• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

Integrating Software Security into Agile-Scrum Method

Vol. 8, No.2, February 27, 2014
10.3837/tiis.2014.02.019, Download Paper (Free):

Abstract

Scrum is one of the most popular and efficient agile development methods. However, like other agile methods such as Extreme Programming (XP), Feature Driven Development (FDD), and the Dynamic Systems Development Method (DSDM), Scrum has been criticized because of lack of support to develop secure software. Thus, in 2011, we published research proposing the idea of a security backlog (SB). This paper represents the continuation of our previous research, with a focus on the evaluation in industry-based case study. Our findings highlight an improved agility in Scrum after the integration of SB. Furthermore, secure software can be developed quickly, even in situations involving requirement changes of software. Based on our experimental findings, we noticed that, when integrating SB, it is quite feasible to develop secure software using an agile Scrum model.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
Imran Ghani, Zulkarnain Azham and Seung Ryul Jeong, "Integrating Software Security into Agile-Scrum Method," KSII Transactions on Internet and Information Systems, vol. 8, no. 2, pp. 646-663, 2014. DOI: 10.3837/tiis.2014.02.019

[ACM Style]
Ghani, I., Azham, Z., and Jeong, S. R. 2014. Integrating Software Security into Agile-Scrum Method. KSII Transactions on Internet and Information Systems, 8, 2, (2014), 646-663. DOI: 10.3837/tiis.2014.02.019