Agile development of secure software for small and medium-sized enterprises
Abstract
Although agile methods gained popularity and became globally widespread, developing secure software with agile methods remains a challenge. Method elements (i.e., roles, activities, and artifacts) that aim to increase software security on one hand can reduce the characteristic agility of agile methods on the other. The overall aim of this paper is to provide small- and medium-sized enterprises (SMEs) with the means to improve the sustainability of their software development process in terms of software security despite their limitations, such as low capacity and/or financial resources. Although software engineering literature offers various security elements, there is one key research gap that hinders the ability to provide such means. It remains unclear not only how much individual security elements contribute to software security but also how they impact the agility and costs of software development. To address the gap, we identified security elements found in the literature and evaluated them for their impact on software security, agility, and costs in an international study among practitioners. Finally, we developed a novel lightweight approach for evaluating agile methods from a security perspective. The developed approach can help SMEs to adapt their software development to their needs.
Keywords
varen razvoj programske opreme;varnostni inženiring;majhna in srednje velika podjetja;upravljanje razvoja programske opreme;varnost;secure software development;security engineering;agile;small and medium sized enterprises;software development management;security;
Data
| Language: | English |
|---|---|
| Year of publishing: | 2023 |
| Typology: | 1.01 - Original Scientific Article |
| Organization: | UL FRI - Faculty of Computer and Information Science |
| UDC: | 004 |
| COBISS: |
135844867
|
| ISSN: | 2071-1050 |
| Views: | 30 |
| Downloads: | 0 |
| Average score: | 0 (0 votes) |
| Metadata: |
|
Other data
| Secondary language: | Slovenian |
|---|---|
| Secondary keywords: | Varstvo podatkov (računalništvo);Razvoj programske opreme; |
| Type (COBISS): | Scientific work |
| Pages: | str. 1-23 |
| Volume: | ǂVol. ǂ15 |
| Issue: | ǂiss. ǂ1 |
| Chronology: | 2023 |
| DOI: | 10.3390/su15010801 |
| ID: | 21327383 |
Recommended works:
Agile development of secure software for small and medium-sized enterprises
2023,
no subtitle data available
ǂA ǂdelegation-based lightweight agile approach for secure software development in small and medium enterprises
2024,
no subtitle data available
Identifying key activities, artifacts and roles in agile engineering of secure software with hierarchical clustering
2023,
no subtitle data available
Model agilnega sočasnega razvoja izdelka za majhna in srednje velika podjetja
2022,
doktorsko delo
Pomen blagovne znamke za majhna in srednje velika podjetja
2017,
primer blagovne znamke Vege & Dobro