Moderator Factors of Software Security and Performance Verification
share
Context: Security and performance (S P) are critical non-functional requirements on software systems. Therefore, verification activities should be included in the development process to identify related defects and avoiding S P failures after deployment. However, the state of the practice of S P verification is unclear, challenging academia to offer solutions for real-world problems faced by the S P verification practitioners. Thus, identifying factors moderating the S P verification helps software development organizations improve the S P verification, releasing software that meets security and performance requirements. Objective: To present moderator factors influencing S P verification activities and actions to promote S P moderator factors. Method: Multiple case study using qualitative analysis of observational data to identify S P moderators factors. Literature Rapid Reviews with Snowballing to strengthen confidence in the identified S P moderators factors. Practitioners Survey to classify the S P moderator factors regarding their relevance. Results: Identification of eight S P moderator factors regarding organizational awareness, crossfunctional team, S P requirements, support tools, verification environment, verification methodology, verification planning, and reuse practices. The literature reviews allowed us to confirm the identified S P moderator factors and identify a set of actions to promote each of them. A survey with 37 valid participants allowed us to classify the identified S P moderators factors and their actions relevant to S P verification activities. Conclusions: The S P moderator factors can be considered key points in which software development organizations should invest to implement or improve S P verification activities.
READ FULL TEXT
