Skip to Main Content
Software today is critical in every domain of society and business and it is paramount that this software be secure. Traditionally, the disciplines of software engineering and security engineering have worked in separate silos, and when system requirements conflict with retrofitted security mechanisms, vulnerabilities result. We argue that security engineering and software engineering can be addressed together, and we propose an integrated model that aligns and entwines these processes. We present insights from applying this secure software engineering model in a software development project, and discuss implications for further research in secure software engineering.
Date of Conference: 4-7 May 2008