RUP Extension for the Development of Secure Systems

The expansion of computer usage results from the progress of technology and communication. As a consequence, attacks on computer systems with malicious objectives are growing and can represent damages and losses for companies. It is recognized that security has become a critical issue in software development. Most of the software development processes were proposed before this recognition therefore they do not provide appropriate support for the development of secure systems. RUP (rational unified process) is a well-known software engineering process that provides a disciplined approach to assigning tasks and responsibilities within a development organization; however, it has little support for development of secure systems. The proposal of this work is to present an extension to RUP for the development of secure systems. The security is embodied in RUP as a knowledge area (discipline) with activities and roles defined according to the architecture of process engineering UMA (unified method architecture). An example was elaborated to clarify and verify the feasibility of the proposal