Busting a myth: Review of agile security engineering methods
| dc.contributor.author | Rindell K. | |
| dc.contributor.author | Hyrynsalmi S. | |
| dc.contributor.author | Leppänen V. | |
| dc.contributor.organization | fi=ohjelmistotekniikka|en=Software Engineering| | |
| dc.contributor.organization | fi=tietojenkäsittelytiede|en=Computer Science| | |
| dc.contributor.organization-code | 1.2.246.10.2458963.20.71310837563 | |
| dc.contributor.organization-code | 2606803 | |
| dc.converis.publication-id | 27591674 | |
| dc.converis.url | https://research.utu.fi/converis/portal/Publication/27591674 | |
| dc.date.accessioned | 2025-08-27T20:41:56Z | |
| dc.date.available | 2025-08-27T20:41:56Z | |
| dc.description.abstract | <p>Engineering methods are essential in software development, and form a crucial element in the design and implementation of software security. Security engineering processes and activities have a long and well-standardized history of integration with software development methods. The inception of iterative and incremental software development methods raised suspicions of an inherent incompatibility between the traditional non-agile security processes and the new agile methods. This suspicion still affects the attitude towards agile security. To examine and explore this myth, this study presents a literature review of a selected set of agile secure software development methods. A systematic literature method was used to find the definitive set of secure agile software development methods, of which a core set of 11 papers was selected for analysis, and the security activities documented in the methods were extracted. The results show a wide and well-documented adaptation of security activities in agile software development, with the observed activities covering the whole security development life cycle. Based on the analysis, the inherent insecurity of the agile software development methods can be declared to be a mere myth.<br /></p> | |
| dc.format.pagerange | No. 74 | |
| dc.identifier.isbn | 978-1-4503-5257-4 | |
| dc.identifier.olddbid | 200059 | |
| dc.identifier.oldhandle | 10024/183086 | |
| dc.identifier.uri | https://www.utupub.fi/handle/11111/45554 | |
| dc.identifier.urn | URN:NBN:fi-fe2021042717530 | |
| dc.language.iso | en | |
| dc.okm.affiliatedauthor | Rindell, Kalle | |
| dc.okm.affiliatedauthor | Leppänen, Ville | |
| dc.okm.discipline | 113 Computer and information sciences | en_GB |
| dc.okm.discipline | 113 Tietojenkäsittely ja informaatiotieteet | fi_FI |
| dc.okm.internationalcopublication | not an international co-publication | |
| dc.okm.internationality | International publication | |
| dc.okm.type | A4 Conference Article | |
| dc.publisher.country | United States | en_GB |
| dc.publisher.country | Yhdysvallat (USA) | fi_FI |
| dc.publisher.country-code | US | |
| dc.relation.conference | International Conference on Availability, Reliability and Security | |
| dc.relation.doi | 10.1145/3098954.3103170 | |
| dc.relation.ispartofseries | ACM International Conference Proceeding Series | |
| dc.source.identifier | https://www.utupub.fi/handle/10024/183086 | |
| dc.title | Busting a myth: Review of agile security engineering methods | |
| dc.title.book | ARES '17: Proceedings of the 12th International Conference on Availability, Reliability and Security | |
| dc.year.issued | 2017 |
Tiedostot
1 - 1 / 1
Ladataan...
- Name:
- ASSD_2016__A_Review_new.pdf
- Size:
- 419.8 KB
- Format:
- Adobe Portable Document Format
- Description:
- Final draft