In recent years, the World Economic Forum has identified software security as the most significant technological risk to the world's population, as software-intensive systems process critical data and provide critical services. This raises the question of the extent to which German companies are addressing software security in developing and operating their software products. This paper reports on the results of an extensive study among developers, product owners, and managers to answer this question. Our results show that ensuring security is a multi-faceted challenge for companies, involving low awareness, inaccurate self-assessment, and a lack of competence on the topic of secure software development among all stakeholders. The current situation in software development is therefore detrimental to the security of software products in the medium and long term.
翻译:近年来,世界经济论坛将软件安全确定为对世界人口最重要的技术风险,因为软件密集型系统处理关键数据和提供关键服务;这就提出了德国公司在开发和操作软件产品时处理软件安全的程度问题;本文件报告了开发商、产品所有者和管理人员为回答这个问题进行的广泛研究的结果;我们的结果显示,确保安全是公司面临的一个多方面挑战,涉及认识低、自我评估不准确以及所有利益相关者在软件安全开发问题上缺乏能力;因此,软件发展的现状不利于软件产品的中长期安全。
相关内容
- Today (iOS and OS X): widgets for the Today view of Notification Center
- Share (iOS and OS X): post content to web services or share content with others
- Actions (iOS and OS X): app extensions to view or manipulate inside another app
- Photo Editing (iOS): edit a photo or video in Apple's Photos app with extensions from a third-party apps
- Finder Sync (OS X): remote file storage in the Finder with support for Finder content annotation
- Storage Provider (iOS): an interface between files inside an app and other apps on a user's device
- Custom Keyboard (iOS): system-wide alternative keyboards
Source: iOS 8 Extensions: Apple’s Plan for a Powerful App Ecosystem
微信扫码咨询专知VIP会员