Change search
ReferencesLink to record
Permanent link

Direct link
Security Engineering and eXtreme Programming: An Impossible Marriage?
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
2004 (English)Conference paper (Other academic)
Abstract [en]
Agile methods, such as eXtreme Programming (XP), have been criticised for being inadequate for the development of secure software. In this paper, we analyse XP from a security engineering standpoint, to assess to what extent the method can be used for development of security critical software. This is done by analysing XP in the light of two security engineering standards; the Systems Security Engineering-Capability Maturity Model (SSE-CMM) and the Common Criteria (CC). The result is that XP is more aligned with security engineering than one might think at first. However, XP also needs to be tailored to better support and to more explicitly deal with security engineering issues. Tailoring XP for secure software development, without removing the agility that is the trademark of agile methods, may be a solution that would make XP more compatible with current security engineering practices.
Place, publisher, year, edition, pages
URN: urn:nbn:se:su:diva-38473OAI: diva2:310347
XPAU'04Available from: 2010-04-13 Created: 2010-04-13

Open Access in DiVA

No full text

By organisation
Department of Computer and Systems Sciences

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 29 hits
ReferencesLink to record
Permanent link

Direct link