The heart of the application's secure operation is its software code. If the code contains flaws, the entire program might be hacked. The issue with software vulnerabilities is that they reveal coding flaws that hackers could exploit. The prevention of cybersecurity issues begins with the program code itself. When writing software code, a software developer must consider expressing the application's architecture and design requirements, keeping the code streamlined and efficient, and ensuring the code is safe. Secure code helps save the system from various cyber-attacks by eliminating the weaknesses that many hacks rely on. To assist the software organization in Secure Software Coding (SSC), this article proposes a readiness model for SSC, namely SSCRM. The proposed model has five levels; SSC challenges and best practices (BP) are mapped at each level. The proposed model will help the organizations better understand SSC challenges and BPs and provide a roadmap for developing secure software code. The proposed model was evaluated using three case studies. The findings demonstrate that the proposed approach helps determine an organization's SSC level.
Bibliographical noteFunding Information:
The authors would like to acknowledge the support provided by The Deanship of Research Oversight and Coordination via Project number DF201007 at King Fahd University of Petroleum and Minerals, Saudi Arabia.
© 2022 John Wiley & Sons Ltd.
- case study
- readiness model
- secure SDLC
- secure coding
ASJC Scopus subject areas