Assessing Security in Software Product Lines: a Maintenance Analysis

Different terms such as the real-time enterprise service oriented architectures and composite software applications have gained importance in industry. It brings us the need of information systems that support cross-application integration cross-company transactions and end-user access through a range of channels including the Internet. In this context Software Product Line (SPL) Engineering has gained importance by product-oriented companies as a strategy to cope with the increasing demand of large-scale product customization providing an effective and efficient way of improving productivity software quality and time-to-market. These benefits combined with the need of most applications interact with other applications and the internet access makes critical assets vulnerable to many threats. The software security comes to be an important aspect to be considered. As we demonstrate in this work the software security should be considered from early software development phases in order to minimize development costs and protect the company data. It was performed by comparing different implementation mechanisms and security tactics.