ID Code : CSC 0009
Title : Integrated Framework of Software Engineering and Common Criteria Practices
Author/s : Khairunnisa Osman
Abstract : Software developers are usually familiar with software engineering deliverables but face difficulties in providing the deliverables that must be in line with the Common Criteria requirement. The software engineering deliverables lack the security requirements to be the evidences in the Common Criteria evaluation and certification. Therefore, the main aim is to develop a framework between Common Criteria and software engineering deliverables. This project objective are to investigate the practices of software engineering and Common Criteria, consolidate the deliverables between software engineering and Common Criteria and solicit an evaluation of the integrated framework design by the developers of the software, evaluators and certifiers of Common Criteria. The investigation on the software engineering practices using the technique of Systematic Literature Review has been conducted and it was found that the ISO/IEC 12207:2008 as the latest standard practices among software developers in developing software. The consolidation used Causal, Semantic and Concept mapping between the process of Software Engineering and Common Criteria to see the similarities between both processes and deliverables before being integrated into the framework. The development of the framework was conducted after the similarities between the processes and deliverables of Software Engineering and Common Criteria are found. The evaluation used a questionnaire that was distributed among experts in Common Criteria and Software Engineering and it found that the framework gives a perceived ease of adoption and less apprehensiveness to the experts especially, in assisting the evaluation and certification of software products using the Common Criteria.
Publication : International Journal of Computer Science and Engineering Technology
Year Published : 2013 |64-70|Volume 3 Issue 3
PDF / Official URL : PDF