Meta-Modeling Based Secure Software Development Processes

Meta-Modeling Based Secure Software Development Processes

Mehrez Essafi (University of Manouba, Tunisia) and Henda Ben Ghezala (University of Manouba, Tunisia)
DOI: 10.4018/978-1-4666-8473-7.ch024
OnDemand PDF Download:
No Current Special Offers


This work suggests a multilevel support to software developers, who often lack knowledge and skills on how to proceed to develop secure software. In fact, developing software with such quality is a hard and complex task that involves many additional security-dedicated activities which are usually omitted in traditional software development lifecycles or integrated but not efficiently and appropriately deployed in some others. To federate all these software security-assurance activities in a structured way and provide the required guidelines for choosing and using them in a flexible development process, authors used meta-modeling techniques and dynamic process execution that consider developer's affinities and product's states. The proposed approach formalizes existing secure software development processes, allows integration of new ones, prevents ad-hoc executions and is supported by a tool to facilitate its deployment. A case study is given here to exemplify the proposed approach application and to illustrate some of its advantages.
Chapter Preview

According to, McGraw’s book (2006), “The software security field is a relatively new one. The first book and academic class on the topic appeared in 2001(Viega & McGraw 2001), demonstrating how recent developers, architects and computer scientists have started systematically studying how to build secure software. The field’s recent appearance is one reason why best practices are neither widely adopted nor obvious” (pp. 94).

Complete Chapter List

Search this Book: