Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Security Compliance in Agile Software Development: A Systematic Mapping Study
Technical University of Munich (TUM) and Siemens CT, DEU.
Universidad San Francisco de Quito (USFQ), ECU.
Universidad San Francisco de Quito (USFQ), ECU.
Blekinge Institute of Technology, Faculty of Computing, Department of Software Engineering.ORCID iD: 0000-0003-0619-6027
Show others and affiliations
2020 (English)In: Proceedings - 46th Euromicro Conference on Software Engineering and Advanced Applications, SEAA 2020 / [ed] Martini A.,Wimmer M.,Skavhaug A., Institute of Electrical and Electronics Engineers Inc. , 2020, p. 413-420, article id 9226365Conference paper, Published paper (Refereed)
Abstract [en]

Companies adopting agile development tend to face challenges in complying with security norms. Existing research either focuses on how to integrate security into agile methods or on discussing compliance issues of agile methods but independently of the regulation type, in particular of security standards. A comprehensive overview of this scattered field is still missing and we know little about how to achieve security compliance in agile software development. Existing secondary studies (mapping studies and literature reviews) analyze publications on secure agile development, but they do not analyze implications of security standard compliance, e.g., integration of specific standard requirements or compliance assessments. To close this gap, we report on a systematic mapping study. Starting with a set of 2,383 papers, our work distills 11 relevant publications addressing security compliance in agile software development. With this study, we contribute by describing the maturity of the field, as well as domains where security compliant agile software engineering was investigated. Moreover, we make explicit which phases of a secure development process are covered by the field and which agile principles are analyzed when aiming at compliance with international security standards, country-specific security regulations, industry-specific security standards, and other well-known security frameworks. © 2020 IEEE.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers Inc. , 2020. p. 413-420, article id 9226365
Keywords [en]
Agile Software Engineering, Secure Software Engineering, Security Compliance, Systematic Mapping Study, Application programs, Mapping, Network security, Regulatory compliance, Agile software development, Compliance assessments, International security, Security regulations, Standard requirements, Systematic mapping studies, Software design
National Category
Software Engineering
Identifiers
URN: urn:nbn:se:bth-20817DOI: 10.1109/SEAA51224.2020.00073ISI: 000702094100062Scopus ID: 2-s2.0-85096603749ISBN: 9781728195322 (print)OAI: oai:DiVA.org:bth-20817DiVA, id: diva2:1507409
Conference
46th Euromicro Conference on Software Engineering and Advanced Applications, SEAA 2020, Online, Kranj, Slovenia, 26 August 2020 through 28 August 2020
Part of project
SERT- Software Engineering ReThought, Knowledge FoundationAvailable from: 2020-12-07 Created: 2020-12-07 Last updated: 2021-10-21Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Mendez, Daniel

Search in DiVA

By author/editor
Mendez, Daniel
By organisation
Department of Software Engineering
Software Engineering

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 49 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf