Abstract

There have been development and improvement of numerous software engineering practices but we still need to find and adopt strategies to make the software more secure. Many software engineering practices currently being utilized have been rolled out prior to the development of the World Wide Web and internet and thus lags in ensuring defense against remotely performed and complex cyber-attacks. We have techniques to automate the customer functionality requirement process which can be provided explicitly by the customer as well, but something that a customer expects implicitly from the developed system is the security requirements which the developers should be taken into consideration. Agile software development has a provision to adopt changes at the later stages, but the cost and effort of implementation get progressively more exponential in later stages. Moreover, the security requirements might not fix all the bugs in later stages of development. Hence there is a need to use effective strategies at the beginning of the project to define significant functional and security requirements to minimize the efforts, cost, and implementation complexities at the later ...