Version 1
: Received: 8 July 2024 / Approved: 8 July 2024 / Online: 8 July 2024 (15:13:16 CEST)
How to cite:
Al Hashimi, H. A.; Almagrabi, A. O.; Alwageed, H. S.; Keshta, I. M.; Khan, R. A. Securing Software Development through People Maturity: A Fuzzy-AHP Decision Making Framework. Preprints2024, 2024070669. https://doi.org/10.20944/preprints202407.0669.v1
Al Hashimi, H. A.; Almagrabi, A. O.; Alwageed, H. S.; Keshta, I. M.; Khan, R. A. Securing Software Development through People Maturity: A Fuzzy-AHP Decision Making Framework. Preprints 2024, 2024070669. https://doi.org/10.20944/preprints202407.0669.v1
Al Hashimi, H. A.; Almagrabi, A. O.; Alwageed, H. S.; Keshta, I. M.; Khan, R. A. Securing Software Development through People Maturity: A Fuzzy-AHP Decision Making Framework. Preprints2024, 2024070669. https://doi.org/10.20944/preprints202407.0669.v1
APA Style
Al Hashimi, H. A., Almagrabi, A. O., Alwageed, H. S., Keshta, I. M., & Khan, R. A. (2024). Securing Software Development through People Maturity: A Fuzzy-AHP Decision Making Framework. Preprints. https://doi.org/10.20944/preprints202407.0669.v1
Chicago/Turabian Style
Al Hashimi, H. A., Ismali M Keshta and Rafiq Ahmad Khan. 2024 "Securing Software Development through People Maturity: A Fuzzy-AHP Decision Making Framework" Preprints. https://doi.org/10.20944/preprints202407.0669.v1
Abstract
In the fast-changing world of software development, the protection of software products has emerged as an imperative requirement. This paper presents a new way to increase the maturity of development teams to reach the highest level of software security. Based on these, the framework uses the Fuzzy Analytic Hierarchy Process (Fuzzy-AHP) to systematically evaluate and enhance the people maturity of software development projects. The essence of the fuzzy logic and AHP technique interaction is to handle the uncertainty and complexity of human factors and team dynamics in the evaluation framework. Using the decision-making model allows the project managers and stakeholders to determine the appropriate areas for improvement and develop the right strategies and actions to nurture a secure and mature development culture. The paper identifies 24 human success factors (HSFs) and human security vulnerabilities (HSVs) and 38 practices for addressing these HSFs and HSVs. Furthermore, we discuss the local and global ranks of each HSF and HSV practice and categorize the identified practices into 9 categories to determine the ranks and weight of each category. Based on collected data, FAHP prioritized these practices; the category “C4: Skill Development and Stakeholder Engagement” is ranked highest at rank-1 and possesses the most significant weight of 0.12435. Similarly, the highest global weight is 0.051506, and the global ranked (rank-1) HSF and HSV practice is “P15: Hands-On Practice and Stakeholder Communication”. Research evidence and case discussions show how the described framework assists in building secure software development (SSD) practices, which can be considered evidence of the application of team maturity to improve cybersecurity in organizations. Additional research directions include improving the framework, especially using highly developed learning techniques and applying the framework to other forms of development.
Keywords
Secure Software Development; Human Success Factors; Human Security Vulnerabilities; Practices, Decision-making framework; Empirical study; Fuzzy-AHP
Subject
Computer Science and Mathematics, Security Systems
Copyright:
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.