loading page

A SWOT Analysis of Software Development Life Cycle Security Metrics
  • +2
  • Rafiq Ahmad Khan,
  • Ayesha Khalid,
  • Mushtaq Raza,
  • Palwasha Afsar,
  • Hanif Ur Rehman
Rafiq Ahmad Khan
Northwestern Polytechnical University School of Software and Microelectronics

Corresponding Author:rafiqahmadk@gmail.com

Author Profile
Ayesha Khalid
Abdul Wali Khan University Mardan
Author Profile
Mushtaq Raza
Abdul Wali Khan University Mardan
Author Profile
Palwasha Afsar
Abdul Wali Khan University Mardan
Author Profile
Hanif Ur Rehman
Abdul Wali Khan University Mardan
Author Profile

Abstract

Cybersecurity is an ongoing and critical concern because of the constant and persistent threats from malicious actors such as hackers and crackers. The widespread use of software systems has revolutionized modern society in various aspects, but it has also brought forth new challenges in safeguarding sensitive and confidential information with the evolution of information and communication technology (ICT). Quantifying security measures can provide evidence to support decision-making in software security, especially when it comes to evaluating the security performance of software systems. This involves understanding the main quality criteria of security metrics, which can aid in building security metrology models based on practical requirements. To further explore this topic, this study conducted a systematic literature review of security metrics and measures in the context of Secure Software Development (SSD). The study selected 61 research studies based on specific inclusion and exclusion criteria and extracted data from the selected articles. The study identified 215 software security metrics, which were then categorized based on Software Development Life Cycle (SDLC) phases. To evaluate the effectiveness of the most commonly cited metrics in each phase, the study applied a SWOT analysis to highlight their strengths, weaknesses, opportunities, and threats. The findings of this study offer valuable guidance to diligent and motivated researchers to investigate emerging research trends and address existing gaps in Secure Software Development. Furthermore, this investigation provides software professionals with a more comprehensive understanding of security measurements, constraints, and open-ended specific and general issues.
04 Jun 2023Submitted to Journal of Software: Evolution and Process
05 Jun 2023Submission Checks Completed
05 Jun 2023Assigned to Editor
08 Jun 2023Reviewer(s) Assigned
23 Jun 2023Review(s) Completed, Editorial Evaluation Pending
24 Jul 2023Editorial Decision: Revise Major
27 Sep 20231st Revision Received
28 Sep 2023Submission Checks Completed
28 Sep 2023Assigned to Editor
05 Oct 2023Reviewer(s) Assigned
30 Oct 2023Review(s) Completed, Editorial Evaluation Pending
22 Sep 20242nd Revision Received
12 Oct 2024Submission Checks Completed
12 Oct 2024Assigned to Editor
25 Oct 2024Reviewer(s) Assigned
30 Oct 2024Review(s) Completed, Editorial Evaluation Pending
30 Oct 2024Editorial Decision: Accept