An investigation of factors affecting secure software development practices adoption /

Consideration of security during software development from the initial design phase has not been consistently addressed by the software developers. As a result there is an abundance of software systems with weak security. The solution proposed by the academia and the industry is to integrate securit...

Full description

Saved in:
Bibliographic Details
Main Author: Zulfikar Ahmed Maher (Author)
Format: Thesis
Language:English
Published: Kuala Lumpur : Kulliyyah of Information and Communication Technology, International Islamic University Malaysia, 2021
Subjects:
Online Access:http://studentrepo.iium.edu.my/handle/123456789/10747
Tags: Add Tag
No Tags, Be the first to tag this record!
LEADER 057630000a22004330004500
008 210811s2021 my a f m 000 0 eng d
040 |a UIAM  |b eng  |e rda 
041 |a eng 
043 |a a-my--- 
050 0 0 |a QA76.9.A25 
100 0 |a Zulfikar Ahmed Maher,  |e author  |9 6716 
245 1 3 |a An investigation of factors affecting secure software development practices adoption /  |c by Zulfikar Ahmed Maher 
264 1 |a Kuala Lumpur :  |b Kulliyyah of Information and Communication Technology, International Islamic University Malaysia,  |c 2021 
300 |a xviii, 221 leaves :  |b illustrations ;  |c 30cm. 
336 |2 rdacontent  |a text 
337 |2 rdamedia  |a unmediated 
337 |2 rdmedia  |a computer 
338 |2 rdacarrier  |a volume 
338 |2 rdacarrier  |a online resource 
347 |2 rdaft  |a text file  |b PDF 
500 |a Abstracts in English and Arabic. 
500 |a "A thesis submitted in fulfilment of the requirement for the degree of Doctor of Philosophy in Information Technology." --On title page. 
502 |a Thesis (Ph.D)--International Islamic University Malaysia, 2021. 
504 |a Includes bibliographical references (leaves 195-213). 
520 |a Consideration of security during software development from the initial design phase has not been consistently addressed by the software developers. As a result there is an abundance of software systems with weak security. The solution proposed by the academia and the industry is to integrate security within various stages of software development life cycle. Acceptance from all the software developers and stakeholders is necessary for successful adoption of this paradigm shift within the organization. A number of secure development methodologies have been proposed by the industry and the academia for secure development but most of them were ignored by the developers. The objective of this research is to identify the factors influencing developers to adopt secure software development practices. The extent to which developers adopt secure software development practices is crucial to the successful development of secure software. In this research an integrated model is proposed and validated based on the Unified Theory of Acceptance and Use of Technology model 2 (UTAUT2). This research uses sequential explanatory mix method research design to achieve the desired research aims. A survey questionnaire is used for quantitative data collection and interviews were conducted at second qualitative stage with 04 experts from software industry. According to the proposed conceptual model the adoption of secure software development practices were determined by eight factors i.e. performance expectancy (PE), effort expectancy (EE), Social Influence (SI), facilitating conditions (FC), Habit (HT), secure software development awareness (SSDAW), Top management involvement (TPM) and Readiness for change (RFC). The model was tested on a sample of 382 software engineers and developers around Klang Valley Malaysia. Using structural equation modeling with Smart-pls software, data analysis showed that 11 out of 14 hypothetical paths were significant. The results revealed that the performance expectancy (PE), effort expectancy (EE), Social Influence (SI), facilitating conditions (FC), Habit (HT), Top management involvement (TPM), Secure Software Development awareness (SSDAW) and Readiness for change (RFC) were found to have significant effect on developer's Behavioral intention (BI) to adopt secure software development practices and on use behavior (UB) among software developers. The findings revealed that behavioral intention is explained by PE, EE, FC, SI, HT, SSDAW, TPM and RFC. Similarly, use behavior is explained by behavioral intention, BI, SSDAW and FC. Findings of the study showed that the proposed model achieved an acceptable fit with the data. Based on identified key factors, an integrated model was developed and validated to predict the adoption of secure software development practices by software developers in the industry. In second phase of the study, qualitative results were obtained from the interviews from 04 experts of the industry to confirm the quantitative results. It was found that both quantitative and qualitative approaches contributed complementary results. This research seeks to supplement the existing literature regarding security integration in software development lifecycle for secure software development and provide software development firms with strategies and guidelines to successfully introduce and integrate secure software development practices within their organization. This research provide more reliable results as compared to previous studies as both quantity and qualitative technique are used in this study to find out the factors ,opinions and suggestions from the people working in software industry. 
650 0 |a Computer security 
650 0 |a Application software  |x Development  |9 6717 
650 0 |a Computer networks  |x Security measures 
655 7 |a Theses, IIUM local 
690 |a Dissertations, Academic  |x Kulliyyah of Information and Communication Technology  |z IIUM  |9 4793 
700 1 |a Asadullah Shah,  |e degree supervisor  |9 5113 
700 0 |a Hazwani Mohd Mohadis,  |e degree supervisor  |9 6718 
700 0 |a Noor Hayani Abd Rahim,  |e degree supervisor   |9 6719 
710 2 |a International Islamic University Malaysia.  |b Kulliyyah of Information and Communication Technology  |9 4794 
856 4 |u http://studentrepo.iium.edu.my/handle/123456789/10747 
900 |a sz-asbh 
942 |2 lcc 
999 |c 439385  |d 470784 
952 |0 0  |1 0  |2 lcc  |4 0  |6 T Q A 00076.00009 A00025 Z00094I 02021  |7 3  |8 IIUMTHESIS  |9 762067  |a IIUM  |b IIUM  |c THESIS  |d 2022-07-06  |g 0.00  |o t QA 76.9 A25 Z94I 2021  |p 11100393375  |r 1900-01-02  |t 1  |v 0.00  |y THESIS