Title: On the secure software development process: CLASP, SDL and Touchpoints compared
Authors: De Win, Bart * ×
Scandariato, Riccardo *
Buyens, Koen
Grégoire, Johan
Joosen, Wouter #
Issue Date: Jul-2009
Series Title: Information and software technology vol:51 issue:7 pages:1152-1171
Abstract: Development processes for software construction are common knowledge and mainstream practice in most development organizations. Unfortunately, these processes offer little support in order to meet security requirements. Over the years, research efforts have been invested in specific methodologies and techniques for secure software engineering, yet dedicated processes have been proposed only recently. In this paper, three high-profile processes for the development of secure software, namely OWASP's CLASP, Microsoft's SDL and McGraw's Touchpoints, are evaluated and compared in detail. The paper identifies the commonalities, discusses the specificity of each approach, and proposes suggestions for improvement.
ISSN: 0950-5849
Publication status: published
KU Leuven publication type: IT
Appears in Collections:Informatics Section
* (joint) first author
× corresponding author
# (joint) last author

Files in This Item:
File Description Status SizeFormat
comparison.pdf Published 1682KbAdobe PDFView/Open


All items in Lirias are protected by copyright, with all rights reserved.

© Web of science