The software development environment is focused on reaching functional products in the shortest period by making use of the least amount of resources possible. In this scenario, crucial elements such as software quality or software security are not considered at all, and in most cases, the high value offered to the projects is not taken into account. Nowadays, agile models are booming. They are defined by the way they achieve the interaction and integration of everyone involved in the software life cycle, the advantages of the quick reaction to change, and the implementation of artifacts or deliverables which display the level of progress reached at any time. In this context, it seems clearly necessary to define a new software development model, which prioritizes security aspects at any phase of the software life cycle and takes advantage of the benefits of the agile models. The proposed methodology shows that if security is considered from the beginning, vulnerabilities are easily detected and solved during the time planned for the project, with no extra time nor costs for the client and it increases the possibilities of reaching success in terms of not only functionality but also quality.
[1]
Steven B. Lipner,et al.
The trustworthy computing security development lifecycle
,
2004,
20th Annual Computer Security Applications Conference.
[2]
Imran Ghani,et al.
Security backlog in Scrum security practices
,
2011,
2011 Malaysian Conference in Software Engineering.
[3]
Mohammad Alshraideh,et al.
A Survey on Design Methods for Secure Software Development
,
2017,
BIOINFORMATICS 2017.
[4]
Imran Ghani,et al.
Secure Feature Driven Development (SFDD) Model for Secure Software Development
,
2014
.
[5]
Anthony Hall,et al.
Correctness by Construction: Developing a Commercial Secure System
,
2002,
IEEE Softw..