SECURE SOFTWARE DEVELOPMENT LIFECYCLE: A CASE FOR ADOPTION IN SOFTWARE SMES

Abstract

Software is widely deployed and used for managing critical daily domestic, social, and economic activities. Due to software’s economic value, software is a high-value target of malicious actors and a primary source of many information security vulnerabilities. Software must be engineered to be secure because of its value. Traditional approaches to software security treat software as an addon and have been proven inadequate at producing secure software. Practicing the secure software development lifecycle (SSDLC) is recommended in academic literature. Software SMEs must adopt and practice the SSDLC for increased security of published software. This paper explores the SSDLC and makes a case for its adoption with the goal of informing security decision-makers of Software SMEs.