1 research outputs found
Moderator Factors of Software Security and Performance Verification
Context: Security and performance (S&P) are critical non-functional
requirements on software systems. Therefore, verification activities should be
included in the development process to identify related defects and avoiding
S&P failures after deployment. However, the state of the practice of S&P
verification is unclear, challenging academia to offer solutions for real-world
problems faced by the S&P verification practitioners. Thus, identifying factors
moderating the S&P verification helps software development organizations
improve the S&P verification, releasing software that meets security and
performance requirements. Objective: To present moderator factors influencing
S&P verification activities and actions to promote S&P moderator factors.
Method: Multiple case study using qualitative analysis of observational data to
identify S&P moderators factors. Literature Rapid Reviews with Snowballing to
strengthen confidence in the identified S&P moderators factors. Practitioners
Survey to classify the S&P moderator factors regarding their relevance.
Results: Identification of eight S&P moderator factors regarding organizational
awareness, crossfunctional team, S&P requirements, support tools, verification
environment, verification methodology, verification planning, and reuse
practices. The literature reviews allowed us to confirm the identified S&P
moderator factors and identify a set of actions to promote each of them. A
survey with 37 valid participants allowed us to classify the identified S&P
moderators factors and their actions relevant to S&P verification activities.
Conclusions: The S&P moderator factors can be considered key points in which
software development organizations should invest to implement or improve S&P
verification activities