IMPLEMENTING SECURE AND EFFICIENT CODE IN SYSTEM SOFTWARE DEVELOPMENT
Keywords:
Secure Coding, Efficient Code, OWASP, CERT,, Input Validation,, Input Validation, Memory Management, Performance Optimization, Security StandardsAbstract
System software development requires a careful balance between security and performance, as vulnerabilities can lead to serious breaches while inefficiencies can impact system functionality. This paper explores secure and efficient coding practices that strengthen system software, focusing on techniques like input validation, error handling, secure authentication, memory management, algorithmic optimization, and concurrency. The study evaluates these methods through a mixed-methods approach, using empirical data and literature review to analyze their effectiveness. Findings indicate that adhering to secure coding standards such as OWASP and CERT, combined with performance optimization techniques, significantly enhances both the resilience and efficiency of system software. Although challenges remain, such as added complexity and evolving security threats, this study demonstrates that a well-integrated approach can yield robust, high-performing system software.
References
Meng, N., Nagy, S., Yao, D. (Daphne), Zhuang, W., & Argoty, G.A. (2018). Secure coding practices in Java: challenges and vulnerabilities. In Proceedings of the 40th International Conference on Software Engineering (pp. 372–383). Association for Computing Machinery, New York, NY, USA. https://doi.org/10.1145/3180155.3180201
Gorski, P.L., Möller, S., Wiefling, S., & Iacono, L.L. (2022). “I just looked for the solution!” On Integrating Security-Relevant Information in Non-Security API Documentation to Support Secure Coding Practices. IEEE Transactions on Software Engineering, 48(9), 3467–3484. https://doi.org/10.1109/TSE.2021.3094171
Kortbeek, V., Ghosh, S., Hester, J., Campanoni, S., & Pawełczak, P. (2022). WARio: efficient code generation for intermittent computing. In Proceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation (pp. 777–791). Association for Computing Machinery, New York, NY, USA. https://doi.org/10.1145/3519939.3523454
Corral-García, J., González-Sánchez, J.-L., & Pérez-Toledano, M.-Á. (2018). Evaluation of Strategies for the Development of Efficient Code for Raspberry Pi Devices. Sensors, 18(11), 4066. https://doi.org/10.3390/s18114066
Kim, J., Smereka, J., Cheung, C., Nepal, S., & Grobler, M. (2018). Security and Performance Considerations in ROS 2: A Balancing Act. arXiv.org.
Ni, J., Zhang, K., Lin, X., & Shen, X.S. (2019). Balancing Security and Efficiency for Smart Metering Against Misbehaving Collectors. IEEE Transactions on Smart Grid, 10(2), 1225–1236. https://doi.org/10.1109/TSG.2017.2761804
Al-Qerem, A., Alauthman, M., Almomani, A. et al. IoT transaction processing through cooperative concurrency control on fog–cloud computing environment. Soft Comput 24, 5695–5711 (2020). https://doi.org/10.1007/s00500-019-04220-y
Jiang, Z.-M., Bai, J.-J., Lu, K., & Hu, S.-M. (2022). Context-Sensitive and Directional Concurrency Fuzzing for Data-Race Detection. Proceedings 2022 Network and Distributed System Security Symposium. https://doi.org/10.14722/ndss.2022.24296
Bhatt, N., Anand, A. and Aggrawal, D. (2020), "Improving system reliability by optimal allocation of resources for discovering software vulnerabilities", International Journal of Quality & Reliability Management, Vol. 37 No. 6/7, pp. 1113-1124. https://doi.org/10.1108/IJQRM-07-2019-0246
Anjum, M., Kapur, P. K., Agarwal, V., & Khatri, S. K. (2020). Assessment of Software Vulnerabilities using Best-Worst Method and Two-Way Analysis. International Journal of Mathematical, Engineering and Management Sciences, 5(2), 328-342. https://doi.org/10.33889/IJMEMS.2020.5.2.027.
Downloads
Published
Issue
Section
License
Copyright (c) -1 Sagar Vishnubhai Sheta (Author)
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
