Securing Scrum for VAHTI
نویسندگان
چکیده
Software security is a combination of security methods, techniques and tools, aiming to promote data confidentiality, integrity, usability, availability and privacy. In order to achieve concrete and measurable levels of software security, several international, national and industry-level regulations have been established. Finnish governmental security standard collection, VAHTI, is one of the most extensive example of these standards. This paper presents a selection of methods, tools, techniques and modifications to Scrum software development method to achieve the levels of security compliant with VAHTI instructions for software development. These comprise of security-specific modifications and additions to Scrum roles, modifications to sprints, and inclusion of special hardening sprints and spikes to implement the security items in the product backlog. Security requirements are transformed to security stories, abuse cases and other security-related tasks. Definition of done regarding the VAHTI requirements on is established and the steps to achieve it are described.
منابع مشابه
Scrum model pdf
By utilizing this Scrum Guide you acknowledge and agree that you have read and. In this paper we introduce a development process, SCRUM, that. The team model in Scrum is designed to optimize flexibility, creativity, and. scrum model in software engineering ppt KEY WORDS: SCRUM SEI Capability-Maturity-Model Process Empirical. In this paper we introduce a development process, SCRUM, that. CTO Wor...
متن کاملSecure Scrum: Development of Secure Software with Scrum
Nowadays, the use of agile software development methods like Scrum is common in industry and academia. Considering the current attacking landscape, it is clear that developing secure software should be a main concern in all software development projects. In traditional software projects, security issues require detailed planning in an initial planning phase, typically resulting in a detailed se...
متن کاملCompetencies outside Agile Teams' Borders: The Extended Scrum Team
According to the Scrum process framework a Scrum team should have all necessary competencies to accomplish its work. Fragmented and anecdotal evidence hints at Scrum teams still needing additional, external competencies. To contribute to theories on Scrum team composition and practitioner’s concerns in staffing a Scrum team we investigated Scrum teams’ cross-functionality: To whom do Scrum team...
متن کاملScrum of scrums solution for large size teams using scrum methodology
Scrum is a structured framework to support complex product development. However, Scrum methodology faces a challenge of managing large teams. To address this challenge, in this paper we propose a solution called Scrum of Scrums. In Scrum of Scrums, we divide the Scrum team into teams of the right size, and then organize them hierarchically into a Scrum of Scrums. The main goals of the proposed ...
متن کامل