Secure Evolving Software Systems: a State of the Art Survey

Long-lived software systems often undergo evolution over an extended period of time. Evolution of these systems is inevitable as they need to continue to satisfy changing business needs, new regulations and standards, and the introduction of novel technologies. Once the system is put in operation, new requirements emerge and existing requirements change. Parts of the software may have to be modified to correct errors that are found in operation, to adapt it for a new platform and to improve its performance or other non-functional properties.

Software systems inevitably have to change if they are to remain useful, but the change may undermine the security of the systems. It is thus important to design software systems that are evolvable and secure.

The Secure Evolving Software Systems: a State of the Art Survey report reviews the current approaches to software evolution, security requirements engineering, requirements evolution, evolution in access control, and presents new research strands in software evolution. Read the full public report.