References
- Al-Saqqa, S., Sawalha, S., & Abdel-Nabi, H. (2020). Agile software development: Methodologies and Trends. International Journal of Interactive Mobile Technologies, 14 (11), 246-70. Available at: https://doi.org/10.3991/ijim.v14i11.13269.
- Barabanov, A.V., Markov, A.S., & Grishin, M.I. (2018). Current taxonomy of information security threats in software development life cycle. 2018 IEEE 12th International Conference on Application of Information and Communication Technologies (AICT). DOI: 10.1109/ICAICT.2018.8747065. Available at: https://ieeexplore.ieee.org/abstract/document/8747065/.
- Arega, K.L., Beyene, A.M., & Yitagesu, S. (2024). Security Assurance in the Software Development Process: A Systematic Literature Review. In: Rajagopal, S., Popat, K., Meva, D., Bajeja, S. (eds) Advancements in Smart Computing and Information Security. ASCIS 2023. Communications in Computer and Information Science, Vol. 2040, 16-30. Springer, Cham. Available at: https://doi.org/10.1007/978-3-031-59107-5_2.
- Boyens, J., Paulsen, C., Moorthy, R.S., & Bartol, N. (2022). NIST Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations. National Institute of Standards and Technology. Available at: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161r1.pdf.
- Cybersecurity and Infrastructure Security Agency (CISA). (2021, April). Defending against software supply chain attacks. U.S. Department of Homeland Security, Available at: https://www.cisa.gov/publication/supply-chain-risks-information-and-communication-technology.
- Eian, I.C., Yong, L.K., Li, M.Y.X., & Hasmaddi, N.A.B.N. (2020). Integration of security modules in software development lifecycle phases. arXiv Preprint arXiv:2012.05540, Computer Science, Software Engineering. Available at: https://doi.org/10.48550/arXiv.2012.05540.
- Felderer, M., Büchler, M., Johns, M., & Brucker, A. (2016). Chapter one ‒ Security testing: A survey. Advances in Computers, 101, 1-51. Available at: https://www.sciencedirect.com/science/article/pii/S0065245815000649.
- Gartner (2023). Mitigating Enterprise Software Supply Chain Security Risks. Gartner Research. Available at: https://www.gartner.com/en/documents/4893131.
- Gupta, A., Rawal, A., & Barge, Y. (2021). Comparative Study of Different SDLC Models. International Journal for Research in Applied Science & Engineering Technology, 9 (1). Available at: https://doi.org/10.22214/ijraset.2021.38736.
- Hossain, M.I. (2023). Software development life cycle (SDLC) methodologies for information systems project management. International Journal for Multidisciplinary Research (IJFMR), 5 (5). Available at: https://www.researchgate.net/publication/373800862_
- Humayun, M., Jhanjhi, N.Z., Almufareh, M.F., & Khalil, M.I. (2022). Security Threat and Vulnerability Assessment and Measurement in Secure Software Development. Computers, Materials & Continua, 71 (3), 5039-5058. Available at: https://doi.org/10.32604/cmc.2022.019289.
- IBM. (2024). Cost of a data breach report 2024. IBM Security. Available at: https://www.ibm.com/downloads/cas/1KZ3XE9D.
- Khan, R.A., Khan, S.U., Khan, H.U., & Ilyas, M. (2022). Systematic literature review on security risks and its practices in secure software development. Ieee Access, 10. Available at: https://ieeexplore.ieee.org/abstract/document/9669954/.
- Kinyua, J. (2020). Cybersecurity in the software development life cycle. In book: Cybersecurity for Information Professions. DOI:10.1201/9781003042235-12.
- Korir, F.C. (2023). Software security models and frameworks: An overview and current trends. World Journal of Advanced Engineering Technology and Sciences, 8 (2), 86-109. Available at: https://doi.org/10.30574/wjaets.2023.8.2.0078.
- Lemke, G. (2018). The software development life cycle and its application. Senior Honors Theses and Projects. Available at: https://commons.emich.edu/honors/589/.
- National Institute of Standards and Technology (NIST). (2022). Secure software development framework (SSDF) Version 1.1: Recommendations for Mitigating the Risk of Software Vulnerabilities. Available at: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-218.pdf.
- OWASP. (2020). Secure Development and Integration. Available at: https://owasp.org/www-project-developer-guide/draft/foundations/secure_development/.
- Pargaonkar, S. (2021). The Crucial Role of Inspection in Software Quality Assurance. Journal of Science & Technology, 2 (1). Available at: https://thesciencebrigade.com/jst/article/view/42.
- Ponemon Institute. (2024). The state of software supply chain security risks. Black Duck. Available at: https://www.blackduck.com/content/dam/black-duck/en-us/reports/state-of-software-supply-chain-security-risks-ponemon.pdf
- Seelaboyina, R., Vadla, S., & Teerthala, S. (2022). Secure Software Development Life Cycle: An Approach to Reduce the Risks of Cyber Attacks in Cyber-Physical Systems and Digital Twins. In: Gunjan, V.K., Kumar, A., Zurada, J.M., Singh, S.N. (eds) Computational Intelligence in Machine Learning. ICCIML 2022. Lecture Notes in Electrical Engineering, Vol. 1106. Springer, Singapore. Available at: https://doi.org/10.1007/978-981-99-7954-7_15https://link.springer.com/chapter/10.1007/978-981-99-7954-7_15.
- Tung, Y., Lo, S., Shih, J., & Lin, H. (2016). An integrated security testing framework for secure software development life cycle. 18th Asia-Pacific Network Operations and Management Symposium, IEEE Xplore. Available at: https://ieeexplore.ieee.org/abstract/document/7737238/.
- Valdés-Rodríguez, Y., Hochstetter-Diez, J., Díaz-Arancibia, J., & Cadena-Martínez, R. (2023). Towards the integration of security practices in agile software development: a systematic mapping review. Applied Sciences, 13 (7), 4578. Available at: https://www.mdpi.com/2076-3417/13/7/4578.