Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Literature review of the challenges of developing secure software using the agile approach

 
: Oueslati, Hela; Rahman, Mohammad Masudur; Othmane, Lotfi ben

:

Institute of Electrical and Electronics Engineers -IEEE-; IEEE Computer Society:
10th International Conference on Availability, Reliability and Security, ARES 2015. Proceedings : 24-28 August 2015, Toulouse, France
Los Alamitos, Calif.: IEEE Computer Society Conference Publishing Services (CPS), 2015
ISBN: 978-1-4673-6590-1
ISBN: 978-1-4673-6591-8
ISBN: 978-1-4673-6589-5
pp.540-547
International Conference on Availability, Reliability and Security (ARES) <10, 2015, Toulouse>
International Workshop on Agile Secure Software Development (ASSD) <1, 2015, Toulouse>
English
Conference Paper
Fraunhofer SIT ()

Abstract
A set of challenges of developing secure software using the agile development approach and methods are reported in the literature. This paper reports about a systematic literature review to identify these challenges and evaluates the causes of each of these challenges, with respect to the agile values, the agile principles, and the security assurance practices. We identified in this study 20 challenges, which are reported in 10 publications. We found that 14 of these challenges are valid and 6 are neither caused by the agile values and principles, nor by the security assurance practices. We also found that 2 of the valid challenges are related to the software development life-cycle, 4 are related to incremental development, 4 are related to security assurance, 2 are related to awareness and collaboration, and 2 are related to security management. These results justify the need for research to make developing secure software smooth.

: http://publica.fraunhofer.de/documents/N-382698.html