Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Using assurance cases to develop iteratively security features using scrum

: Othmane, L. ben; Angin, P.; Bhargava, B.


Institute of Electrical and Electronics Engineers -IEEE-; IEEE Computer Society:
Ninth International Conference on Availability, Reliability and Security, ARES 2014 : Fribourg, Switzerland, 8 - 12 September 2014; Including workshops
Los Alamitos, Calif.: IEEE Computer Society Conference Publishing Services (CPS), 2014
ISBN: 978-1-4799-4223-7
ISBN: 978-1-4799-7876-2
International Conference on Availability, Reliability, and Security (ARES) <9, 2014, Fribourg>
Conference Paper
Fraunhofer SIT ()

A security feature is a customer-valued capability of software for mitigating a set of security threats. Incremental development of security features, using the Scrum method, often leads to developing ineffective features in addressing the threats they target due to factors such as incomplete security tests. This paper proposes the use of security assurance cases to maintain a global view of the security claims as the feature is being developed iteratively and a process that enables the incremental development of security features while ensuring the security requirements of the feature are fulfilled.