6. Research Limitations
Initially, we conducted SLR to study the relevant literature to find out
the RE security practices to address the security risks faced by GSD
organizations in the RE phase of the SDLC. In the conduction of SLR, the
first author searched the literature with the help of a defined search
string and completed the primary and final selection of the papers. In
contrast, the second co-author reviewed the selection and data
extraction processes. This process may be biased. To mitigate this risk,
this paper’s third co-author carried out the inclusion, exclusion,
quality assessment, and data extraction processes for a total of fifteen
random studies selected from 121 final papers. In addition, we conducted
the inter-rater reliability test with Software Engineering Research
Group (University of Malakand) (SERG_UOM) experts. The findings
demonstrate no major bias and that the data collected and the analysis
are compatible.
As a second consideration, relevant published materials were likely
overlooked throughout the data collection procedure. This shortcoming is
not systematic, as our investigation includes 121 representative
literature items [48,
60]. The questionnaire survey method
has been implemented to conduct an empirical investigation of the
identified RE security practices with the assistance of GSD industry
experts in the SSD domain. When developing survey instruments, there is
always the possibility of encountering a risk. This concern was
mitigated by piloting and evaluating the development questionnaire with
”Software Engineering Research Group (SERG UOM) Pakistan”, ”King Fahd
University of Petroleum and Minerals, Saudi Arabia”, and ”Qatar
University, Doha, Qatar.”
For the third concern, the ISM approach findings are based on thirteen
experts’ decisions, which may be a tiny data set. This is because these
investigations are subjective, and other studies
[43,
47] have also used a small data set for
this analysis. As a result, the outcomes of the ISM technique are
generalizable.