Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Introducing a novel security-enhanced agile software development process
Blekinge Tekniska Högskola, Fakulteten för datavetenskaper, Institutionen för datalogi och datorsystemteknik.ORCID-id: 0000-0002-9316-4842
Malmö University, SWE.
Fidesmo AB, SWE.
Blekinge Tekniska Högskola, Fakulteten för datavetenskaper, Institutionen för datalogi och datorsystemteknik.
2017 (engelsk)Inngår i: International Journal of Secure Software Engineering, ISSN 1947-3036, E-ISSN 1947-3044, ISSN 1947-3036, Vol. 8, nr 2Artikkel i tidsskrift (Fagfellevurdert) Accepted
Abstract [en]

In this paper, a novel security-enhanced agile software development process, SEAP, is introduced. It has been designed, tested, and implemented at Ericsson AB, specifically in the development of a mobile money transfer system. Two important features of SEAP are 1) that it includes additional security competences, and 2) that it includes the continuous conduction of an integrated risk analysis for identifying potential threats. As a general finding of implementing SEAP in software development, the developers solve a large proportion of the risks in a timely, yet cost-efficient manner. The default agile software development process at Ericsson AB, i.e. where SEAP was not included, required significantly more employee hours spent for every risk identified compared to when integrating SEAP. The default development process left 50.0% of the risks unattended in the software version that was released, while the application of SEAP reduced that figure to 22.5%. Furthermore, SEAP increased the proportion of risks that were corrected from 12.5% to 67.9%, a more than five times increment.

sted, utgiver, år, opplag, sider
2017. Vol. 8, nr 2
Emneord [en]
Software development, secure software development, secure agile development, agile method, software security, risk analysis, industrial setting, Ericsson AB
HSV kategori
Identifikatorer
URN: urn:nbn:se:bth-15165OAI: oai:DiVA.org:bth-15165DiVA, id: diva2:1143011
Tilgjengelig fra: 2017-09-20 Laget: 2017-09-20 Sist oppdatert: 2018-01-13bibliografisk kontrollert

Open Access i DiVA

fulltext(1435 kB)863 nedlastinger
Filinformasjon
Fil FULLTEXT01.pdfFilstørrelse 1435 kBChecksum SHA-512
15d376e6b4ab583c9a383f6e82671b8f8fd9033ebbac516ce662ecaeee3e87f0cfd3bdb07cfb47be0d61350c7729bc50e1f63baa788c061975ba053415751791
Type fulltextMimetype application/pdf

Personposter BETA

Carlsson, Bengt

Søk i DiVA

Av forfatter/redaktør
Boldt, MartinCarlsson, Bengt
Av organisasjonen
I samme tidsskrift
International Journal of Secure Software Engineering

Søk utenfor DiVA

GoogleGoogle Scholar
Totalt: 863 nedlastinger
Antall nedlastinger er summen av alle nedlastinger av alle fulltekster. Det kan for eksempel være tidligere versjoner som er ikke lenger tilgjengelige

urn-nbn

Altmetric

urn-nbn
Totalt: 2255 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf