AIRCC's International Journal of Computer Science and Information Technology

Open Access Open Access  Restricted Access Subscription Access

Secureti: Advanced SDLC And Project Management Tool For TI (Philippines)


Affiliations
1 School of Computing, Professional Science Master‟s in Cybersecurity, Holy Angel University, Angeles City, Pampanga, Philippines
 

There are essential security considerations in the systems used by semiconductor companies like TI. Along with other semiconductor companies, TI has recognized that IT security is highly crucial during web application developers' system development life cycle (SDLC). The challenges faced by TI web developers were consolidated via questionnaires starting with how risk management and secure coding can be reinforced in SDLC; and how to achieve IT Security, PM and SDLC initiatives by developing a prototype which was evaluated considering the aforementioned goals. This study aimed to practice NIST strategies by integrating risk management checkpoints in the SDLC; enforce secure coding using static code analysis tool by developing a prototype application mapped with IT Security goals, project management and SDLC initiatives and evaluation of the impact of the proposed solution. This paper discussed how SecureTI was able to satisfy IT Security requirements in the SDLC and PM phases.

Keywords

Security, SDLC, project management, NIST, static analysis.
User
Notifications
Font Size

  • "What is a Semiconductor?", Semiconductor Industry Association, nd. Available: https://semiconductors.org/semiconductors 101/what is a semiconductor/. [Accessed 11 January. 2020].

  • "Top 50 Semiconductor Equipment & Products Companies 2019 Ranked by Sales or Revenue", Globenewswire, 18 Jun. 2019. Available: https://globenewswire.com/newsrelease/2019/06/18/1870313/0/en/Top 50 Semiconductor Equipment Products Companies 2019 Ranked by Sales or Revenue.html. [Accessed 11 January. 2020].

  • "At a glance | Fact sheet | About Texas Instruments | TI.com", Ti, nd. Available: https://ti.com/aboutti/company/ti-at-a-glance.html. [Accessed 11 January. 2020].

  • Maskur, Achmad Fahrurrozi, "Static Code Analysis Tools with the Taint Analysis Method for Detecting Web Application Vulnerability | IEEE Conference Publication | IEEE Xplore", International Conference on Data and Software Engineering, pp. 1 2019. Available: https://doi.org/10.1109/icodse48700.2019.9092614. [Accessed 11 January. 2020].

  • W. Stephen, "Application Developer Roles and Responsibilities", bmc blogs, 19 Oct. 2018. Available: https://bmc.com/blogs/application-developer-roles-responsibilities/. [Accessed 12 January. 2020].

  • V. Varun, "Risk Management in System Development Life Cycle (SDLC)", International Journal of Advance Research in Computer Science and Management Studies, Mar. 2017. Available: https://ijarcsms.com. [Accessed 12 January. 2020].

  • "What is Secure Coding and Why is it Important?", Vpnoverview, 18 Oct. 2019. Available: https://vpnoverview.com/internet safety/business/what is secure coding/. [Accessed 12 January. 2020].

  • K. Gerberding, "Why Should I Use Security Features in Project Management Software?", Wrike, 16 Oct. 2018. Available: https://wrike.com/project-management-guide/faq/why-should-i-use- securityfeatures-in-project-management-software/. [Accessed 12 January. 2020].

  • "The Systems Development Life Cycle", Misprivate, 2015. Available: https://misprivate.boun.edu.tr/ozdinc/MIS433/ch02.ppt. [Accessed 13 January. 2020].

  • D. Ozkan, Mishra, "Agile Project Management Tools: A Brief Comparative View", Cybernetics and Information Technologies, vol. 19, no. 4, pp. 17–25, 2019. Available: https://doi.org/https://doi.org/10.2478/cait 2019 0033. [Accessed 13 January. 2020].

  • Gupta, A.,2017. Project Management Tool. Available: http://csusdspace.calstate.edu/bitstream/handle/10211.3/190305/Project_Management_Tool.pdf?sequence=1

  • R. Leal, "ISO 27001 – integrating A.14 controls with SDLC", Doi, 24 Jan. 2017. Available: https://advisera.com/27001academy/blog/2017/01/24/how to integrate iso 27001 a 14 controls into the system software development life cycle sdlc/. [Accessed 26 January. 2020].

  • B. Evans, "The System Development Life Cycle: A Phased Approach to Application Security", Security Intelligence, 7 Jan. 2019. Available: https://securityintelligence.com/the system development life cycle a phased approach to application security/. [Accessed 2 February. 2020].

  • I. Meschankina, "The Software Development Life Cycle: Phases And Methodologies", Producttribe, 19 Mar. 2018. Available: https://producttribe.com/project management/sdlc guide. [Accessed 2 February. 2020].

  • S. Hasan, UA. Khan, "SDLC models", International Journal of Computer Applications, vol. 178, no.

  • , pp. 1–1, 2019. Available: https://csusdspace.calstate.edu/bitstream/handle/10211.3/190305/Project_Management_Tool.pdf?sequence=1.[Accessed 2 February. 2020].


Abstract Views: 129

PDF Views: 93




  • Secureti: Advanced SDLC And Project Management Tool For TI (Philippines)

Abstract Views: 129  |  PDF Views: 93

Authors

Amelie Anne Gutierrez
School of Computing, Professional Science Master‟s in Cybersecurity, Holy Angel University, Angeles City, Pampanga, Philippines

Abstract


There are essential security considerations in the systems used by semiconductor companies like TI. Along with other semiconductor companies, TI has recognized that IT security is highly crucial during web application developers' system development life cycle (SDLC). The challenges faced by TI web developers were consolidated via questionnaires starting with how risk management and secure coding can be reinforced in SDLC; and how to achieve IT Security, PM and SDLC initiatives by developing a prototype which was evaluated considering the aforementioned goals. This study aimed to practice NIST strategies by integrating risk management checkpoints in the SDLC; enforce secure coding using static code analysis tool by developing a prototype application mapped with IT Security goals, project management and SDLC initiatives and evaluation of the impact of the proposed solution. This paper discussed how SecureTI was able to satisfy IT Security requirements in the SDLC and PM phases.

Keywords


Security, SDLC, project management, NIST, static analysis.

References