IDEAS home Printed from https://ideas.repec.org/a/gam/jftint/v14y2022i11p305-d953916.html
   My bibliography  Save this article

Identification of Risk Factors Using ANFIS-Based Security Risk Assessment Model for SDLC Phases

Author

Listed:
  • Rasheed Gbenga Jimoh

    (Department of Computer Science, Faculty of Information and Communication Sciences, University of Ilorin, Ilorin 240003, Nigeria)

  • Olayinka Olufunmilayo Olusanya

    (Department of Computer Science, Tai Solarin University of Education, Ijagun 120101, Nigeria)

  • Joseph Bamidele Awotunde

    (Department of Computer Science, Faculty of Information and Communication Sciences, University of Ilorin, Ilorin 240003, Nigeria)

  • Agbotiname Lucky Imoize

    (Department of Electrical and Electronics Engineering, Faculty of Engineering, University of Lagos, Akoka, Lagos 100213, Nigeria
    Department of Electrical Engineering and Information Technology, Institute of Digital Communication, Ruhr University, 44801 Bochum, Germany)

  • Cheng-Chi Lee

    (Research and Development Center for Physical Education, Health, and Information Technology, Department of Library and Information Science, Fu Jen Catholic University, New Taipei 24205, Taiwan
    Department of Computer Science and Information Engineering, Asia University, Taichung 41354, Taiwan)

Abstract

In the field of software development, the efficient prioritizing of software risks was essential and play significant roles. However, finding a viable solution to this issue is a difficult challenge. The software developers have to adhere strictly to risk management practice because each phase of SDLC is faced with its individual type of risk rather than considering it as a general risk. Therefore, this study proposes an adaptive neuro-fuzzy inference system (ANFIS) for selection of appropriate risk factors in each stages of software development process. Existing studies viewed the SDLC’s Security risk assessment (SRA) as a single integrated process that did not offer a thorough SRA at each stage of the SDLC process, which resulted in unsecure software development. Hence, this study identify and validate the risk factors needed for assessing security risk at each phase of SDLC. For each phase, an SRA model based on an ANFIS was suggested, using the identified risk factors as inputs. For the logical representation of the fuzzification as an input and output variables of the SRA risk factors for the ANFIS-based model employing the triangular membership functions. The proposed model utilized two triangular membership functions to represent each risk factor’s label, while four membership functions were used to represent the labels of the target SRA value. Software developers chose the SRA risk factors that were pertinent in their situation from the proposed taxonomy for each level of the SDLC process as revealed by the results. As revealed from the study’s findings, knowledge of the identified risk factors may be valuable for evaluating the security risk throughout the SDLC process.

Suggested Citation

  • Rasheed Gbenga Jimoh & Olayinka Olufunmilayo Olusanya & Joseph Bamidele Awotunde & Agbotiname Lucky Imoize & Cheng-Chi Lee, 2022. "Identification of Risk Factors Using ANFIS-Based Security Risk Assessment Model for SDLC Phases," Future Internet, MDPI, vol. 14(11), pages 1-21, October.
  • Handle: RePEc:gam:jftint:v:14:y:2022:i:11:p:305-:d:953916
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/1999-5903/14/11/305/pdf
    Download Restriction: no

    File URL: https://www.mdpi.com/1999-5903/14/11/305/
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Ievgen Babeshko & Oleg Illiashenko & Vyacheslav Kharchenko & Kostiantyn Leontiev, 2022. "Towards Trustworthy Safety Assessment by Providing Expert and Tool-Based XMECA Techniques," Mathematics, MDPI, vol. 10(13), pages 1-25, June.
    2. Islam, Gibrail & Storer, Tim, 2020. "A case study of agile software development for safety-Critical systems projects," Reliability Engineering and System Safety, Elsevier, vol. 200(C).
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Ferenc Bognár & Petra Benedek, 2022. "A Novel AHP-PRISM Risk Assessment Method—An Empirical Case Study in a Nuclear Power Plant," Sustainability, MDPI, vol. 14(17), pages 1-15, September.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:14:y:2022:i:11:p:305-:d:953916. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.