4.1 Findings of SLR Study
A systematic Literature Review (SLR) is a step-by-step procedure that
will help to identify the RE security risks and practices that need to
be addressed to assist GSD organizations in secure software development
(SSD). The identified RE security practices were then mapped into 11
fundamental categories of software security, as presented in Table 1.
Later in this study (section 4.5), the mapping categories were used to
create a comprehensive model of RE security practices for GSD
organizations and their main categories.
To perform mapping, a coding scheme was used to put the RE security
practices for GSD. The mapping scheme comprises three main categories:
general categorization, sub-categorization, and theoretical framework
[46]. Several studies that have been
conducted in different areas of software engineering have taken into
consideration these mapping approaches
[47-49]. To ensure the accuracy of
the mapping results, we conducted an inter-rater reliability test. We
requested participants in the pilot assessment of the questionnaire
survey study to perform the mapping process. We calculated the
non-parametric Kendall’s coefficient of concordance
(W)[50] based on the mapping results
of the study authors and external experts. Results (W=0.96) suggested
agreement between study authors and external experts. As a result, this
demonstrates that the process of mapping is both consistent and
unbiased.