Extending the agile development approach to develop acceptably secure software

L. Ben Othmane, P. Angin, H.T.G. Weffers, B. Bhargava

    Research output: Contribution to journalArticleAcademicpeer-review

    28 Citations (Scopus)
    2 Downloads (Pure)


    The agile software development approach makes developing secure software challenging. Existing approaches for extending the agile development process, which enables incremental and iterative software development, fall short of providing a method for efficiently ensuring the security of the software increments produced at the end of each iteration. This article (a) proposes a method for security reassurance of software increments and demonstrates it through a simple case study, (b) integrates security engineering activities into the agile software development process and uses the security reassurance method to ensure producing acceptably secure–by the business owner–software increments at the end of each iteration, and (c) discusses the compliance of the proposed method with the agile values and its ability to produce secure software increments.
    Original languageEnglish
    Pages (from-to)497-509
    Number of pages13
    JournalIEEE Transactions on Dependable and Secure Computing
    Issue number6
    Publication statusPublished - 2014

    Fingerprint Dive into the research topics of 'Extending the agile development approach to develop acceptably secure software'. Together they form a unique fingerprint.

    Cite this