Significance of Security Metrics in Secure Software Development

Abstract

With increasing advancement of technology in the past years rise various security issues and problems. In this connected world, security is a paramount and challenging issue in software development and is the demand of time. However usually engineers/developers think about it after the development of the entire software and at that it’s too late. Though, the software developers are aware of the importance of security and its priority throughout software development life cycle. Considering the security challenging issues right from the early stages of software development and incorporating it during software development indicates good research and development. When the metrics considered during software development process from the initial stage then it assess the security risks more efficiently. One of the best known approaches to develop security metrics is Goal/Question/Metric (GQM) approach that assesses the security risks in various stages of software development process. Software security can be measured with the help of metrics derived from the source available. The main aim of this paper is to focus on numerous security metrics of software development phases and some standardized criteria is used for validation. Each and every phase have different metrics as compared to other. Those metrics are defined on the bases of their results and products. The final product derived from the proposed security metrics of the software will be secure and qualified. General Terms Security, software development phases, validation.