Receive a 20% Discount on All Purchases Directly Through IGI Global's Online Bookstore.
Additionally, libraries can receive an extra 5% discount. Learn More

Special Offers
- Subscribe to the latest research through IGI Global's new InfoSci-OnDemand Plus
  InfoSci®-OnDemand Plus, a subscription-based service, provides researchers the ability to access full-text content from over 100,000 peer-reviewed book chapters and 26,000+ scholarly journal articles covering 11 core subjects. Users can select articles or chapters that meet their interests and gain access to the full content permanently in their personal online InfoSci-OnDemand Plus library.
  Subscribe
- Purchase the Encyclopedia of Information Science and Technology, Fourth Edition
  and Receive Complimentary E-Books of Previous Editions
  When ordering directly through IGI Global's Online Bookstore, receive the complimentary e-books for the first, second, and third editions with the purchase of the Encyclopedia of Information Science and Technology, Fourth Edition e-book.
  Purchase
- Create a Free IGI Global Library Account to Receive a 25% Discount on All Purchases
  Exclusive benefits include one-click shopping, flexible payment options, free COUNTER 4 and MARC records, and a 25% discount on all titles as well as the award-winning InfoSci^®-Databases.
  Sign Up Now!
- InfoSci^®-Journals Annual Subscription Price for New Customers: As Low As US$ 5,100
  This collection of over 175 e-journals offers unlimited access to highly-cited, forward-thinking content in full-text PDF and HTML with no DRM. There are no platform or maintenance fees and a guarantee of no more than 5% increase annually.
  Learn More
- Discounted Titles Only Available through IGI Global’s Online Bookstore
  Take 20% off all publications purchased directly through the IGI Global Online Bookstore.
  
  Shop Now
Books
Journals
InfoSci^®-Databases
Articles/Chapters
Publish with Us
Resources
- - Instructors
  - Course Adoption
  - Teaching Cases
  - Researchers
  - Browse Books
  - Browse Journals
  - Streaming Videos
  - OnDemand Downloads
  - Webinars
  - Authors and Editors
  - eEditorial Discovery^® System
  - Peer Review Process
  - Ethics and Malpractice
  - Fair Use Policy
  - Copy Editing Service
  - FAQ
  - Distributors
  - Distributor Resources
  - Book Distributors
  - Journal Subscription Agencies
  - E-Resource Partners
Catalogs
About Us
Newsroom

State of Practice in Secure Software: Experts’ Views on Best Ways Ahead

Bill Whyte (Independent consultant, UK) and John Harrison (LanditD, UK)

Source Title: Software Engineering for Secure Systems: Industrial and Research Perspectives

DOI: 10.4018/978-1-61520-837-1.ch001

OnDemand PDF Download:

$30.00

List Price: $37.50

Abstract

The authors present a synthesis of expert views on some important actions to improve the state of practice in secure software. The main conclusions are: the skill base is lacking; business cases for security good practice are poorly developed: choosing between different ‘good practices’ is difficult; research will only have impact if compatible with the commercial environment of developers and their existent skills. The study is grounded on experiences as panel moderators, rapporteurs and report writers involved in drafting the views of experts. Some research directions are indicated.

Chapter Preview

Top

Background

Proper selection of methodology for acquiring, authoritative views in the area of applied technology is often insufficiently addressed, with a failure to employ research methods that are properly grounded, with issues such as ‘observation’ versus ‘theory’ [O’HEAR] not separated out. At worst, observation simply consists of an unrepresentative sampling of journal papers or online search, and theory simply the biased views of the enquirer, and in neither case with the investigator’s views subject to proper ‘closed-loop’ feedback. To avoid this as far as possible and although we do make use of open-loop sources, our findings are weighted towards first-hand encounters with a number of peer-reviewed activities involving experts in secure software development. In the course of these encounters we have sometimes been involved in drafting (and redrafting) reports summarizing consensus views on the subject. What is, and what is not, said, and the manner in which the discussions proceed during this consensus building, can give additional insight into the debate.

Prominent among these was participation in a UK Department of Trade and Industry (DTI) Global Watch Initiative, in January 2006 [GWM]. The Global Watch team comprised a small body of experts who met a wide range of influential academic and governmental representatives and senior staff in leading software companies in California and Washington State.

Complete Chapter List

Search this Book:

Reset

MLA

APA

Chicago

Export Reference

State of Practice in Secure Software: Experts’ Views on Best Ways Ahead

Abstract

Background

Complete Chapter List