Malmö University Publications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Introducing a Novel Security-Enhanced Agile Software Development Process
Malmö högskola, Faculty of Technology and Society (TS).ORCID iD: 0000-0002-8512-2976
2017 (English)In: International Journal of Secure Software Engineering, ISSN 1947-3036, E-ISSN 1947-3044, Vol. 8, no 2Article in journal (Refereed)
Abstract [en]

In this paper, a novel security-enhanced agile software development process, SEAP, is introduced. It has been designed, tested, and implemented at Ericsson AB, specifically in the development of a mobile money transfer system. Two important features of SEAP are 1) that it includes additional security competences, and 2) that it includes the continuous conduction of an integrated risk analysis for identifying potential threats. As a general finding of implementing SEAP in software development, the developers solve a large proportion of the risks in a timely, yet cost-efficient manner. The default agile software development process at Ericsson AB, i.e. where SEAP was not included, required significantly more employee hours spent for every risk identified compared to when integrating SEAP. The default development process left 50.0% of the risks unattended in the software version that was released, while the application of SEAP reduced that figure to 22.5%. Furthermore, SEAP increased the proportion of risks that were corrected from 12.5% to 67.9%, a more than five times increment.

Place, publisher, year, edition, pages
IGI Global, 2017. Vol. 8, no 2
Keywords [en]
Software development, secure software development, secure agile development, agile method, software security, risk analysis, industrial setting
National Category
Engineering and Technology
Identifiers
URN: urn:nbn:se:mau:diva-16066DOI: 10.4018/IJSSE.2017040102Local ID: 23982OAI: oai:DiVA.org:mau-16066DiVA, id: diva2:1419588
Available from: 2020-03-30 Created: 2020-03-30 Last updated: 2022-06-27Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full texthttps://www.igi-global.com/article/introducing-a-novel-security-enhanced-agile-software-development-process/190420

Authority records

Jacobsson, Andreas

Search in DiVA

By author/editor
Jacobsson, Andreas
By organisation
Faculty of Technology and Society (TS)
In the same journal
International Journal of Secure Software Engineering
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 38 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf