Skip to Main Content
The number of security errors and vulnerabilities can be reduced if a secure software development process (SSDP) is followed. Such a SSDP must cater for security aspects during each phase of development. In this paper, we present a new process that provides ways of addressing security concerns and incorporating security decisions throughout the software development process. Our process has two views: activity and artifact. The activity view presents development activities performed during requirements engineering, design, implementation, and assurance phases. The artifact view, on the other hand, identifies the relationships among the various SSDP artifacts that are produced during development.