Threat Modeling in Agile Software Development

Risk Assessments ◽

Limited Resources ◽

Agile Development ◽

Security Testing ◽

Threat Modeling ◽

Threat modeling is a way to get an overview of possible attacks against your systems. The advantages of threat modeling include tackling security problems early, improved risk assessments, and more effective security testing. There will always be limited resources available for security, and threat modeling will allow you to focus on the most important areas first. There is no one single “correct” way of doing threat modeling, and “agile” is no excuse for not doing it. This chapter describes the authors' experiences with doing threat modeling with agile development organizations, outlining challenges to be faced and pitfalls to be avoided.

Agile Software Development

Security-Aware Systems Applications and Software Development Methods ◽

10.4018/978-1-4666-1580-9.ch001 ◽

2012 ◽

pp. 1-15

Author(s):

Torstein Nicolaysen ◽

Richard Sassoon ◽

Maria B. Line ◽

Martin Gilje Jaatun

Keyword(s):

Software Development ◽

Agile Development ◽

Implementation Team ◽

Agile Methodologies ◽

Development Lifecycle ◽

Software Development Lifecycle ◽

In this article, the authors contrast the results of a series of interviews with agile software development organizations with a case study of a distributed agile development effort, focusing on how information security is taken care of in an agile context. The interviews indicate that small and medium-sized agile software development organizations do not use any particular methodology to achieve security goals, even when their software is web-facing and potential targets of attack. This case study confirms that even in cases where security is an articulated requirement, and where security design is fed as input to the implementation team, there is no guarantee that the end result meets the security objectives. The authors contend that security must be built as an intrinsic software property and emphasize the need for security awareness throughout the whole software development lifecycle. This paper suggests two extensions to agile methodologies that may contribute to ensuring focus on security during the complete lifecycle.

Agile Software Development

International Journal of Secure Software Engineering ◽

10.4018/jsse.2010070105 ◽

2010 ◽

Vol 1 (3) ◽

pp. 71-85 ◽

Cited By ~ 8

Author(s):

Torstein Nicolaysen ◽

Richard Sassoon ◽

Maria B. Line ◽

Martin Gilje Jaatun

Keyword(s):

Software Development ◽

Agile Development ◽

Development Effort ◽

Implementation Team ◽

Development Lifecycle ◽

Software Development Lifecycle ◽

In this article, the authors contrast the results of a series of interviews with agile software development organizations with a case study of a distributed agile development effort, focusing on how information security is taken care of in an agile context. The interviews indicate that small and medium-sized agile software development organizations do not use any particular methodology to achieve security goals, even when their software is web-facing and potential targets of attack. This case study confirms that even in cases where security is an articulated requirement, and where security design is fed as input to the implementation team, there is no guarantee that the end result meets the security objectives. The authors contend that security must be built as an intrinsic software property and emphasize the need for security awareness throughout the whole software development lifecycle. This paper suggests two extensions to agile methodologies that may contribute to ensuring focus on security during the complete lifecycle.

New Approach on the Agile Cycles Containment Effectiveness Metrics in Automotive SW Development

ACTA IMEKO ◽

10.21014/acta_imeko.v7i4.564 ◽

2019 ◽

Vol 7 (4) ◽

pp. 3

Author(s):

Ionut Andrei Sandu ◽

Alexandru Salceanu

Keyword(s):

Software Development ◽

Agile Development ◽

Extended Version ◽

New Approach ◽

Development Team ◽

Real Application ◽

Original Contribution ◽

<p class="Abstract"><span lang="EN-US">In an ideal Agile Development Team, defects should not exist. But in reality and especially in Automotive Agile Software Development, we need to have a mechanism for defects handling and tracking to closure. In this paper we describe the benefits and principles for measuring the defects handling metrics in automotive programs and organizations which adopted Agile SW Development. We are presenting the Iteration Containment Effectiveness, Program Increment Containment Effectiveness and Defect Debt Trend metrics. The acquired advantages are demonstrated by a detailed example of real application on how to measure the classical Phase Containment Effectiveness metric on Iteration (Sprint) and Program Increment (Scum of Scrums / Scaled Agile) Level. This paper is an extended version of the original contribution to the IMEKO TC 4 2017 symposium in Iasi, Romania.</span></p>

Achieving Enterprise Agility through Innovative Software Development - Advances in Systems Analysis, Software Engineering, and High Performance Computing ◽

Agile Enablers and Adoption Scenario in Industry Context

10.4018/978-1-4666-8510-9.ch008 ◽

2015 ◽

pp. 157-178

Author(s):

Vinay Kukreja ◽

Amitoj Singh

Keyword(s):

Software Development ◽

Agile Development ◽

User Requirements ◽

Distributed Environment ◽

Team Members ◽

Agile Methodologies ◽

Software Development Methodologies ◽

In the globalization of fast changing business and technology environment, it becomes very important to respond quickly to changing user requirements. Traditional methodologies are not appropriate for the projects where user requirements are not fixed. Agile methodologies have been developed to cope up with user changing requirements and emphasize more on working software and customer collaboration. Agile is an umbrella term and it is used for many software development methodologies which shares common characteristics. This chapter mainly focuses on the working methodology of agile development and the usage areas of industry where agile development is implemented. Agile software development is difficult in distributed environment as the team members are at distributed locations. This chapter discusses agile industry applicability enablers which are useful for agile software development in distributed environment.

Agile Software Development Quality Assurance

Software Applications ◽

10.4018/978-1-60566-060-8.ch156 ◽

2009 ◽

pp. 2680-2699

Author(s):

James F. Kile ◽

Maheshwar R. Inampudi

Keyword(s):

Software Development ◽

High Performance ◽

General Rule ◽

Adaptive Methods ◽

Agile Development ◽

Performance Requirements ◽

Small Project ◽

Software Development Methodologies ◽

Of great interest to software development professionals is whether the adaptive methods found in agile methodologies can be successfully implemented in a highly disciplined environment and still provide the benefits accorded to fully agile projects. As a general rule, agile software development methodologies have typically been applied to non-critical projects using relatively small project teams where there are vague requirements, a high degree of anticipated change, and no significant availability or performance requirements (Boehm & Turner, 2004). Using agile methods in their pure form for projects requiring either high availability, high performance, or both is considered too risky by many practitioners (Boehm et al., 2004; Paulk, 2001). When one investigates the various agile practices, however, one gets the impression that each may still have value when separated from the whole. This chapter discusses how one team was able to successfully drive software development quality improvements and reduce overall cycle time through the introduction of several individual agile development techniques. Through the use of a common-sense approach to software development, it is shown that the incorporation of individual agile techniques does not have to entail additional risk for projects having higher availability, performance, and quality requirements.

IMPLEMENTATION OF REUSE IN THE AGILE SOFTWARE DEVELOPMENT PROCESS SCRUM

Asian Journal of Pharmaceutical and Clinical Research ◽

10.22159/ajpcr.2017.v10s1.19597 ◽

2017 ◽

Vol 10 (13) ◽

pp. 143 ◽

Cited By ~ 1

Author(s):

Jayasudha R ◽

Viswanathan V ◽

Shanthi P

Keyword(s):

Software Development ◽

Development Process ◽

Dynamic Change ◽

Agile Development ◽

Software Development Process ◽

Customer Requirements ◽

Waterfall Model ◽

Agile Software ◽

First Time

The concept of reuse is applied in one of the agile development methodologies called the scrum. Sprint is a single functionality and the result at the end of the sprint functionality is derived as the shippable or bugs. This paper makes an attempt to use the concept of reuse in the agile software development to meet the dynamic change of customer requirements in banks. A banking project is created using both waterfall model and scrum model, and the knowledge gained is stored in the ontology-based repository for the first time. Again, the same project is created for different vendors using the ontology-based repository. The result shows that maximum sprint is reused and all the knowledge gained is stored in the form of ontology. This ontology helps identify the shippable component of each sprint which is a small executable functionality. This leads to less cost and time to deliver the product. The main aim is to increase the availability of the reusable artifacts, which lead to increase the reusability of the developer. The experimental results show improvements in the performance of retrieving the components for the software development.

Investigation on Australian Agile Software Development Organizations: An Exploratory Study of Adaptable SCM Process Implementation

Journal of Computers ◽

10.4304/jcp.8.7.1799-1803 ◽

2013 ◽

Vol 8 (7) ◽

Author(s):

Usman K. Durrani ◽

Joan Richardson ◽

John Lenanrcic

Keyword(s):

Software Development ◽

Exploratory Study ◽

Process Implementation ◽

Systematic mapping on the agility evaluation in software development organizations

ITECKNE Innovación e Investigación en Ingeniería ◽

10.15332/iteckne.v16i1.2162 ◽

2019 ◽

Vol 16 (1) ◽

pp. 64-76

Author(s):

Wilson Alfredo Ortega-Ordóñez ◽

César Jesús Pardo-Calvache ◽

Francisco José Pino-Correa

Keyword(s):

Software Development ◽

Evaluation Criteria ◽

Transformation Process ◽

Systematic Mapping ◽

Research Stream ◽

Agile Software ◽

Relationship Of ◽

The Relationship

Agile software development approaches provide great benefits for organizations; however, their implementation is subject to many challenges. For organizations is important to know the level of agility achieved and the gaps in their transformation process in order to implement improvements in their processes and take advantage of the agile approaches. Keeping this in mind, this article presents a systematic mapping of the literature about the evaluation of agility in software development organizations. As a result, 18 studies were found, which were analyzed and compared taking into account the type of study, the relationship of the evaluation with the principles and agile values, the defined evaluation criteria, the validation methods used, and the proposed tools. In addition, the factors that influence the assessment of agility and the aspects that motivate the interest in this research stream are exposed.

Agile Software Development Quality Assurance

Agile Software Development Quality Assurance ◽

10.4018/978-1-59904-216-9.ch010 ◽

2011 ◽

pp. 186-205

Author(s):

J. Kile

Keyword(s):

Software Development ◽

High Performance ◽

General Rule ◽

Adaptive Methods ◽

Agile Development ◽

Performance Requirements ◽

Small Project ◽

Software Development Methodologies ◽

Of great interest to software development professionals is whether the adaptive methods found in agile methodologies can be successfully implemented in a highly disciplined environment and still provide the benefits accorded to fully agile projects. As a general rule, agile software development methodologies have typically been applied to non-critical projects using relatively small project teams where there are vague requirements, a high degree of anticipated change, and no significant availability or performance requirements (Boehm & Turner, 2004). Using agile methods in their pure form for projects requiring either high availability, high performance, or both is considered too risky by many practitioners (Boehm et al., 2004; Paulk, 2001). When one investigates the various agile practices, however, one gets the impression that each may still have value when separated from the whole. This chapter discusses how one team was able to successfully drive software development quality improvements and reduce overall cycle time through the introduction of several individual agile development techniques. Through the use of a common-sense approach to software development, it is shown that the incorporation of individual agile techniques does not have to entail additional risk for projects having higher availability, performance, and quality requirements.