short-paper

ScrumS: a model for safe agile development

Authors:
Rene Esteves Maria

Brazilian Aeronautics Institute of Technology - ITA, Brazil

Brazilian Aeronautics Institute of Technology - ITA, Brazil
View Profile

,
Luiz Antonio Rodrigues

Federal Institute of Education, Science and Technology of Sao, Caraguatatuba, Brazil

Federal Institute of Education, Science and Technology of Sao, Caraguatatuba, Brazil
View Profile

,
Nelson Alves Pinto

Federal Institute of Education, Science and Technology of Sao, Caraguatatuba, Brazil

Federal Institute of Education, Science and Technology of Sao, Caraguatatuba, Brazil
View Profile

MEDES '15: Proceedings of the 7th International Conference on Management of computational and collective intElligence in Digital EcoSystemsOctober 2015Pages 43–47https://doi.org/10.1145/2857218.2857225

Published:25 October 2015Publication History

MEDES '15: Proceedings of the 7th International Conference on Management of computational and collective intElligence in Digital EcoSystems

Pages 43–47

ABSTRACT

The utilization of the Scrum method for software development offers major benefits to its users, such as the process acceleration and resources to deal with the instability of technological environments. Fast customer feedback and support for volatile requirement results in a higher product value, however it hinders the team in dealing appropriately with a critical aspect of every system, which is the information security. Whereas attacks have become more sophisticated that even simpler systems can be potential targets, so it is essential to treat software security within the agile method itself, in order to make it part of the process. Aiming to improve system's quality, reliability, and security, this work proposes an accessory to the Scrum agile method named ScrumS, which adds specific security techniques for a risk analysis project.

References

Version One. State of Agile Survey: The State of Agile Development. Version One, 2010.Google Scholar
Schwaber, K. Agile Project Management with SCRUM. Microsoft Press, 2004. Google ScholarDigital Library
Azham, Z., Ghani, I., and Ithnin, N. Security Backlog in Scrum Security Practices. Software Engineering (MySEC), Johor Bahru, 2011. DOI=10.1109/MySEC.2011.6140708Google ScholarCross Ref
Schneier, B. Secrets and Lies: Digital Security in a Networked World. John Wiley & Sons, New York, 2000. Google ScholarDigital Library
Pinto, N. A. A Process Model for Security Tests Using a Risk Oriented Approach. Brazilian Aeronautics Institute of Technology, Sao Jose dos Campos, Brazil, 2008.Google Scholar
Viega, J., and McGraw, G. Building Secure Software: How to Avoid Security Problems the Right Way. Addison-Wesley Professional, 2001. Google ScholarDigital Library
Stoneburner G., Goguen A., and Feringa, A. Risk Management Guide for Information Technology Systems. National Institute of Standards & Technology, Gaithersburg, 2002.Google ScholarCross Ref
Mougouei, D. et. al. S-Scrum: a Secure Methodology for Agile Development of Web Services. World of Computer Science and Information Technology Journal (WCSIT), 3 (1), 2013, 15--19.Google Scholar
McGraw, G. Software Security. Security & Privacy, IEEE, 2 (2), 2004, 80--83. DOI=10.1109/MSECP.2004.1281254 Google ScholarDigital Library
Highsmith, J. Agile Project Management: Creating Innovative Products. Addison-Wesley Professional, 2009, 432. Google ScholarDigital Library
Pfleeger, C., and Pfleeger S. Security in Computing. Prentice Hall Professional Technical Reference, 2002. Google ScholarDigital Library
Phan, A. and Phan, P. Scrum in Action: Agile Software Project Management and Development. Novatec, 2011, 287. Google ScholarDigital Library
Levin, T. et al. Design Principles and Guidelines for Security. Secure Core, 2007.Google Scholar
Brazilian Ministry of Education. Instrumento de Avaliacao de Cursos de Graduacao Presencial e a Distancia. Inped.gov.br, 2012. http://download.inep.gov.br/educacao_superior/avaliacao_cursos_graduacao/instrumentos/2012/instrumento_com_alteracoes_maio_12.pdf.Google Scholar
Firesmith, D. Security Use Cases. Journal of Objetct Technology, 2 (3), 2003, 53--6Google ScholarCross Ref

Recommendations

Student scrums (abstract only)
SIGCSE '12: Proceedings of the 43rd ACM technical symposium on Computer Science Education

Over the past ten years Agile software development practices have grown in acceptance and have gained a solid foothold in commercial software development. Our students are entering the workforce with an increasing percentage of companies that are using ...
Read More
Challenges Faced While Simultaneously Implementing CMMI and Scrum: A Case Study in the Tax Preparation Software Industry
ITNG '12: Proceedings of the 2012 Ninth International Conference on Information Technology - New Generations

CMMI certification is a major accomplishment for a software organization, and is often required for an organization to stay competitive. This work is a case study of the challenges faced by a growing tax preparation software company during its attempt ...
Read More
The agile requirements refinery: Applying SCRUM principles to software product management

Context: Although agile software development methods such as SCRUM and DSDM are gaining popularity, the consequences of applying agile principles to software product management have received little attention until now. Objective: In this paper, this gap ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
MEDES '15: Proceedings of the 7th International Conference on Management of computational and collective intElligence in Digital EcoSystems
October 2015
271 pages
ISBN:9781450334808
DOI:10.1145/2857218
Conference Chairs:
Richard Chbeir,
Yannis Manolopoulos,
Victor Pellegrini Mammana,
Eduardo Antonio Modena,
Program Chairs:
Agma Traina,
Oscar Salviano,
Youakim Badr,
Frederic Andres
Copyright © 2015 ACM
© 2015 Association for Computing Machinery. ACM acknowledges that this contribution was authored or co-authored by an employee, contractor or affiliate of a national government. As such, the Government retains a nonexclusive, royalty-free right to publish or reproduce this article, or to allow others to do so, for Government purposes only.
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 25 October 2015
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
agile development
risk analysis
scrum
security
Qualifiers
- short-paper
Conference

Acceptance Rates
MEDES '15 Paper Acceptance Rate13of64submissions,20%Overall Acceptance Rate267of682submissions,39%
More
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 7
  Total Citations
  View Citations
- 790
  Total Downloads
- Downloads (Last 12 months)30
- Downloads (Last 6 weeks)8
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

ScrumS: a model for safe agile development

MEDES '15: Proceedings of the 7th International Conference on Management of computational and collective intElligence in Digital EcoSystems

ABSTRACT

References

Cited By

Recommendations

Student scrums (abstract only)

Challenges Faced While Simultaneously Implementing CMMI and Scrum: A Case Study in the Tax Preparation Software Industry

The agile requirements refinery: Applying SCRUM principles to software product management