Guidelines for Supporting Software Engineers in Developing Secure Web Applications
Paper in proceeding, 2025

As software applications get increasingly connected and complex, cybersecurity becomes more and more important to consider during development and evaluation. Software engineers need to be aware of various security threats and the countermeasures that can be taken to mitigate them. Currently, there is a lack of guidance for software engineers aiming to develop secure web applications. We conducted a design science research study, resulting in a set of guidelines to aid software engineers in developing secure web applications. The set of guidelines was constructed based on interview data with 10 industry practitioners. These guidelines were then evaluated using a survey with 28 respondents. Our results indicate that these proposed guidelines can be applied by software engineers to support the development and assessment of secure web applications in different stages of the software development lifecycle.

design science research

cybersecurity

software engineering

web applications

guidelines

survey

interviews

Author

Klara Svensson

Chalmers, Computer Science and Engineering (Chalmers), Software Engineering (Chalmers)

Drake Axelrod

Chalmers, Computer Science and Engineering (Chalmers), Software Engineering (Chalmers)

Mazen Mohamad

Chalmers, Computer Science and Engineering (Chalmers), Interaction Design and Software Engineering

Other publications Research

Rebekka Wohlrab

Chalmers, Computer Science and Engineering (Chalmers), Interaction Design and Software Engineering

Other publications Research

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

03029743 (ISSN) 16113349 (eISSN)

Vol. 15452 LNCS 123-138
9783031783852 (ISBN)

International Conference on Product-Focused Software Process Improvement (PROFES 2024)
Tartu, Estonia,

Subject Categories (SSIF 2011)

Computer and Information Science

Software Engineering

Subject Categories (SSIF 2025)

Security, Privacy and Cryptography

DOI

10.1007/978-3-031-78386-9_9

Publication data connected to DOI

More information

Latest update

6/25/2025

Feedback and support

If you have questions, need help, find a bug or just want to give us feedback you may use this form, or contact us per e-mail research.lib@chalmers.se.

About

Research.chalmers.se contains research information from Chalmers University of Technology, Sweden. It includes information on projects, publications, research funders and collaborations.

More about coverage period and what is publicly available

Privacy and cookies

Accessibility

Citation Style Language
citeproc-js (Frank Bennett)

Links

Chalmers Library
Chalmers Research
Chalmers Student Theses

Chalmers University of Technology

SE-412 96 GOTHENBURG, SWEDEN
PHONE: +46 (0)31-772 10 00
WWW.CHALMERS.SE