| 1. |
- Wäyrynen, Jaana, et al.
(författare)
-
Security engineering and eXtreme programming : An impossible marriage?
- 2004
-
Ingår i: EXTREME PROGRAMMING AND AGILE METHODS - XP/ AGILE UNIVERSE 2004, PROCEEDINGS. - Berlin : Springer. ; , s. 117-128
-
Konferensbidrag (refereegranskat)abstract
- Agile methods, such as eXtreme Programming (XP), have been criticised for being inadequate for the development of secure software. In this paper, we analyse XP from a security engineering standpoint, to assess to what extent the method can be used for development of security critical software. This is done by analysing XP in the light of two security engineering standards; the Systems Security Engineering-Capability Maturity Model (SSE-CMM) and the Common Criteria (CC). The result is that XP is more aligned with security engineering than one might think at first. However, XP also needs to be tailored to better support and to more explicitly deal with security engineering issues. Tailoring XP for secure software development, without removing the agility that is the trademark of agile methods, may be a solution that would make XP more compatible with current security engineering practices.
|
|
| 2. |
|
|
| 3. |
- Axelsson, Jakob, et al.
(författare)
-
Notes On Agile and Safety-Critical Development
- 2016
-
Ingår i: Software Engineering Notes. - : Association for Computing Machinery (ACM). - 0163-5948 .- 1943-5843. ; 41:2, s. 23-36
-
Tidskriftsartikel (refereegranskat)abstract
- Agile approaches have been highly influential to the software engineering practices in many organizations, and are increasingly being applied in larger companies, and for developing systems outside the pure software domain. To understand more about the current state of agile, its applications to safety-critical systems, and the consequences on innovation and large organizations, a seminar was organized in Stockholm in 2014. This paper gives an overview of the topics discussed at that seminar, a summary of the main results and suggestions for future work as input to a research agenda for agile development of safety-critical software.
|
|
| 4. |
|
|
| 5. |
- Boström, Gustav, et al.
(författare)
-
Aspects in the Agile Toolbox
- 2005
-
Konferensbidrag (övrigt vetenskapligt/konstnärligt)abstract
- The introduction of agile methodologies promises faster time to market and a flexible, customer-driven software development process. The flexibility with regards to requirements can however also be a risk if new non-functional requirements need to be implemented late in a software development project. In this article we argue that aspect-oriented programming is a technique that can mitigate this risk by providing the means to deal with non-functional, crosscutting requirements. The suggested solution is illustrated by an example where new requirements in the form of quality of service demands on an existing service are implemented by using aspect orientated programming.
|
|
| 6. |
|
|
| 7. |
- Etien, Anne, et al.
(författare)
-
Towards a Systematic Propagation of Evolution Requirements in IS Adaptation Projects
- 2004
-
Konferensbidrag (övrigt vetenskapligt/konstnärligt)abstract
- Information system adaptation is a type of system evolution, which can be managed defining evolution requirements as a set of gaps with the current system. The purpose of this paper is to propose a systematic approach that adapts a generic typology of gaps to facilitate the search and expression of evolution requirements whichever kind of modelling technique used to specify the current and the future situations. The paper advocates a business driven approach to align system adaptations to the objectives of the changing organisation. The paper presents the approach and illustrates it with a case study of a Swedish company.
|
|
| 8. |
|
|
| 9. |
- Kajko-Mattsson, Mira, et al.
(författare)
-
Communicating Risk Information in Agile and Traditional Environments
- 2007
-
Ingår i: SEAA 2007. - 9780769529776 ; , s. 401-408
-
Konferensbidrag (övrigt vetenskapligt/konstnärligt)abstract
- Structured and disciplined communication is a prerequisite for the effective management of risks. In this paper, we investigate what risk management information is communicated in traditional and agile development environments. Our goal is to find out whether there is any difference in the way risks are communicated. We do this by studying the management of risk information within three Canadian organizations. Our results show that there are few differences between the information as communicated in traditional and agile environments.
|
|
| 10. |
- Kajko-Mattsson, Miroslawa E J, et al.
(författare)
-
Outlining a Risk-Driven Development Model (RDD)
- 2009
-
Ingår i: Trends in communication technologies and engineering science. - Dordrecht : Springer. - 9781402094927 ; , s. 281-294
-
Konferensbidrag (övrigt vetenskapligt/konstnärligt)abstract
- On the surface, agile and risk management process models seem to constitute two contrasting approaches. Risk management follows a heavyweight management approach whereas agile process models advocate a lightweight engineering one. Despite this, a merge between those two is possible. This chapter suggests a Risk-Driven Development model (RDD), a model integrating risk management with agile development process models. It first identifies commonalities in these two process models. It then investigates the state of practice of integrating risk management with software development in 37 software organizations. The results of these two steps provide feedback for outlining the RDD model. The RDD model itself was evaluated by 10 software practitioners.
|
|
