference on Information security curriculum developmentWe are designing a course in secure software engineering that will teach students how to incorporate security throughout the software development lifecycle. The class will serve as a capstone for a new graduate certificate in secure software ...
Comments