Software Security for Small Development Teams - A Case Study

Johannes Sametinger; Andreas Wiesauer; Michael Kainerstorfer

Software Security for Small Development Teams - A Case Study

Johannes Sametinger
, Andreas Wiesauer
, Michael Kainerstorfer

Institute of Business Informatics - Software Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference proceedings › peer-review

Abstract

Microsoft is developing wide-spread software solutions like the Windows operating system and the Office suite. In order to improve security of their products, they have introduced the Microsoft Security Development Lifecycle (MS-SDL). Ample documentation about the MS-SDL is available, thus, allowing other companies to adopt the lifecycle as well. We were wondering whether an adoption of the lifecycle is possible and useful for real small development teams, e.g., for a single developing person. In order to find out, we have done a practical test, i.e., we have used the MS-SDL for the development of a small, but real-world software project. The findings will be presented in this paper.

Original language	English
Title of host publication	13th International Conference on Integration and Web-based Applications & Services (iiWAS), 05.-07.12.11, Ho Chi Minh City, Vietnam
Number of pages	10
Publication status	Published - Dec 2011

Fields of science

102 Computer Sciences
102009 Computer simulation
102015 Information systems
102026 Virtual reality
102027 Web engineering
202022 Information technology
502050 Business informatics

Software Security
Sametinger, J. (PI)
01.01.2009 → 31.12.2026
Project: Other › Project from scientific scope of research unit

Cite this

@inproceedings{04a8f614800841c99a5680e429de2c40,

title = "Software Security for Small Development Teams - A Case Study",

abstract = "Microsoft is developing wide-spread software solutions like the Windows operating system and the Office suite. In order to improve security of their products, they have introduced the Microsoft Security Development Lifecycle (MS-SDL). Ample documentation about the MS-SDL is available, thus, allowing other companies to adopt the lifecycle as well. We were wondering whether an adoption of the lifecycle is possible and useful for real small development teams, e.g., for a single developing person. In order to find out, we have done a practical test, i.e., we have used the MS-SDL for the development of a small, but real-world software project. The findings will be presented in this paper.",

author = "Johannes Sametinger and Andreas Wiesauer and Michael Kainerstorfer",

year = "2011",

month = dec,

language = "English",

booktitle = "13th International Conference on Integration and Web-based Applications \& Services (iiWAS), 05.-07.12.11, Ho Chi Minh City, Vietnam",

}

Software Security for Small Development Teams - A Case Study. / Sametinger, Johannes; Wiesauer, Andreas; Kainerstorfer, Michael.
13th International Conference on Integration and Web-based Applications & Services (iiWAS), 05.-07.12.11, Ho Chi Minh City, Vietnam. 2011.

Research output: Chapter in Book/Report/Conference proceeding › Conference proceedings › peer-review

TY - GEN

T1 - Software Security for Small Development Teams - A Case Study

AU - Sametinger, Johannes

AU - Wiesauer, Andreas

AU - Kainerstorfer, Michael

PY - 2011/12

Y1 - 2011/12

N2 - Microsoft is developing wide-spread software solutions like the Windows operating system and the Office suite. In order to improve security of their products, they have introduced the Microsoft Security Development Lifecycle (MS-SDL). Ample documentation about the MS-SDL is available, thus, allowing other companies to adopt the lifecycle as well. We were wondering whether an adoption of the lifecycle is possible and useful for real small development teams, e.g., for a single developing person. In order to find out, we have done a practical test, i.e., we have used the MS-SDL for the development of a small, but real-world software project. The findings will be presented in this paper.

AB - Microsoft is developing wide-spread software solutions like the Windows operating system and the Office suite. In order to improve security of their products, they have introduced the Microsoft Security Development Lifecycle (MS-SDL). Ample documentation about the MS-SDL is available, thus, allowing other companies to adopt the lifecycle as well. We were wondering whether an adoption of the lifecycle is possible and useful for real small development teams, e.g., for a single developing person. In order to find out, we have done a practical test, i.e., we have used the MS-SDL for the development of a small, but real-world software project. The findings will be presented in this paper.

M3 - Conference proceedings

BT - 13th International Conference on Integration and Web-based Applications & Services (iiWAS), 05.-07.12.11, Ho Chi Minh City, Vietnam

ER -

Software Security for Small Development Teams - A Case Study

Abstract

Fields of science

Projects

Software Security

Cite this