Preprint Article Version 1 Preserved in Portico This version is not peer-reviewed

Securing Software Development through People Maturity: A Fuzzy-AHP Decision Making Framework

Hussein A. Al Hashimi
,
Alaa Omran Almagrabi
,
Hathal S Alwageed
,
Ismali M Keshta
,
Rafiq Ahmad Khan
*
Version 1 : Received: 8 July 2024 / Approved: 8 July 2024 / Online: 8 July 2024 (15:13:16 CEST)

How to cite: Al Hashimi, H. A.; Almagrabi, A. O.; Alwageed, H. S.; Keshta, I. M.; Khan, R. A. Securing Software Development through People Maturity: A Fuzzy-AHP Decision Making Framework. Preprints 2024, 2024070669. https://doi.org/10.20944/preprints202407.0669.v1 Al Hashimi, H. A.; Almagrabi, A. O.; Alwageed, H. S.; Keshta, I. M.; Khan, R. A. Securing Software Development through People Maturity: A Fuzzy-AHP Decision Making Framework. Preprints 2024, 2024070669. https://doi.org/10.20944/preprints202407.0669.v1

Abstract

In the fast-changing world of software development, the protection of software products has emerged as an imperative requirement. This paper presents a new way to increase the maturity of development teams to reach the highest level of software security. Based on these, the framework uses the Fuzzy Analytic Hierarchy Process (Fuzzy-AHP) to systematically evaluate and enhance the people maturity of software development projects. The essence of the fuzzy logic and AHP technique interaction is to handle the uncertainty and complexity of human factors and team dynamics in the evaluation framework. Using the decision-making model allows the project managers and stakeholders to determine the appropriate areas for improvement and develop the right strategies and actions to nurture a secure and mature development culture. The paper identifies 24 human success factors (HSFs) and human security vulnerabilities (HSVs) and 38 practices for addressing these HSFs and HSVs. Furthermore, we discuss the local and global ranks of each HSF and HSV practice and categorize the identified practices into 9 categories to determine the ranks and weight of each category. Based on collected data, FAHP prioritized these practices; the category “C4: Skill Development and Stakeholder Engagement” is ranked highest at rank-1 and possesses the most significant weight of 0.12435. Similarly, the highest global weight is 0.051506, and the global ranked (rank-1) HSF and HSV practice is “P15: Hands-On Practice and Stakeholder Communication”. Research evidence and case discussions show how the described framework assists in building secure software development (SSD) practices, which can be considered evidence of the application of team maturity to improve cybersecurity in organizations. Additional research directions include improving the framework, especially using highly developed learning techniques and applying the framework to other forms of development.

Keywords

Secure Software Development; Human Success Factors; Human Security Vulnerabilities; Practices, Decision-making framework; Empirical study; Fuzzy-AHP

Subject

Computer Science and Mathematics, Security Systems

Copyright: This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Download PDF

Comments (0)

We encourage comments and feedback from a broad range of readers. See criteria for comments and our Diversity statement.

Leave a public comment
Send a private comment to the author(s)
* All users must log in before leaving a comment
Views 0
Downloads 0
Comments 0
Metrics 0
Get PDF Cite Share 0
Bookmark BibSonomy Mendeley Reddit Delicious
×
Alerts
Notify me about updates to this article or when a peer-reviewed version is published.
We use cookies on our website to ensure you get the best experience.
Read more about our cookies here.