How to Cite
Abstract
Standards, models, frameworks and guidelines have been developed for secure software development such as Building Security In, SSE-CMM, Microsoft SDL, and OpenSAMM. Current standards and models provide guidance for particular areas such as threat modelling, risk management, secure coding, security testing, verification, patch management, configuration management etc. However, there is not a generally accepted model for a secure software development lifecycle. Building Security In provides an objective evaluation methodology to validate that a product satisfies a specified set of security requirements. In this paper Building Security In secure software development approach is examined and compared with other well-known standards and models.
Open Access License Notice:
This article is © its author(s) and is licensed under the Creative Commons Attribution 4.0 International License (CC BY 4.0). Beginning with Volume 13 (2026), this license is included directly within all published PDFs. For earlier articles, a cover page has been added to indicate the correct licensing terms. Any legacy copyright or pricing statements appearing within the PDF reflect prior print production workflows and do not represent the Journal’s current open access policy. For full details, please see the Journal’s License Terms.