Agile development of secure software for small and medium-sized enterprises
Povzetek
Although agile methods gained popularity and became globally widespread, developing secure software with agile methods remains a challenge. Method elements (i.e., roles, activities, and artifacts) that aim to increase software security on one hand can reduce the characteristic agility of agile methods on the other. The overall aim of this paper is to provide small- and medium-sized enterprises (SMEs) with the means to improve the sustainability of their software development process in terms of software security despite their limitations, such as low capacity and/or financial resources. Although software engineering literature offers various security elements, there is one key research gap that hinders the ability to provide such means. It remains unclear not only how much individual security elements contribute to software security but also how they impact the agility and costs of software development. To address the gap, we identified security elements found in the literature and evaluated them for their impact on software security, agility, and costs in an international study among practitioners. Finally, we developed a novel lightweight approach for evaluating agile methods from a security perspective. The developed approach can help SMEs to adapt their software development to their needs.
Ključne besede
varen razvoj programske opreme;varnostni inženiring;majhna in srednje velika podjetja;upravljanje razvoja programske opreme;varnost;secure software development;security engineering;agile;small and medium sized enterprises;software development management;security;
Podatki
| Jezik: | Angleški jezik |
|---|---|
| Leto izida: | 2023 |
| Tipologija: | 1.01 - Izvirni znanstveni članek |
| Organizacija: | UL FRI - Fakulteta za računalništvo in informatiko |
| UDK: | 004 |
| COBISS: |
135844867
|
| ISSN: | 2071-1050 |
| Št. ogledov: | 30 |
| Št. prenosov: | 0 |
| Ocena: | 0 (0 glasov) |
| Metapodatki: |
|
Ostali podatki
| Sekundarni jezik: | Slovenski jezik |
|---|---|
| Sekundarne ključne besede: | Varstvo podatkov (računalništvo);Razvoj programske opreme; |
| Vrsta dela (COBISS): | Znanstveno delo |
| Strani: | str. 1-23 |
| Letnik: | ǂVol. ǂ15 |
| Zvezek: | ǂiss. ǂ1 |
| Čas izdaje: | 2023 |
| DOI: | 10.3390/su15010801 |
| ID: | 21327383 |
Priporočena dela:
Agile development of secure software for small and medium-sized enterprises
2023,
ni podatka o podnaslovu
ǂA ǂdelegation-based lightweight agile approach for secure software development in small and medium enterprises
2024,
ni podatka o podnaslovu
Identifying key activities, artifacts and roles in agile engineering of secure software with hierarchical clustering
2023,
ni podatka o podnaslovu
Model agilnega sočasnega razvoja izdelka za majhna in srednje velika podjetja
2022,
doktorsko delo
Pomen blagovne znamke za majhna in srednje velika podjetja
2017,
primer blagovne znamke Vege & Dobro