Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A Lightweight Secure Development Process for Developers
Linköping University, Department of Computer and Information Science, Software and Systems.
Linköping University, Department of Computer and Information Science, Software and Systems.
2019 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesisAlternative title
En resurseffektiv säkerhetsprocess för utvecklare (Swedish)
Abstract [en]

Following a secure development process when developing software can greatly increase the security of the software. Several secure development processes have been developed and are available for companies and organizations to adopt. However, the processes can be expensive and complex to adopt in terms of expertise, education, time, and other resources.In this thesis, a software service, developed by a small IT-consulting company, was tested with security tools and manual code review to find security vulnerabilities. These vulnerabilities showed that there was room for security improvement in the software development life cycle. Therefore, a lightweight secure development process that can be used by developers, is proposed. The secure development process called Lightweight Developer-Oriented Security Process (LDOSP) is based on activities from other secure development processes and the choice of these activities were based on interviews with representatives of the IT-consulting company. The interviews showed that the process would need to be lightweight, time- and cost-efficient, and possible to be performed by a developer without extensive security experience. LDOSP contains 11 activities spread across different phases of the software development life cycle and an exemplification of the process was made to simplify the adoption of LDOSP.

Place, publisher, year, edition, pages
2019. , p. 67
Keywords [en]
computer security, security
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:liu:diva-158219ISRN: LIU-IDA/LITH-EX-A--19/047--SEOAI: oai:DiVA.org:liu-158219DiVA, id: diva2:1331307
Subject / course
Computer science
Supervisors
Examiners
Available from: 2019-06-27 Created: 2019-06-26 Last updated: 2019-06-27Bibliographically approved

Open Access in DiVA

fulltext(896 kB)44 downloads
File information
File name FULLTEXT01.pdfFile size 896 kBChecksum SHA-512
749f2520e7512bfa00fe49768efca5a7f8f9eb4214bb41b60659f6f53f8dfc6d841a3aae54cb4e7f83602334e2293c5c3ff2aa299c759ff18cb2cef5a0f5072a
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Hellström, JesperMoberg, Anton
By organisation
Software and Systems
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 44 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 159 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf