A Knowledge Management Approach to Support a Secure Software Development

Organizations that want to increase their profits from reliable and secure software product need to invest in software security approaches. However, secure software is not easily achieved and the actual scenario is that investments in software development process improvement do not assure software that resist from attacks or do not present security vulnerabilities. The PSSS (Process to Support Software Security) may help obtaining secure software as it proposes security activities to be integrated into software development life cycles. This paper resumes the application of the PSSS and proposes the support of a knowledge management environment based, specially, on security inspections of the artifacts generated during the processes execution. It also proposes a checklist to security inspections on the software requirements. This will improve how the security aspects are being considered during the development of secure software and will help to establish the security as an important discipline on the organizational culture.