Processing may take a few seconds...

Chapter


Title

On Testing Security Requirements in Industry – A Survey Study

Authors

[ 1 ] Instytut Informatyki, Wydział Informatyki i Telekomunikacji, Politechnika Poznańska | [ P ] employee

Scientific discipline (Law 2.0)

[2.3] Information and communication technology

Year of publication

2022

Chapter type

chapter in monograph / paper

Publication language

english

Keywords
EN
  • security
  • security requirements
  • survey
  • testing
Abstract

EN [Context and motivation] Among all categories of non-functional requirements, requirements concerning security are those that are specified frequently and tackled with care. [Question/problem] Constant changes in technologies used to develop software products drive to new and changing security requirements, which requires adapting of the approaches used to investigate if the security requirements are satisfied. And, thus, the question arises if and how security requirements are tested. [Principal ideas/results] We conducted an online survey among software development practitioners. 190 respondents from a wide variety of countries shared with us their experience concerning testing security requirements. [Contribution] We learned that security requirements are tested in the majority of surveyed projects. However, in some having high impact (economic, human health, environment) the dedicated effort is small or none. There are different techniques used from automated ones like static code analysis, to manual ones like code reviews. Most developers, QAs and DevOps are testing security. The greatest challenges concern culture, knowledge, and difficulty in specifying tests.

Date of online publication

09.03.2022

Pages (from - to)

183 - 198

DOI

10.1007/978-3-030-98464-9_15

URL

https://link.springer.com/chapter/10.1007/978-3-030-98464-9_15

Book

Requirements Engineering: Foundation for Software Quality : 28th International Working Conference, REFSQ 2022, Birmingham, UK, March 21–24, 2022 : Proceedings

Presented on

28th International Working Conference REFSQ 2022, 21-24.03.2022, Birmingham, United Kingdom

Points of MNiSW / chapter

20.0

Points of MNiSW / conference (CORE)

70.0

This website uses cookies to remember the authenticated session of the user. For more information, read about Cookies and Privacy Policy.