Integrating Software Security into Agile-Scrum Method
نویسندگان
چکیده
Scrum is one of the most popular and efficient agile development methods. However, like other agile methods such as Extreme Programming (XP), Feature Driven Development (FDD), and the Dynamic Systems Development Method (DSDM), Scrum has been criticized because of lack of support to develop secure software. Thus, in 2011, we published research proposing the idea of a security backlog (SB). This paper represents the continuation of our previous research, with a focus on the evaluation in industry-based case study. Our findings highlight an improved agility in Scrum after the integration of SB. Furthermore, secure software can be developed quickly, even in situations involving requirement changes of software. Based on our experimental findings, we noticed that, when integrating SB, it is quite feasible to develop secure software using an agile Scrum model.
منابع مشابه
Toward Integrating a System Theoretic Safety Analysis in an Agile Development Process
Agile development methodologies are becoming a tendency in today’s changing software development. However, due to a lack of safety assurance activities, especially safety analysis, agile methods are criticized for being inadequate for the development of safe software. In this paper, we introduce an agile ”Safe Scrum” by mapping a novel systematic safety analysis method, called STPA (System-Theo...
متن کاملIntegrating Security into Agile Models : Scrum , Feature - Driven Development ( FDD ) , and eXtreme Programming ( XP )
Agile methodologies have gained recognition in recent years as being efficient development processes through their quick delivery of software, even under time constraints. Agile methodologies consist of a few process models that have their own criteria in helping different types of projects. However, agile methods such as Scrum, Feature-Driven Development (FDD), and eXtreme Programming (XP) hav...
متن کاملSoftware Security Engineering in Extreme Programming Methodology: a Systematic Literature Review
SOFTWARE SECURITY ENGINEERING IN EXTREME PROGRAMMING METHODOLOGY: A SYSTEMATIC LITERATURE REVIEW Imran Ghani (Universiti Teknologi Malaysia, Skudai, Johor, Malaysia [email protected]) Izzaty Yasin (Universiti Teknologi Malaysia, Skudai, Johor, Malaysia [email protected]) ABSTRACT: Agile methodology such as Extreme Programming (XP) has gained enough recognition as efficient development process by ...
متن کاملOn Integrating Architecture Design into Engineering Agile Software Systems
Agile software system development approaches have become popular since the late 1990s. Agile method has been increasingly adopted by big players in software industry such as IBM, Microsoft, Nokia and Philips with a view to improving quality and productivity. Such quality improvement goals must be measured during system development to validate the approach, and there is a need for more qualitati...
متن کاملA Review on Software Development Security Engineering using Dynamic System Method (DSDM)
Agile methodology such as Scrum, Extreme Programming (XP), Feature Driven Development (FDD) and the Dynamic System Development Method (DSDM) have gained enough recognition as efficient development process by delivering software fast even under the time constrains. However, like other agile methods DSDM has been criticized because of unavailability of security element in its four phases. In orde...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- TIIS
دوره 8 شماره
صفحات -
تاریخ انتشار 2014