Security Verification and Validation by Software SMEs: Theory versus Practice
To improve software engineering practice it is essential to observe the socio-technical realities that surround software development within an industrial context. There is a lack of empirical knowledge of security verification and validation practice within an SME context. When coupled with the recognized importance, and inherent complexities, of such practice, it appears fundamentally sound to understand the faced socio-technical realities to ensure continued process improvement and improved technology adoption and research guidance. Within this paper, the authors highlight the importance of obtaining such an understanding.