To see the other types of publications on this topic, follow the link: Software product security.
Journal articles on the topic 'Software product security'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Software product security.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Rasheed, Hassan. "Vulnerability distribution scoring for software product security assessment." International Journal of Information and Computer Security 6, no. 3 (2014): 270. http://dx.doi.org/10.1504/ijics.2014.066653.
Full text
2
Mellado, Daniel, Eduardo Fernández-Medina, and Mario Piattini. "Security requirements engineering framework for software product lines." Information and Software Technology 52, no. 10 (2010): 1094–117. http://dx.doi.org/10.1016/j.infsof.2010.05.007.
Full text
3
Hussain, Shariq, Haris Anwaar, Kashif Sultan, et al. "Mitigating Software Vulnerabilities through Secure Software Development with a Policy-Driven Waterfall Model." Journal of Engineering 2024 (February 21, 2024): 1–15. http://dx.doi.org/10.1155/2024/9962691.
Full textAbstract:
For the past few years, software security has become a pressing issue that needs to be addressed during software development. In practice, software security is considered after the deployment of software rather than considered as an initial requirement. This delayed action leads to security vulnerabilities that can be catered for during the early stages of the software development life cycle (SDLC). To safeguard a software product from security vulnerabilities, security must be given equal importance with functional requirements during all phases of SDLC. In this paper, we propose a policy-driven waterfall model (PDWM) for secure software development describing key points related to security aspects in the software development process. The security requirements are the security policies that are considered during all phases of waterfall-based SDLC. A framework of PDWM is presented and applied to the e-travel scenario to ascertain its effectiveness. This scenario is a case of small to medium-sized software development project. The results of case study show that PDWM can identify 33% more security vulnerabilities as compared to other secure software development techniques.
4
Zhang, Zan, Guofang Nan, and Yong Tan. "Cloud Services vs. On-Premises Software: Competition Under Security Risk and Product Customization." Information Systems Research 31, no. 3 (2020): 848–64. http://dx.doi.org/10.1287/isre.2019.0919.
Full textAbstract:
Because of its on-demand feature and flexible pay-as-you-go mechanism, cloud service dramatically reduces the up-front information technology expenses that may deter many clients from implementing on-premises software. The associated security risks and low customization capability, however, create challenges for the adoption of cloud service. We study the competitive implications of security risks and customization capability on consumer purchase choices and vendors’ pricing and investment strategies. Although cloud services are perceived to be more vulnerable to cyberattack, our results demonstrate that in high-security-loss environments, using cloud service yields a lower average expected loss for consumers as compared with on-premises software. By endogenizing vendors’ investment decisions, our investigation highlights that the cloud vendor does not necessarily economically benefit from investing in addressing cloud security, especially in low-security-loss environments. We also find that the on-premises vendor’s security and customization investments act as strategic substitutes in low-security-loss environments and, under certain conditions, complement in high-security-loss environments. We further examine welfare-maximizing security investments and find that the socially optimal investment requires greater effort to improve cloud security in low-security-loss environments and to improve on-premises software security in high-security-loss environments.
5
Rianat Abbas, Sunday Jacob Nwanyim, Joy Awoleye Adesina, Augustine Udoka Obu, Adetomiwa Adesokan, and Jeremiah Folorunso. "Secure by design - enhancing software products with AI-Driven security measures." Computer Science & IT Research Journal 6, no. 3 (2025): 184–200. https://doi.org/10.51594/csitrj.v6i3.1880.
Full textAbstract:
As cyber threats continue to evolve in scale and complexity, traditional reactive security measures no longer suffice. This study explores the integration of AI-driven security within the Secure by Design framework as a forward-looking approach to building inherently secure digital products across industries. Rather than treating security as an afterthought, Secure by Design embeds protective mechanisms—such as encryption, predictive analytics, and real-time threat detection—throughout the product development lifecycle. This research employs quantitative design, surveying 203 professionals from sectors including finance, software development, agriculture, and construction. It investigates the adoption, effectiveness, and challenges of AI-powered security measures, using machine learning algorithms to analyze key security features. The findings reveal that encryption, predictive security, and automated response systems are the most impactful components in strengthening product security. The model achieved a strong performance with an accuracy of 79%, though challenges such as false positives and integration complexity persist. Despite growing awareness, many organizations still address security reactively, with only 14.8% incorporating it during the design phase. Barriers such as limited awareness, cost, and complexity continue to slow adoption. However, 74.9% of respondents express openness to deeper AI integration in future product developments, highlighting optimism about its potential. This study reinforces the need for a proactive shift in security practices, where AI not only supports real-time threat detection but also future-proofs products in an increasingly hostile cyber landscape. By embedding AI into the design phase, organizations can reduce attack surfaces, comply with regulatory demands, and build stakeholder trust. Future research should explore industry-specific implementations, autonomous AI systems in low-tech environments, and the scalability of cross-sector security frameworks. Keywords: Secure by Design, AI-Driven Security, Encryption, Predictive Threat Detection, Machine Learning, Product Development.
6
Peldszus, Sven, Daniel Strüber, and Jan Jürjens. "Model-based security analysis of feature-oriented software product lines." ACM SIGPLAN Notices 53, no. 9 (2020): 93–106. http://dx.doi.org/10.1145/3393934.3278126.
Full text
7
Mellado, Daniel, Eduardo Fernández-Medina, and Mario Piattini. "Towards security requirements management for software product lines: A security domain requirements engineering process." Computer Standards & Interfaces 30, no. 6 (2008): 361–71. http://dx.doi.org/10.1016/j.csi.2008.03.004.
Full text
8
Raschke, Wolfgang, Massimiliano Zilli, Philip Baumgartner, Johannes Loinig, Christian Steger, and Christian Kreiner. "Balancing Product and Process Assurance for Evolving Security Systems." International Journal of Secure Software Engineering 6, no. 1 (2015): 47–75. http://dx.doi.org/10.4018/ijsse.2015010103.
Full textAbstract:
At present, security-related engineering usually requires a big up-front design (BUFD) regarding security requirements and security design. In addition to the BUFD, at the end of the development, a security evaluation process can take up to several months. In today's volatile markets customers want to be able to influence the software design during the development process. Agile processes have proven to support these demands. Nevertheless, there is a clash between traditional security design and evaluation processes. In this paper, the authors propose an agile security evaluation method for the Common Criteria standard. This method is complemented by an implementation of a change detection analysis for model-based security requirements. This system facilitates the agile security evaluation process to a high degree. However, the application of the proposed evaluation method is limited by several constraints. The authors discuss these constraints and show how traditional certification schemes could be extended to better support modern industrial software development processes.
9
Lienkov, Serhii, Volodymyr Dzhuliy, Oleksandr Yavorskyi, and Kostyantyn Zatsepin. "Information security model of functioning software." Smart technologies: Industrial and Civil Engineering 2, no. 15 (2024): 31–45. https://doi.org/10.32347/st.2024.2.1202.
Full textAbstract:
The paper systematizes the models of reliable and safe functioning of the software. As a result of the research, three types of models were identified: analytical; statistical; empirical. A number of the most frequently used models are considered, and their disadvantages and advantages are highlighted from the point of view of solving the problem of describing the safe functioning of a software product and recognizing malicious software. According to the results of the research, the considered models have advantages in terms of the simplicity of their practical implementation, but at the same time, the following disadvantages are highlighted: some of the considered models require a large amount of computing resources when implemented - for security analysis and accumulation of archival data; the use of statistical and probabilistic models of assumptions that the intensity of attacks/failures or the number of errors in software have a pre-known distribution (binomial, standard or Poisson), which is not always true for real processes and systems; there is no division into software failures and failures due to cyber attacks, zero-day vulnerabilities are also not taken into account; memory accesses of the investigated software are not analyzed, which could provide important information about its legitimacy or the presence of malicious functions; none of the considered models provides a comprehensive representation of the process of software functioning, including, there is no analysis from the information security side. The task of recognizing malicious software is becoming more and more relevant and difficult every year in connection with the digitalization of human activities and the use of software for the execution of business logic and technical processes in complex systems. As a result, the larger the volume of software in the system, the more errors there are potentially, and due to the connection of modern systems to the Internet, the software is often distributed over the network, which allows attackers to create new vectors of cyber attacks on systems. The proposed model of safe functioning of the software product should eliminate the shortcomings inherent in the considered models. The proposed model eliminates the mentioned shortcomings due to the fact that it takes into account the characteristic features of the manifestation of malicious software on devices, namely the impact of malicious software on the computing resources of the system and working with RAM. This allows the developed model to take into account both the reliability of software operation and security. In terms of the model, the criteria for the safe functioning of the software are formulated, it is concluded that for the most effective implementation of such a model in practice, a hypervisor should be used.
10
Nazarenko, M. A., A. I. Gorobets, D. V. Miskov, V. V. Muravyev, and A. S. Novikov. "ANTIVIRUS SOFTWARE AND INDUSTRIAL CYBER SECURITY SYSTEM CERTIFICATION IN RUSSIA." Russian Technological Journal 7, no. 1 (2019): 48–56. http://dx.doi.org/10.32362/2500-316x-2019-7-1-48-56.
Full textAbstract:
The article is dedicated to issues in certification of antivirus software and industrial cyber security systems. It was shown that certification time in Russia is much longer than in the USA, European Union and Germany. The life time and the development time of products of this field were analyzed in the article. Each variable was specified for new products and for new versions of existing products. Some statistical methods were used in the article: Cronbach’s alfa, t-statistics, and median value similarity that are typical for the articles in quality management. As a result, it was found that certification time in Russia for industrial cyber security systems is significantly longer than in other analyzed countries, up to three-fold. Product development and life time are also longer. However, the most important result is that certification in Russia adds from 32.1 to 40 percent of time to the development of a new version or a new product, correspondingly, whereas in other investigated countries these numbers are about 17 percent. Reduction of certification time will increase new product development efficiency in the field of cyber security, which will improve positions of Russian products at the international mark et.
11
Mellado, D., E. Fernandez-Medina, and M. Piattini. "Applying a Security Domain Requirements Engineering Process for Software Product Lines." IEEE Latin America Transactions 6, no. 3 (2008): 298–305. http://dx.doi.org/10.1109/tla.2008.4653861.
Full text
12
Spafford, Eugene. "Hacker Challenges in Security Product Testing." EDPACS 23, no. 11 (1996): 14–16. http://dx.doi.org/10.1080/07366989609451392.
Full text
13
Savola, Reijo, Christian Frühwirth, and Ari Pietikäinen. "Risk-Driven Security Metrics in Agile Software Development - An Industrial Pilot Study." JUCS - Journal of Universal Computer Science 18, no. (12) (2012): 1679–702. https://doi.org/10.3217/jucs-018-12-1679.
Full textAbstract:
The need for effective and efficient information security solutions is steadily increasing in the software industry. Software and system developers require practical and systematic approaches to obtain sufficient and credible evidence of the security level in the system under development in order to guide their efforts and ensure the efficient use of resources. We present experiences of developing and using hierarchical security metrics and measurements in an industrial pilot study at Ericsson Finland. The pilot focused on risk-driven security design and implementation in the context of an Agile software development process. The pilot target was a well-established telecommunications product of Ericsson and a core component in modern mobile networks. The results of the study demonstrate the practical potential of risk-driven security metrics, particularly in offering some early visibility of security effectiveness and efficiency. Hierarchical metrics models enable the linking of security objectives with detailed measurements. Security metrics visualization was found to play a crucial role in increasing the manageability of metrics. We also found that the practical means of managing larger collections of metrics and measurements are more essential than individual security metrics. A major challenge in the use of risk-driven security metrics is the lack of evidence for security effectiveness evidence in the early phases of product development and Risk Analysis, when the needs for it are at their greatest.
14
Dziatkovskii, Anton, and Uladzimir Hryneuski. "The possibilities of ensuring the security of the software product in the conditions of unauthorized access." Economic Annals-ХХI 189, no. 5-6(1) (2021): 90–100. http://dx.doi.org/10.21003/ea.v189-09.
Full textAbstract:
Ensuring the security of a software product in the conditions of large companies, taking into account confidential financial and corporate data, is quite an urgent topic in 2021-2023. Over the past year, the number of leaks of confidential information reached a historic peak, together with cyber attacks, and amounts to 114 identified cases. In modern conditions, software security testing is aimed at identifying security errors and design flaws at all stages of the software development lifecycle. At the same time, at the design stage, this type of work should be provided in order to facilitate the implementation of these characteristics in the final version of the security-related system. Research has shown that there is a wide range of opportunities for developing and using security testing software. These options may differ in implementation technologies, cost and other tactical and technical indicators, characteristics of individual elements, and so on. The main task of developing a software security testing method is to develop, improve and select models, methods and tools that belong to a subset and provide maximum software security indicators. Our approach allows us to prevent any penetration into the information system, while maintaining 100% security of confidential files and the system as a whole. The threat prevention model works with the help of proactive technology, and if you calculate the economic effect of these measures, it can be different, depending on the value of the enterprise’s information itself, and can also be calculated in millions of US dollars. The reliability of the results of mathematical modelling of technologies for creating and implementing «penetration testing» tools is evaluated. The experimental results showed that for all the studied data types, the confidence probability that the value of the statistical value «does not deviate» from the mathematical expectation by more than 1 is 0.94.
15
Njuki, Jane Wanjiru, Geoffrey Muchiri Muketha, and John Gichuki Ndia. "An Extended Security Measurement Framework for Open-Source Enterprise Resource Planning Software Security." International Journal of Network Security & Its Applications 14, no. 5 (2022): 51–63. http://dx.doi.org/10.5121/ijnsa.2022.14505.
Full textAbstract:
Modern organizations are adopting new ways of measuring their level of security for compliance and justification of security investments. The highly interconnected environment has seen organizations generate lots of personal information and sensitive organizational data. Easiness in automation provided by open-source enterprise resource planning (ERP) software has accelerated its acceptability. The study aimed at developing a security measurement framework for open-source ERP software. The motivation was twofold: paradigm shift towards open-source ERP software and the need for justified investment on information security. Product quality evaluation method based on ISO 25010 framework guided the selection of attributes and factors. A security measurement framework with security posture at the highest level, attributes and factors was developed presenting a mechanism for assessing organization’s level of security. Security posture promotes customers’ confidence and gives management means to leverage resources for information security investment. The future work includes definition of metrics based on the framework.
16
Jane, Wanjiru Njuki, Muchiri Muketha Geoffrey, and Gichuki Ndia John. "AN EXTENDED SECURITY MEASUREMENT FRAMEWORK FOR OPEN-SOURCE ENTERPRISE RESOURCE PLANNING SOFTWARE SECURITY." International Journal of Network Security & Its Applications (IJNSA) 14, no. 5 (2022): 51–63. https://doi.org/10.5281/zenodo.7251190.
Full textAbstract:
Modern organizations are adopting new ways of measuring their level of security for compliance and justification of security investments. The highly interconnected environment has seen organizations generate lots of personal information and sensitive organizational data. Easiness in automation provided by open-source enterprise resource planning (ERP) software has accelerated its acceptability. The study aimed at developing a security measurement framework for open-source ERP software. The motivation was twofold: paradigm shift towards open-source ERP software and the need for justified investment on information security. Product quality evaluation method based on ISO 25010 framework guided the selection of attributes and factors. A security measurement framework with security posture at the highest level, attributes and factors was developed presenting a mechanism for assessing organization’s level of security. Security posture promotes customers’ confidence and gives management means to leverage resources for information security investment. The future work includes definition of metrics based on the framework.
17
Kelin, A. R. Darshika, B. Nagarajan, Sasikumar Rajendran, and Muthumari S. "Automatic Bug Classification System to Improve the Software Organization Product Performance." International Journal of Sociotechnology and Knowledge Development 14, no. 1 (2022): 1–17. http://dx.doi.org/10.4018/ijskd.310066.
Full textAbstract:
Consistently, many bugs are raised, which are not completely settled, and countless designers are utilizing open sources or outsider assets, which prompts security issues. Bug-triage is the impending mechanized bug report framework to appoint individual security teams for a more than adequate pace of bug reports submitted from various IDEs inside the association (on-premises). We can lessen the time and cost of bug following and allocate it to the fitting group by foreseeing which division it has a place in within an association. In this paper, the authors are executing an automatic bug tracking system (ABTS) to allocate the group for the revealed bug involving the text examination for bug naming and characterization AI calculation for anticipating designer. Hybrid natural language processing and machine learning techniques are used for automatic bug identification to improve the performance of software organization products.
18
Oleh Polihenko, Roman Odarchenko, and Sergiy Gnatyuk. "ENTERPRISE INFORMATION SECURITY MANAGEMENT SYSTEM BASED ON THE MODERN OBFUSCATION TECHNIQUE FOR MOBILE NETWORK OPERATORS." European Cooperation 3, no. 47 (2020): 43–52. http://dx.doi.org/10.32070/ec.v3i47.89.
Full textAbstract:
In today's realities, with constantly developing information technologies (IoT, 5G, Big Data, Cloud technologies, etc.), software protection is an urgent issue in the field of information security for each small, medium, or big enterprise. Also, software protection is a very important task for such enterprises, as mobile network operators, which, in order to ensure leadership in the market, produce a large number of modern unique software products for their own needs. Moreover, the software is the intellectual property of the enterprises, which developed it. The software is the intellectual property of both large corporations and small companies. The low reliability of software protection for enterprises is associated with a rather complex and time-consuming process, as well as with a number of technical limitations, which contributes to the thriving of computer piracy, inflicts colossal losses on IT companies and, of course, the state as a whole. Therefore, the development of a new effective method of software protection, for the moment, is a priority in the field of information security, and new methods and techniques of software protection are needed for all specialized companies, which develop paid software. Nowadays there are many different approaches to solving this problem. These are encryption, watermarking, etc., but no one gives guaranteed results. That's why modern companies engaged in software development, should provide their customers with a more secure information product. In this paper, the authors have provided the improved, more effective obfuscation method, based on a new sequence of obfuscation transformations. This method allows providing software protection of the enterprises from reverse engineering. To ensure the effectiveness of the proposed method, the authors have developed a special software product, based on cycles of operation and the creation of pseudocode to protect other software products. In the process of writing this article, studies were conducted that showed the following results. The product has become approximately 1.4 times more secure, and the obfuscation rate has increased by 10 percent. Based on the foregoing, the developed method can be followed to complicate the decoding process of existing software products used in various enterprises. In the future, it is planned to implement additional obfuscation transformations, as well as a comparative analysis with existing obfuscation programs.
19
Семенов, С. Г., Чжан Ліцзян, Цао Вейлінь, and В. В. Давидов. "Development of protecting a software product mathematical model from unlicensed copying based on the GERT method." Системи обробки інформації, no. 1(164) (March 17, 2021): 73–82. http://dx.doi.org/10.30748/soi.2021.164.08.
Full textAbstract:
The subject of the research is methods and algorithms for developing the GERT networks that provide a hidden transition along the branches of the control logic graph and the ability to encode digital watermarks in the context of existing threats to the licensing security of software systems. The aim of the work is to develop a system of a software product licensed security based on hidden transition algorithms in GERT networks that carry the properties of digital watermarks. The article solves the following goal: development of a model of a software licensed security system based on the developed algorithms using GERT networks. Methods of mathematical modeling, numerical experiment, complexity theory and cryptography are used. The following results were obtained: on the basis of the analysis of existing models for ensuring software licensed security, the main requirements for the algorithms synthesized within the framework of the developed model, as well as for the machine implementation of the algorithm, were identified. Based on the investigation of existing watermark systems, methods of attack on them, as well as the requirements put forward for the developed model, a licensing security algorithm was formed based on the watermark system. Conclusions: for the first time, algorithms for safe transition in GERT-networks were developed, which are used as a graph of the control logic of a software product. This logic is implemented depending on the identification or serial number; a model of a licensed security system has been developed, which has not only empirical, but also theoretical substantiation of resistance to attacks by an intruder.
20
Castro, Thiago, Leopoldo Teixeira, Vander Alves, Sven Apel, Maxime Cordy, and Rohit Gheyi. "A Formal Framework of Software Product Line Analyses." ACM Transactions on Software Engineering and Methodology 30, no. 3 (2021): 1–37. http://dx.doi.org/10.1145/3442389.
Full textAbstract:
A number of product-line analysis approaches lift analyses such as type checking, model checking, and theorem proving from the level of single programs to the level of product lines. These approaches share concepts and mechanisms that suggest an unexplored potential for reuse of key analysis steps and properties, implementation, and verification efforts. Despite the availability of taxonomies synthesizing such approaches, there still remains the underlying problem of not being able to describe product-line analyses and their properties precisely and uniformly. We propose a formal framework that models product-line analyses in a compositional manner, providing an overall understanding of the space of family-based, feature-based, and product-based analysis strategies. It defines precisely how the different types of product-line analyses compose and inter-relate. To ensure soundness, we formalize the framework, providing mechanized specification and proofs of key concepts and properties of the individual analyses. The formalization provides unambiguous definitions of domain terminology and assumptions as well as solid evidence of key properties based on rigorous formal proofs. To qualitatively assess the generality of the framework, we discuss to what extent it describes five representative product-line analyses targeting the following properties: safety, performance, dataflow facts, security, and functional program properties.
21
Iuganson, Andrei, and Danil Zakoldaev. "Approach to assessment of firmware security under fuzzy input data." Vestnik of Astrakhan State Technical University. Series: Management, computer science and informatics 2020, no. 1 (2020): 50–56. http://dx.doi.org/10.24143/2072-9502-2020-1-50-56.
Full textAbstract:
The article highlights the issues of security and software security, which turn to be secondary in the design and development of software tools in order to please the speedy launch 
 of the software product on the market. Due to the fact that the cost of eliminating security defects is higher in the late stages of design, the scientific problem of assessing software security under high uncertainty has been considered. The functional requirements for security of the firmware are given. A new approach is proposed for assessing the firmware security. The subject of research is a firmware designed to control various devices and microcontrollers. Based on GOST R 56939-2016 “Information security. Secure software development. General requirements” there have been developed the security requirements (qualitative and quantitative) for the embedded software, the assessment of which allows determining the level of security of the firmware as a whole. The fuzzy logic apparatus was used to optimize the assessment process in conditions of possible uncertainty, inconsistency, incompleteness and qualitative nature of the input data. The proposed method will help minimize the economic risks at the stages of operation and maintenance of embedded systems.
22
Rindell, Kalle, Sami Hyrynsalmi, and Ville Leppänen. "Case Study of Agile Security Engineering." International Journal of Secure Software Engineering 8, no. 1 (2017): 43–57. http://dx.doi.org/10.4018/ijsse.2017010103.
Full textAbstract:
Security concerns are increasingly guiding both the design and processes of software-intensive product development. In certain environments, the development of the product requires special security arrangements for development processes, product release, maintenance and hosting, and specific security-oriented processes and governance. Integrating the security engineering processes into agile development methods can have the effect of mitigating the agile methods' intended benefits. This article describes a case of a large ICT service provider building a secure identity management system for a sizable government agency. The project was a subject to strict security regulations due to the end product's critical role. The project was a multi-team, multi-site, standard-regulated security engineering and development work executed following the Scrum framework. The study reports the difficulties in combining security engineering with agile development, provides propositions to enhance Scrum for security engineering activities. Also, an evaluation of the effects of the security work on project cost presented.
23
Zhukovskaya, I. E. "Today’s Trends of Software Product Import-Substitution in Conditions of Economy Digitalization." Vestnik of the Plekhanov Russian University of Economics, no. 3 (May 23, 2024): 173–81. http://dx.doi.org/10.21686/2413-2829-2024-3-173-181.
Full textAbstract:
Today software import-substitution in spheres and sectors of Russian economy is a priority trend in state programs being realized in the Russian Federation. The author analyzed governmental decisions concerning software import-substitution, studied software introduced in substituting foreign software at enterprises of Russian economy, showed its developers and prospects of its development. Apart from that, the article underlined that by 2025 according to state programs home-made software shall be used by organizations related to entities of critical information infrastructure such as banking sector, missile and space industry, military-industrial complex, nuclear and mining industry, public health service, science, iron-and-steel making and chemicals industry. At the same time import-substitution policy in general promotes upgrading of the payments balance structure, development of the academic sector and innovation technologies, growth in effective communication with developers of economic projects, where software is functioning, increase in the level and diversity of means and methods of information security, technological independence, population employment, cutting risks and raising competitiveness of industries and sectors of Russian economy. In line with numerous positive moments import-substitution policy demonstrates such drawback as closeness from some innovation of global economy. However, in conditions of sanctions the development of our own software, its efficient use in economic entities can provides cyber-security and technological independence.
24
George, Sam, and K. David. "Security Strategies for Safe Dataand Content Access in OperationalModules of Product DataManagement Software." Journal of Cyber Security and Mobility 7, no. 1 (2018): 87–94. http://dx.doi.org/10.13052/jcsm2245-1439.717.
Full text
25
August, Terrence, Duy Dao, and Kihoon Kim. "Market Segmentation and Software Security: Pricing Patching Rights." Management Science 65, no. 10 (2019): 4575–97. http://dx.doi.org/10.1287/mnsc.2018.3153.
Full textAbstract:
The patching approach to security in the software industry has been less effective than desired. One critical issue with the status quo is that the endowment of “patching rights” (the ability for a user to choose whether security updates are applied) lacks the incentive structure to induce better security-related decisions. However, producers can differentiate their products based on the provision of patching rights. By characterizing the price for these rights, the optimal discount provided to those who relinquish rights and have their systems automatically updated in a timely manner, and the consumption and protection strategies taken by users in equilibrium as they strategically interact because of the security externality associated with product vulnerabilities, it is shown that the optimal pricing of these rights can segment the market in a manner that leads to both greater security and greater profitability. This policy greatly reduces unpatched populations and has a relative hike in profitability that is increasing in the extent to which patches are bundled together. Social welfare may decrease when automated patching costs are small because strategic pricing contracts usage in the market and also incentivizes loss-inefficient choices. However, welfare benefits when the policy either (1) greatly expands automatic updating in cases in which it is minimally observed or (2) significantly reduces the patching process burden of those who most value the software. This paper was accepted by Anandhi Bharadwaj, information systems.
26
Rozhnova, Tatyana, Valeriia Tomachynska, and Denis Korsun. "Life cycle models, principles and methodologies of software development." InterConf, no. 28(137) (December 20, 2022): 394–401. http://dx.doi.org/10.51582/interconf.19-20.12.2022.040.
Full textAbstract:
The development of software security in today's IT companies is considered in this article. The discussion focuses on the software life cycle, its models used to create a product, as well as the main principles and methodologies of software development, their key advantages and disadvantages. The optimum areas of using methodologies to achieve quality standards are investigated.
27
Yevhenii, Ivanchenko. "Fundamental Principles of Cybersecurity in The Software Testing Process." American Journal of Engineering and Technology 07, no. 04 (2025): 105–12. https://doi.org/10.37547/tajet/volume07issue04-14.
Full textAbstract:
The study examines the principles of ensuring cybersecurity during software testing. The focus is placed on the fact that testing should not be limited to validation checks but must also incorporate risk assessment, compliance with standards, and early-stage vulnerability analysis throughout the software development lifecycle. The study reviews key regulatory requirements (GDPR, HIPAA, PCI DSS, ISO/IEC 27001, NIST Cybersecurity Framework) and analyzes their impact on testing strategies and quality control processes. Special attention is given to the CIA triad (confidentiality, integrity, and availability) and proactive incident planning. The necessity of integrating automated tools (SAST/DAST, SIEM, RPA, etc.) and artificial intelligence algorithms is substantiated to optimize protection procedures and enhance vulnerability detection efficiency. The conclusions emphasize that achieving a high level of product resilience is only possible through the close alignment of security requirements with test scenarios and the continuous refinement of testing methodologies. The findings presented in this study will be of interest to researchers and professionals in information security, software testing specialists, and developers seeking to integrate advanced methods into the protection of information assets.
28
M, Savitha, and Dr Nagaraj G. Cholli. "Agile Methodologies In The Automotive Industry: A Comprehensive Survey." IOSR Journal of Mechanical and Civil Engineering 21, no. 5 (2024): 30–35. http://dx.doi.org/10.9790/1684-2105023035.
Full textAbstract:
The automotive industry is undergoing a major transformation driven by trends such as autonomous driving, connectivity, electrification, and rapid digitalization. This results in embracing agile software development practices and new digital architectures to accelerate development cycles and manage increasing complexity. This paper discusses the insights on the agile methodologies into automotive software procedures, extending agility beyond software units , integrating agile with product lines, addressing security concerns, and constructing advanced digital platforms for automotive systems also assessment models like ASPLA (Agile Software Product Line Adoption) for agile adoption in software product lines, and future research directions towards realizing the vision of intelligent, self-driving, connected vehicles through continuous evolutions in agile-based development processes, digital architectures complying with quality standards, cross-domain collaborations, and empirical validations
29
Oluwasanmi, Raphael Kolawole. "Managing Scope Creeps in Product Led Software-Based Organizations." Advances in Multidisciplinary & Scientific Research Journal Publication 12, no. 1 (2024): 75–84. http://dx.doi.org/10.22624/aims/digital/v12n1p6.
Full textAbstract:
Scope creep presents a significant challenge for project managers throughout the project lifecycle. It can lead to budget overruns and schedule delays. This paper explores how project managers, especially those in software development organizations can effectively manage and prevent scope creep during project execution. It delves into the various factors that can contribute to changes in a project's scope and the resulting impacts. Historically, project management has placed more emphasis on cost, time, and performance, with less attention given to scope change management. This paper presents multiple solutions for addressing scope creep. One proposed solution involves establishing a contract to freeze the project's scope during the planning phase. While this approach effectively prevents scope changes, it may not be feasible for many projects. Another suggestion, put forth by T.J. Jach and J.R. Coat in their work "Managing the Change Process on Projects: A Step-by-Step Guide," is to incorporate "escape clauses" into project plans. These clauses involve predetermined procedures and utilize cost- benefit analysis to determine when and if a scope change is necessary. This method offers a structured approach for evaluating the potential impacts of scope changes and can be quite effective. (Jayalath & Somarathna, 2021) Keyword: Scope Creep, Customer Satisfaction, Perception, Expectations, Uncertainty, Security, Software, Expectations
30
Giarratana, Marco S., and Andrea Fosfuri. "Product Strategies and Survival in Schumpeterian Environments: Evidence from the US Security Software Industry." Organization Studies 28, no. 6 (2007): 909–29. http://dx.doi.org/10.1177/0170840607075267.
Full textAbstract:
This paper seeks to explore the drivers of survival in environments characterized by high rates of entry and exit, fragmented market shares, rapid pace of product innovation and proliferation of young ventures. The paper aims to underscore the role played by post-entry product strategies, along with their interaction, after carefully controlling for `at entry' factors and demographic conditions. Based on a population of 270 firms that entered the US security software industry between 1989 and 1998, we find evidence that surviving entities are those that are more aggressive in the adoption of versioning and portfolio broadening strategies. In particular, focusing on any one of these two strategies leads to a higher probability of survival as opposed to adopting a mixed strategy.
31
Abunadi, Ibrahim, and Mamdouh Alenezi. "An Empirical Investigation of Security Vulnerabilities within Web Applications." JUCS - Journal of Universal Computer Science 22, no. (4) (2016): 537–51. https://doi.org/10.3217/jucs-022-04-0537.
Full textAbstract:
Building secure software is challenging, time-consuming, and expensive. Software vulnerability prediction models that identify vulnerable software components are usually used to focus security efforts, with the aim of helping to reduce the time and effort needed to secure software. Existing vulnerability prediction models use process or product metrics and machine learning techniques to identify vulnerable software components. Cross-project vulnerability prediction plays a significant role in appraising the most likely vulnerable software components, specifically for new or inactive projects. Little effort has been spent to deliver clear guidelines on how to choose the training data for project vulnerability prediction. In this work, we present an empirical study aiming at clarifying how useful cross-project prediction techniques are in predicting software vulnerabilities. Our study employs the classification provided by different machine learning techniques to improve the detection of vulnerable components. We have elaborately compared the prediction performance of five well-known classifiers. The study is conducted on a publicly available dataset of several PHP open-source web applications in the context of cross-project vulnerability prediction, which represents one of the main challenges in the vulnerability prediction field.
32
Valdés-Rodríguez, Yolanda, Jorge Hochstetter-Diez, Jaime Díaz-Arancibia, and Rodrigo Cadena-Martínez. "Towards the Integration of Security Practices in Agile Software Development: A Systematic Mapping Review." Applied Sciences 13, no. 7 (2023): 4578. http://dx.doi.org/10.3390/app13074578.
Full textAbstract:
Software development must be based on more than just the experience and capabilities of your programmers and your team. The importance of obtaining a quality product lies in the risks that can be exploited by software vulnerabilities, which can jeopardize organizational assets, consumer confidence, operations, and a broad spectrum of applications. Several methods, techniques, and models have been suggested and developed to address software security. However, only a few have solid evidence for creating secure software applications. The main objective of this paper is to survey the literature for methods or models suitable for considering the integration of security in all or some of the phases of the software development life cycle and which ones are most considered or neglected. This study represents the beginning of research to generate a methodology that integrates security practices in agile software development, allowing inexperienced developers to create more secure applications.
33
Neves, Ângelo, and Gisele Lemes Veiga Araujo. "Smart Automation for Enhancing Cyber-Security." Foresight and STI Governance 17, no. 1 (2023): 89–97. http://dx.doi.org/10.17323/2500-2597.2023.1.89.97.
Full textAbstract:
In an intelligent automation ecosystem, namely in the context of Robotic Process Automation, there is a need to review the development and operation processes and practices, to combine competences from these two areas with the common good necessary for any organization or security team. It is with security that quality, efficiency, and profitability become possible. The elaboration of guidelines and best practices for the application of a DevSecOps culture is currently essential for Agile software development at any organization. In the digitalization era, teams increasingly need a collaborative method to involve several competencies and capabilities, from analysis to implementation and the evolution of a software product. Information security needs to be an integral part throughout the entire product’s lifecycle, as without it, fundamental aspects of confidentiality, integrity, and availability put information and software security at serious risk in the course of business operations. Without losing focus on customer needs, it is necessary to model software development practices, following more agile methodologies. In this way, teams can model the software throughout its lifecycle, focusing on facilitating the delivery of value to the customer and having greater certainty that requirements, plans, and results are 100% aligned with customer needs. This paper presents an analysis and proposal for the continuous improvement of an intelligent automation platform at a large-scale multinational organization. In parallel, aspects that generate resistance to the implementation of a DevSecOps methodology within the scope of RPA code development is considered.
34
Mugarza, Imanol, Jose Luis Flores, and Jose Luis Montero. "Security Issues and Software Updates Management in the Industrial Internet of Things (IIoT) Era." Sensors 20, no. 24 (2020): 7160. http://dx.doi.org/10.3390/s20247160.
Full textAbstract:
New generation Industrial Automation and Control Systems (IACS) are providing advanced connectivity features, enabling new automation applications, services and business models in the Industrial Internet of Things (IIoT) era. Nevertheless, due to the extended attack surface and increasing number of cyber-attacks against industrial equipment, security concerns arise. Hence, these systems should provide enough protection and resiliency against cyber-attacks throughout their entire lifespan, which, in the case of industrial systems, may last several decades. A sound and complete management of security issues and software updates is fundamental to achieve such goal, since leading-edge security countermeasures implemented in the development phase may eventually become out-of-date. In this article, a review of the IEC 62443 industrial security standard concerning the security maintenance of IIoT systems and components is given, along with guidelines for the implementation of such processes. As concluded, the security issues and software updates management shall jointly be addressed by the asset owner, service providers and product suppliers. These security processes should also be compatible with the safety procedures established by safety standards.
35
Hani, Syeda Umema, and Abu Turab Alam. "Software Development for Information System - Achieving Optimum Quality with Security." International Journal of Information System Modeling and Design 8, no. 4 (2017): 1–20. http://dx.doi.org/10.4018/ijismd.2017100101.
Full textAbstract:
Information Systems acquisition, implementation, and development have been taking place in business organization to gain the competitive advantage. Rapid advancement of Technology is also popping up unethical issues involving violations of End users' data protection and privacy. This article discusses standard quality practices adhere to which a good quality software product is guaranteed while supporting the organizational strategic needs. It presents a framework that bridges Quality software development process improvement with strategic needs of an organization. Standard practices under consideration includes Capability Maturity Model for Development (CMMI-DEV) while using multi-model Process Improvement approach where an organization could use Balance Score Card technique while setting its strategic goals and monitoring their performance related to Information System development, and also link it with Information System management framework “Control Objectives for Information and Related Technology” (COBIT) - 5 released by Information Systems Audit and Control Association (ISACA), so that users could easily switch between the two standards. In last benefits are reported for using quality practices to realize attainment of competitive advantage.
36
Sreenivasa, Rao Sola. "Data Integrity with Oracle ERP Cloud's Product Data Hub: A Guide to Effective Governance." International Journal of Leading Research Publication 4, no. 10 (2023): 1–14. https://doi.org/10.5281/zenodo.15259101.
Full textAbstract:
The ERP solutions have seen great changes with cloud computing, better data analytics, security, and business efficiency. Cloud ERP software incorporates new technologies such as blockchain, AI, and cognitive analytics to improve procurement, data migration, and information security. The essay addresses the product of Oracle ERP Cloud's Product Data Hub (PDH) in data integrity and governance. It details best practices in right product data management, avoiding redundancy, and enabling decision-making through automated data structures. The research further explores security threats, migration options, and implementation issues of cloud ERP implementation. With the use of cutting-edge technology like edge analytics and multisource data integration, cloud ERP systems allow organizations to automate business processes, enhance financial planning, and reduce cyber security threats. This research emphasizes the importance of strategic implementation models to maximize the benefits of cloud-based ERP systems and address important challenges.
37
Aliyah, Siti Maslikhatun, Sugeng Purwanto, and Reiga Ritomiea Ariescy. "Analisis Keragaman Produk dan Keamanan terhadap Minat Beli pada Marketplace Sociolla di Surabaya." Al-Kharaj : Jurnal Ekonomi, Keuangan & Bisnis Syariah 6, no. 2 (2023): 2882–89. http://dx.doi.org/10.47467/alkharaj.v6i2.4153.
Full textAbstract:

 The rapid development of the internet currently has security threats to online transactions so that it becomes a challenge for companies to maintain consumer buying interest, one of which is by providing security guarantees and offering a variety of products. This research was conducted with the aim of analyzing the effect of product diversity and safety on consumer buying interest at the Sociolla marketplace in Surabaya. The approach used is quantitative with a purposive sampling technique of 117 respondents who know the Sociolla marketplace and are domiciled in Surabaya. The software used in the data analysis process is SmartPLS. The final results of the research show that product diversity and safety make a positive contribution to consumer buying interest.
 Keywords: product diversity; purchase intention; security
38
Kasım, Ömer. "Agile Software Development with Secure and Scrum-Centric Approach." AJIT-e: Academic Journal of Information Technology 15, no. 4 (2024): 292–308. https://doi.org/10.5824/ajite.2024.04.002.x.
Full textAbstract:
The fulfillment of agile models is crucial for ensuring that a software development project's tasks are completed efficiently and collaboratively. The definitions of the project architecture are usually performed in these models. Factors such as delivery time, cost and maintenance are determined. In traditional methods, project stages are carried out sequentially. After one of the stages is completed, another one is performed. When an innovation or change is attempted at any point in the project, some problems occur. These problems can generally be solved with Scrum agile methods, where communication is highlighted and processes are performed more flexibly. It is an undeniable fact that Scrum and security issues can be brought together when incorporating the Scrum strategy into software development models. In such a case, models are used that allow Security and Scrum to work within a framework. In this study, scientific studies based on scientific evidence aimed at eliminating incompatibilities in software development systematics were analyzed. The distribution of the publication years, the relation of scrum and security, the citation topic, the bibliometric maps and co-citation report are used in these analysis. In the result of these analyses, bibliometric and statistical analysis results of studies in the literature on software development that includes security principles with the Scrum model were revealed. When the results obtained in the experiments were examined, it was concluded that it was possible to develop secure software with an architecture in which Scrum and Security models were used together. During the software development phase, it enables proactive risk management by blending scrum and security elements. It also allows teams to detect security vulnerabilities during the software development phase. These facilitate the creation of a more secure and durable software product.
39
Bawane, Manjiri R., Madhavi S. Borkar, Payal R. Wawarkar, Sanika M. Shende, Heena K. Chandel, and Ketki R. Bhakare. "USB Key Based Antipiracy Solution." Journal of Advance Research in Computer Science & Engineering (ISSN: 2456-3552) 2, no. 2 (2015): 12–17. http://dx.doi.org/10.53555/nncse.v2i2.507.
Full textAbstract:
USBkey is a new kind of intelligent security product that comprises microprocessor and operation system. Computer software is intellectual property, and is protected by copyright law. This paper proposes a software protection method that utilizes efficient calculation ability and security space of USB key in environment, which combines protection methods, identity authentication and trusted computing technology. In this project we proposed to develop a hardware based solution to prevent software piracy. A hardware based system consist of physical device and hence cannot be shared over the internet and hence eliminates the flaws of conventional mechanisms discussed above.
40
Prakash, Satya, Abhishek Vaish, Natalie Coul, SaravanaKumar G, T. N. Srinidhi, and Jayaprasad Botsa. "Child Security in Cyberspace Through Moral Cognition." International Journal of Information Security and Privacy 7, no. 1 (2013): 16–29. http://dx.doi.org/10.4018/jisp.2013010102.
Full textAbstract:
The increasing number of threats in cyberspace has meant that every internet user is at a greater risk than ever before. Children are no exception to this exploitation, incurring psychological and financial stress. Technology is on a persistent pursuit of offering exquisite solution to address the problems associated with children on the cyberspace. With every new product for parental control to secure children, comes a new technique to trespass the same. Consequently it summons an approach to look beyond technology; this paper aims to explore the relevance of moral cognition to decision making capability of children on the internet & the possibility of minimizing related risks using the observation. The authors establish a correlation between cognitive moral development and the cyber vulnerability level of children of age between 12 and 16 years, based on an empirical research using a comprehensive set of questionnaires and standard tests. The findings also paves path for future researchers to further analyze and implant features in the parental control software that would stimulate moral cognition, thereby redefining parental control software as parental care software.
41
Ridhima, Arora, and Handa Manu. "Designing Agile Engineering Frameworks: A Product Management Approach to Developing Customer-Centric Software Platforms." International Journal of Innovative Research in Engineering & Multidisciplinary Physical Sciences 8, no. 1 (2020): 1–20. https://doi.org/10.5281/zenodo.14059506.
Full textAbstract:
The Software Engineering Plan outlines a comprehensive development roadmap, utilizing agile and Scrumban methodologies to align with product management principles. It prioritizes customer-centric requirements using the Kano and MoSCoW models, ensuring maximum value delivery at each product stage. The plan details effort, cost, and staffing estimates to facilitate resource allocation, supporting a phased development approach with an initial pilot release for product-market fit validation, followed by feature and scalability enhancements. Integrated risk management strategies address schedule, scope, and security challenges, while a targeted MVP launch and profitability aim within two years demonstrate alignment with strategic business objectives. Emphasizing iterative testing, stakeholder feedback, marketing efforts, and strategic partnerships, the plan ensures the product meets evolving customer needs and drives adoption effectively.
42
Sri Widya Harahap, Azizah Anisa, Siti Nuraini Pane, and Muhammad Arief Rahmadiansyah Purba. "DATABASE MANAGEMENT SYSTEM PT SIERAD PRODUCE Tbk DI MEDAN." JURNAL ILMIAH SAINS TEKNOLOGI DAN INFORMASI 1, no. 3 (2023): 20–26. https://doi.org/10.59024/jiti.v1i3.281.
Full textAbstract:
In the current era of globalization, management information systems play a very important role where information systems cannot be realized without database processes because the two are related. The use of databases is very important because it involves computer processing which basically contains two components, namely data and instructions (programs). A database management system (DBMS) is software (program) that organizes, classifies and also displays stored data in a database using various applications. The purpose of this research is to solve several problems related to data security, concurrency and events that are good and appropriate at Pt Sierad Produce. The method used in this research is a qualitative method of seeking comprehensive information from the database management system library information sources books, articles and other library sources. The result of this research is PT Sierad Product can overcome information security problems with information security methods of information, electronic security, physical security and procedural security in data processing and minimize vulnerabilities.
43
Samra, Hardeep Singh. "Study on Non Functional Software Testing." INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY 4, no. 1 (2013): 151–55. http://dx.doi.org/10.24297/ijct.v4i1c.3115.
Full textAbstract:
Improving software quality involves reducing the quantity of defects within the final product and identifying the remaining defects as early as possible. It involves both its functionality and its non-functional characteristics, such as usability, flexibility, performance, interoperability and security. In fact, defects found earlier in the development lifecycle cost dramatically less to repair than those found later. However, engineers cannot address non-functional quality requirements such as reliability, security, performance and usability early in the lifecycle using the same tools and processes that they use after coding and at later phases. Approaches such as stress testing for reliability, measuring performance and gauging user response to determine usability are inherently post-integration techniques. Accordingly, defects found with these tools are more disruptive and costly to fix. Nonetheless, there has been a lop-sided emphasis in the functionality of the software, even though the functionality is not useful or usable without the necessary non-functional characteristics. This research highlights the sporadic industry acceptance of some popular methods for designing for non-functional requirements and suggests some practical approaches that are applicable for companies that also must consider the demands of schedule and cost.
44
Dalimunthe, Septian Rizky, Sri Anisa Pujawati, and Akmal Satria Alvin Sitorus. "TECHNICAL SECURITY IN ITE LAW AND COPYRIGHTS OF DEVICES AND SYSTEMS." POLICY, LAW, NOTARY AND REGULATORY ISSUES (POLRI) 1, no. 2 (2022): 27–36. http://dx.doi.org/10.55047/polri.v1i2.124.
Full textAbstract:
Copyright is the creator's or recipient's exclusive right to publish or reproduce his work, or to grant permission to do so, without reducing the restrictions imposed by applicable laws and regulations. This research aims to determine how the legal protection of creators for the use of illegal software is based on the Copyrights Law No. 19 of 2002. The study employs normative law research methods, as well as secondary data obtained through library research. According to the findings, product piracy costs the creator both financially and morally, as well as having an economic impact on the country. Aside from that, using pirated software raises a fatal risk because malware/viruses can easily infiltrate software, opening the way for cyber attacks. As a consequence, it is recommended that legal proprietary software be used for work, learning, or other software-related activities. If people are unable to obtain legal software due to a lack of resources, they should consider other options, such as open source software that is available for free. Furthermore, proprietary software (closed) vendors must be able to offer reasonable prices. If a person or company infringes on another's copyright, they could face criminal charges or civil lawsuits.
45
Shlaifer, M., and Oleh Mykytyn. "Improvement of the information security of the management system." Management and Entrepreneurship in Ukraine: the stages of formation and problems of development 2022, no. 2 (2022): 148–55. http://dx.doi.org/10.23939/smeu2022.02.148.
Full textAbstract:
The study is aimed at researching ways to improve the information support of the management system using software. The authors determined that automation allows to reduce the time required to perform basic management functions, it is used for calculations and analysis, design, quality control, planning of all operational processes, hiring and accounting of employees, etc. An information system is a combination of technical, software and organizational support, as well as personnel, designed to provide the right people with the right information in a timely manner. To implement the automation system, you need functional software such as an OPS server, a control system service, a database server, a recipe editor, and SCADA. It has been proven that a modern automated management system should combine the maximum possible set of functions for managing all business processes of the enterprise. We determined that for the effective functioning of enterprise services, the following requirements are placed on the quality of information: сomplexity (the information should reflect all aspects of the service in relation to external conditions), promptness (receiving input information must occur simultaneously with the course of the process in the management system or coincide with the moment of its completion), systematicity (the necessary information should be provided as continuously as possible), reliability (information should be formed in the course of fairly accurate measurements). To improve the management information system in the organization, it was proposed to use such programs as AnyLogic, Aris, Business Studio, MS Visio. Their functionality was compared and the best system for automating the management system was determined. It was determined that, in our opinion, the software product Business Studio is the priority as a software tool in the direction of service support, because from the user's point of view it meets the necessary requirements. The advantages of this product are a free demo version, available reference materials and the availability of example models.
46
Poth, Alexander, Mario Kottke, Kerstin Middelhauve, Torsten Mahr, and Andreas Riel. "Lean integration of IT security and data privacy governance aspects into product development in agile organizations." JUCS - Journal of Universal Computer Science 27, no. (8) (2021): 868–93. https://doi.org/10.3897/jucs.71770.
Full textAbstract:
This article deals with the design of a product development-specific framework to support lean and adequate governance. This framework is based on layers of product-specific standards and regulations. The layers can be merged into a specific set to address the demands of a product to fit the state-of-the-art requirements of its domain. For the product domain, specific layers are presented with examples from IT security and data privacy for the software development phase. The approach is generic and can be extended to other domains like finance services or embedded products and their life-cycle phases.
47
Pratik, Bansal. "Investigating The Role of Software Testing Methodologies in Ensuring Product Quality and Reliability Across Diverse Industries, Including Healthcare, Finance and Transportation." Journal of Scientific and Engineering Research 8, no. 2 (2021): 283–85. https://doi.org/10.5281/zenodo.12792478.
Full textAbstract:
This paper investigates the role of software testing methodologies in ensuring product quality and reliability across diverse industries, including healthcare, finance, and transportation. In today's digital age, software plays a critical role in enabling business operations, delivering services, and enhancing user experiences. However, the complexity and scale of modern software systems pose significant challenges in ensuring their reliability, security, and compliance with industry regulations. By examining various software testing methodologies, such as manual testing, automated testing, and continuous integration, this study aims to provide insights into their applications, benefits, and limitations in different industry contexts. Through case studies and comparative analyses, this paper elucidates the importance of robust software testing practices in mitigating risks, optimizing performance, and delivering value across diverse sectors.
48
Diviziniuk, M. M., O. V. Farrakhov, I. S. Zinovieva, V. O. Kutsenko, and R. Shevchuk. "About the methodology to improve concept of maximum security of nuclear facility at minimum costs." IOP Conference Series: Earth and Environmental Science 1415, no. 1 (2024): 012123. https://doi.org/10.1088/1755-1315/1415/1/012123.
Full textAbstract:
Abstract Given work describe proposals concerning Pampuro method use for improvement of the maximum security concept of nuclear facility at minimum costs. The main provisions of the maximum security concept ensuring for nuclear facility at minimum cost are analyzed. The meaning of the terms threat and risk in relation to critical infrastructure objects is considered. One of the directions for optimal management concept implementing of protected critical infrastructure object using the Pampuro method is proposed. The mathematical model was developed to ensure security of protected nuclear facility at minimum of costs. It takes into account different intensities of terrorist influence. It was concluded that software implementation of the developed mathematical apparatus can be used as a unified software product by security services or physical protection services of various protected objects.
49
Bazzi, Abir, Adnan Shaout, and Di Ma. "Software Update Methodologies for Feature-Based Product Lines: A Combined Design Approach." Software 3, no. 3 (2024): 328–44. http://dx.doi.org/10.3390/software3030017.
Full textAbstract:
The automotive industry is experiencing a significant shift, transitioning from traditional hardware-centric systems to more advanced software-defined architectures. This change is enabling enhanced autonomy, connectivity, safety, and improved in-vehicle experiences. Service-oriented architecture is crucial for achieving software-defined vehicles and creating new business opportunities for original equipment manufacturers. A software update approach that is rich in variability and based on a Merkle tree approach is proposed for new vehicle architecture requirements. Given the complexity of software updates in vehicles, particularly when dealing with multiple distributed electronic control units, this software-centric approach can be optimized to handle various architectures and configurations, ensuring consistency across all platforms. In this paper, our software update approach is expanded to cover the solution space of the feature-based product line engineering, and we show how to combine our approach with product line engineering in creative and unique ways to form a software-defined vehicle modular architecture. Then, we offer insights into the design of the Merkle trees utilized in our approach, emphasizing the relationship among the software modules, with a focus on their impact on software update performance. This approach streamlines the software update process and ensures that the safety as well as the security of the vehicle are continuously maintained.
50
Poth, Alexander, Mario Kottke, Kerstin Middelhauve, Torsten Mahr, and Andreas Riel. "Lean integration of IT security and data privacy governance aspects into product development in agile organizations." JUCS - Journal of Universal Computer Science 27, no. 8 (2021): 868–93. http://dx.doi.org/10.3897/jucs.71770.
Full textAbstract:
This article deals with the design of a product development-specific framework to support lean and adequate governance. This framework is based on layers of product-specific standards and regulations. The layers can be merged into a specific set to address the demands of a product to fit the state-of-the-art requirements of its domain. For the product domain, specific layers are presented with examples from IT security and data privacy for the software development phase. The approach is generic and can be extended to other domains like finance services or embedded products and their life-cycle phases.