Using Assurance Cases to Develop Iteratively Security Features Using Scrum

BEN OTHMANE L., Angin P., BHARGAVA B.

9th International Conference on Availability, Reliability and Security (ARES), Fribourg, İsviçre, 8 - 12 Eylül 2014, ss.490-497 identifier identifier

  • Yayın Türü: Bildiri / Tam Metin Bildiri
  • Doi Numarası: 10.1109/ares.2014.73
  • Basıldığı Şehir: Fribourg
  • Basıldığı Ülke: İsviçre
  • Sayfa Sayıları: ss.490-497
  • Orta Doğu Teknik Üniversitesi Adresli: Hayır

Özet

A security feature is a customer-valued capability of software for mitigating a set of security threats. Incremental development of security features, using the Scrum method, often leads to developing ineffective features in addressing the threats they target due to factors such as incomplete security tests. This paper proposes the use of security assurance cases to maintain a global view of the security claims as the feature is being developed iteratively and a process that enables the incremental development of security features while ensuring the security requirements of the feature are fulfilled.