SwePub
Sök i LIBRIS databas

  Extended search

onr:"swepub:oai:DiVA.org:mau-12639"
 

Search: onr:"swepub:oai:DiVA.org:mau-12639" > A Novel Security-En...

  • 1 of 1
  • Previous record
  • Next record
  •    To hitlist

A Novel Security-Enhanced Agile Software Development Process Applied in an Industrial Setting

Baca, Dejan (author)
Boldt, Martin (author)
Blekinge Tekniska Högskola,Institutionen för datalogi och datorsystemteknik
Carlsson, Bengt (author)
Blekinge Tekniska Högskola,Institutionen för datalogi och datorsystemteknik
show more...
Jacobsson, Andreas (author)
Malmö högskola,Fakulteten för teknik och samhälle (TS),Internet of Things and People (IOTAP)
show less...
 (creator_code:org_t)
IEEE, 2015
2015
English.
In: ARES Conference International Conference on Availability, Reliability and Security 2015. - : IEEE. - 9781467365901
Related links:
http://www.ares-conf...
show more...
https://mau.diva-por... (primary) (Raw object)
https://urn.kb.se/re...
https://doi.org/10.1...
https://urn.kb.se/re...
show less...
  • Conference paper (peer-reviewed)
Abstract Subject headings
Close  
  • A security-enhanced agile software development process, SEAP, is introduced in the development of a mobile money transfer system at Ericsson Corp. A specific characteristic of SEAP is that it includes a security group consisting of four different competences, i.e., Security manager, security architect, security master and penetration tester. Another significant feature of SEAP is an integrated risk analysis process. In analyzing risks in the development of the mobile money transfer system, a general finding was that SEAP either solves risks that were previously postponed or solves a larger proportion of the risks in a timely manner. The previous software development process, i.e., The baseline process of the comparison outlined in this paper, required 2.7 employee hours spent for every risk identified in the analysis process compared to, on the average, 1.5 hours for the SEAP. The baseline development process left 50% of the risks unattended in the software version being developed, while SEAP reduced that figure to 22%. Furthermore, SEAP increased the proportion of risks that were corrected from 12.5% to 67.1%, i.e., More than a five times increment. This is important, since an early correction may avoid severe attacks in the future. The security competence in SEAP accounts for 5% of the personnel cost in the mobile money transfer system project. As a comparison, the corresponding figure, i.e., For security, was 1% in the previous development process.

Subject headings

NATURVETENSKAP  -- Data- och informationsvetenskap -- Datavetenskap (hsv//swe)
NATURAL SCIENCES  -- Computer and Information Sciences -- Computer Sciences (hsv//eng)

Keyword

Security
agile method
industrial setting
risk analysis
software development

Publication and Content Type

ref (subject category)
kon (subject category)

Find in a library

To the university's database

  • 1 of 1
  • Previous record
  • Next record
  •    To hitlist

Find more in SwePub

By the author/editor
Baca, Dejan
Boldt, Martin
Carlsson, Bengt
Jacobsson, Andre ...
About the subject
NATURAL SCIENCES
NATURAL SCIENCES
and Computer and Inf ...
and Computer Science ...
Articles in the publication
ARES Conference ...
By the university
Malmö University
Blekinge Institute of Technology

Search outside SwePub

Wikipedia about the author:
Dejan_Baca
Baca, Dejan
en

Kungliga biblioteket hanterar dina personuppgifter i enlighet med EU:s dataskyddsförordning (2018), GDPR. Läs mer om hur det funkar här.
Så här hanterar KB dina uppgifter vid användning av denna tjänst.

 
pil uppåt Close

Copy and save the link in order to return to this view