SECURETI: AN ADVANCED SDLC AND PROJECT MANAGEMENT TOOL FOR IT SECURITY AND RISK MANAGEMENT IN SEMICONDUCTOR COMPANIES

Abstract

Semiconductor companies, such as Texas Instruments (TI), rely heavily on software development for their manufacturing processes. However, software development also poses significant risks, especially in terms of IT security and project management. This paper presents the results of a survey conducted on TI's web developers to identify the current challenges faced regarding risk management and secure coding in the system development life cycle (SDLC). Based on the survey results, an advanced SDLC and project management tool called SecureTI is proposed, which integrates risk management and security tasks into each SDLC phase. SecureTI also includes a static code analysis tool to enforce secure coding and aligns with the guidelines of the National Institute of Standards and Technology (NIST). The proposed tool provides a solution for TI and other semiconductor companies to ensure IT security, project management, and SDLC initiatives are aligned. The paper includes a conceptual framework and model, related literature review, and development details of SecureTI. The proposed tool aims to address the challenges faced by TI and other semiconductor companies and ensure IT security requirements are met in the SDLC and project management phases.