Systematic Literature Reviews
This is a collection of notes about systematic literature reviews. I've decided to include a section on them to build up competences with research methods.
Glossary
Systematic Literature Review (SLR)
"A systematic literature review is a means of evaluating and interpreting all available research relevant to a particular research question, topic area, or phenomenon of interest." ( Kitchenham & Charters, 2007 )
Guidelines
- Kitchenham, B. & Charters, S. (2007) Guidelines for performing Systematic Literature Reviews in Software Engineering. - Kitchenham and Charters present guidelines for systematic literature reviews appropriate for software engineering researchers, derived from existing guidelines used in other domains.
Reflection
Systematic literature reviews aren't really in the domain of secure software development, the topic of this module. But in the previous module I began to recognise them as a particularly useful type of paper for the organisation they provide to research that exists already. I mentioned that I want to eventually conduct one, so I put some time into reading Kitchenham and Charters guidelines' to be able to do that.
Examples
- Asghar, M., Alam, K. & Javed, S. (2019) Software Design Patterns Recommendation: A Systematic Literature Review. 2019 International Conference on Frontiers of Information Technology (FIT). Islamabad, Pakistan, 2019. New York, USA: IEEE. 1670-1675 - Asghar et al. conduct a systematic literature review on the topic of design pattern recommendation systems, spanning 2010-2019.
- Mkhinini, M., Labbani-Narsis, O. & Nicolle, C. (2020) Combining UML and ontology: An exploratory survey. Computer Science Review. 35(1): 100223. DOI. - Mkhinini conduct a systematic literature review (SLR) of research on both object-oriented modelling and semantic modelling, classifying literature while investigating the relationship between the two disciplines.
- Sharma, A. & Bawa, R. (2020) Identification and integration of security activities for secure agile development. International Journal of Information Technology 14(2): 1117-1130. - Sharma and Bawa compare four security engineering processes: CLASP, Common Criteria, Cigital Touchpoints and Microsoft's SDL, identify security actvities using a systematic literature review, and propose a dynamic integration algorithm for integrating security activities into an agile process.