Where academic tradition
meets the exciting future

A Comparison of Security Assurance Support of Agile Software Development Methods

Kalle Rindell, Sami Hyrynsalmi, Ville Leppänen, A Comparison of Security Assurance Support of Agile Software Development Methods. In: Boris Rachev, Angel Smrikarov (Eds.), Proceedings of the 16th International Conference on Computer Systems and Technologies (CompSysTech '15), 61–68, ACM New York, 2015.

http://dx.doi.org/10.1145/2812428.2812431

Abstract:

Agile methods increase the speed and reduce the cost of software projects; however, they have been criticized for lack of documentation, traditional quality control, and, most importantly, lack of security assurance - mostly due to their informal and self-organizing approach to software development. This paper clarifies the requirements for security assurance by using an evaluation framework to analyze the compatibility of established agile security development methods: XP, Scrum and Kanban, combined with Microsoft SDL security framework, against Finland's established national security regulation (Vahti). We also analyze the selected methods based on their role definitions, and provide some avenues for future research.

BibTeX entry:

@INPROCEEDINGS{inpRiHyLe15b,
  title = {A Comparison of Security Assurance Support of Agile Software Development Methods},
  booktitle = {Proceedings of the 16th International Conference on Computer Systems and Technologies (CompSysTech '15)},
  author = {Rindell, Kalle and Hyrynsalmi, Sami and Leppänen, Ville},
  editor = {Rachev, Boris and Smrikarov, Angel},
  publisher = {ACM New York},
  pages = {61–68},
  year = {2015},
  keywords = {DESMET, SDL, Scrum, XP, kanban, secure agile development, security assurance, Vahti},
}

Belongs to TUCS Research Unit(s): Software Development Laboratory (SwDev)

Publication Forum rating of this publication: level 1

Edit publication