Publicação
SECURITY AND RISK IN SOFTWARE DEVELOPMENT PROJECTS: A BIBLIOMETRIC REVIEW
| datacite.subject.fos | Engenharia e Tecnologia | |
| dc.contributor.author | Conceição, Francisco | |
| dc.contributor.author | Dias Lousã, Mário Jorge | |
| dc.contributor.author | Dias Lousã, Mário Jorge | |
| dc.contributor.author | Pereira de Morais, José Carlos | |
| dc.contributor.author | Pereira de Morais, José Carlos | |
| dc.contributor.editor | Morais, José Carlos | |
| dc.contributor.editor | Lousã, Mário | |
| dc.date.accessioned | 2026-01-29T18:16:00Z | |
| dc.date.available | 2026-01-29T18:16:00Z | |
| dc.date.issued | 2026-01-01 | |
| dc.description.abstract | Security analysis is increasingly central to software development as organizations face rising cyber risk and regulatory pressure. Although extensive research exists on cyber risk assessment, secure software development, and security requirements, the literature remains fragmented at the project level. This study presents a bibliometric analysis of research published between 2015 and 2026, using data retrieved exclusively from The Lens and structured through a PRISMA-guided workflow. Only journal and conference publications addressing security analysis within software development pro-jects were retained, while studies focused solely on isolated technical vulnerabilities or non-project contexts were excluded, resulting in a final dataset of 1,008 documents. The dataset was analyzed using descriptive bibliometrics, collaboration and geographical analysis, field-of-study classifica-tion, keyword co-occurrence, co-citation, and bibliographic coupling, supported by VOSviewer. Re-sults show sustained growth after 2019 and strong dominance of computer science and software en-gineering. Influential contributions cluster around secure SDLC frameworks, ISO/NIST standards, requirement decomposition, and emerging quantitative risk models. Despite this consolidation, the analysis reveals persistent gaps, including weak integration between cyber risk assessment and re-quirements engineering, limited project-level operationalization of security attributes, and a scarcity of approaches tailored to small and medium-sized enterprises (SMEs). These findings highlight the need for integrated, requirement-driven security analysis frameworks that bridge technical and or-ganizational perspectives within software development projects. | eng |
| dc.identifier.citation | Conceição, F., Lousã, M., & Morais, J. (2026). | |
| dc.identifier.doi | https://doi.org/10.58086/t0n3-0y36 | |
| dc.identifier.issn | 0874-8799 | |
| dc.identifier.uri | http://hdl.handle.net/10400.26/61317 | |
| dc.language.iso | eng | |
| dc.peerreviewed | yes | |
| dc.publisher | Ispgaya | |
| dc.relation.ispartofseries | Politécnica | |
| dc.rights.uri | http://creativecommons.org/licenses/by/4.0/ | |
| dc.subject | SMEs | |
| dc.subject | Software projects | |
| dc.subject | Cyber risk assessment | |
| dc.subject | Requirements engineering | |
| dc.subject | Bibliometric Analysis. | |
| dc.title | SECURITY AND RISK IN SOFTWARE DEVELOPMENT PROJECTS: A BIBLIOMETRIC REVIEW | eng |
| dc.type | text | |
| dspace.entity.type | Publication | |
| oaire.citation.endPage | 100 | |
| oaire.citation.issue | 1 | |
| oaire.citation.startPage | 83 | |
| oaire.citation.title | Politécnica | |
| oaire.citation.volume | 32 | |
| oaire.version | http://purl.org/coar/version/c_970fb48d4fbd8a85 | |
| person.familyName | Dias Lousã | |
| person.familyName | Pereira de Morais | |
| person.givenName | Mário Jorge | |
| person.givenName | José Carlos | |
| person.identifier.ciencia-id | 471D-D183-2BDE | |
| person.identifier.ciencia-id | D412-2DF0-6747 | |
| person.identifier.orcid | 0000-0001-7776-5528 | |
| person.identifier.orcid | 0000-0002-7924-5902 | |
| relation.isAuthorOfPublication | 890c1788-42db-480a-aa2d-e1aa19b98ebb | |
| relation.isAuthorOfPublication | 15f8ed06-6876-4d00-ac07-2822e0c5454e | |
| relation.isAuthorOfPublication.latestForDiscovery | 890c1788-42db-480a-aa2d-e1aa19b98ebb |