Integrating Security into Agile Software Development Methods Tran Nguyen Information System Analysis, Fall 2!" Dr# Sauter
Table of Contents !#
Introduction#################################################################################################################!
2#
The importance of integrating security into agile methodologies###############################!
)#
2#!#
$verview a%out agile methodologies###################################################################!
2#2#
$verview of Information Security &InfoSec'(#########################################################!
2#)# Issues of integrating security into Agile Development Methodologies#################! The suggested integration of security activities into Agile Methodologies#################! )#!#
Scrum####################################################################################################################!
)#!#!#
$verview of Scrum#########################################################################################!
)#!#2#
The *roposed Secure Methodology for Scrum &Secure Scrum'(#####################!
)#!#)#
+valuation of Secure Scrum(##########################################################################!
)#2#
Dynamic Systems Development Method##############################################################!
)#2#!#
$verview of Dynamic Systems Development Method###################################!
)#2#2# The *roposed Secure Methodology for Dynamic Systems Development Method &Incorporating S-A.+ steps into a DSDM process and Secure Dynamic System Development Method'(###################################################################################! )#2#)# +valuation of /Incorporating S-A.+ steps into a DSDM process0 and /Secure Dynamic System Development Method0(######################################################! )#)#
+1treme *rogramming##########################################################################################!
)#)#!#
$verview of +1treme *rogramming###############################################################!
)#)#2# The *roposed Secure Methodology for Dynamic Systems Development Method &In%uilt Security and .ole%ased +1treme *rogramming'###############################! )#)#)# 3#
+valuation of In%uilt Security and .ole%ased +1treme *rogramming'###### ###!
4onclusion###################################################################################################################!
Ta%le of Figures##################################################################################################################!
5i%liography#######################################################################################################################!
1. Introduction
In the !66s, in reaction to the heavyweight software development methods, many lightweight methods such as +1treme *rogramming, Dynamic Systems Development Method, Scrum and 4rystal 4lear were developed to %e alternatives of the traditional method# In 2!, representatives from these lightweight methods uni7ed and pu%lished the Agile Manifesto# Since then, Software Development Methods under the um%rella of Agile Manifesto have %ecome popular# 8owever, owing the fact that Agile methods has developed ten years ago, several new IT issues especially Information system security are not included in the framewor9# To avoid threats associated with information security, security needs to %e integrated in Agile Software Development Methodologies# This paper will e1plore techni:ues to integrate into Agile Software Development methods# In order to understand how the techni:ues wor9, the paper will 7rst introduce the overview of agile methods, information security, scrum, dynamic systems development method and +1treme *rogramming# This will %e followed %y e1ploring the recent studies a%out integrating security into Method three agile methods*rogramming'# &Scrum, Dynamic Systems Development and +1treme The paper will conclude with the evaluation of di;erent techni:ues for integrating security into each agile method#
2. The importance methodologies 2.1.
of
integrating
security
into
agile
Overview about agile methodologies
Agile Methodologies are software development methodologies that follow Manifesto for Agile Software Development# Agile
Manifesto &5ec9, et al#, 2!' states that(
“We are uncovering better ways of developing software by doing it and helping others do it. Through this work we have come to value: • • • •
Individuals and interactions over processes and tools Working software over comprehensive documentation Customer collaboration over contract negotiation Responding to change over following a plan
That is while there is value in the items on the right we value the items on the left more.! The main di;erence %etween Agile methods and traditional waterfall method is the structure of the development# In the waterfall method, all product features and re:uirements follow a se:uential design process# In the Agile development methods, the pro
Agile is a popular approach in Software Development# According to the Spring 2!3 DD= State of the IT -nion Survey &Scott Am%ler >Associates, 2!3', compared to other development methodologies li9e Ad hoc, ?ean and Traditional# Agile methodologies provide %etter results in return on investment, :uality, sta9eholder satisfaction, team morale, and delivery time# It is one of the three software development methodologies that have highest success rates &Scott Am%ler >Associates, 2!)'# There are various methodologies that apply the values of the Agile Manifesto# The popular agile methodologies are Scrum, +1treme *rogramming, .ational -ni7ed *rocess, Dynamic System Development Method and Feature Driven Development# +ach method or techni:ues has its own strengths and wea9nesses# Depending on the characteristics of the system, the development team will choose an appropriate method or they can com%ine many methods# https(@@www#youtu%e#com@watchvB$=CD+$aSc
2.2.
Overview of Information ecurity !Infoec"#
Information ystems ecurity is Ethe protection of information systems against unauthoried access to or modi7cation of information, whether in storage, processing, or transit, and against the denial of service to authoried users, including those
measures necessary to detect, document, and counter such threatsE &Gissel, 2!)'# To evaluate the information systems security, C.I.A. triangle is introduced as the classic industry standard for computer security since the development of the mainframe &Hhitman Mattord, 2!3'# the 4#I#A triangle includes three attri%utes of information security( con7dentiality, integrity and availa%ility# •
•
•
4on7dentiality( the information is protected from unauthoried individuals or systems# Integrity( the information remains whole, complete and uncorrupted# Availa%ility( the information can %e accessed %y authoried users in the right format without interference or o%struction#
$igure 1 Components of Information ecurity !%hitman & Mattord' 2(1)"
If information security is descri%ed as a house, the 4#I#A triangle is the foundation of the house# 4omponents of information security such as 4omputer Security, Data Security and Networ9 Security is %uilt %ased on con7dentiality, integrity and availa%ility# In order to maintain a secure %uilt system, Information Security Jovernance including the management of information security and policy needs to %e implemented continuously# 2.*. Issues of integrating +evelopment Methodologies
security
into
Agile
There are several issues that the Agile team have to overcome when integrating security into Agile Software Development( •
•
•
•
The pressure of short iteration &5artsch, 2!!' &Securosis, 2!)'# The short time of each iteration in Agile software development &only few wee9s' is not enough to do necessary tests# ?ac9 of information security 9nowledge &Securosis, 2!)'# Many programmers do not have enough 9nowledge a%out security pro%lems# As a result, these programmers prefer to ignore security pro%lems# ?ac9 of security awareness &5artsch, 2!!'# In point of fact, security issues need to %e discussed when developing re:uirements# 8owever, customers often do not concern a%out security %ecause information security cannot help the pro
need customer interaction &Geramati Mirian8osseina%adi, 2K'# *. The suggested integration of security activities into Agile Methodologies
Although Agile Methodologies share common principles, each Agile Methodology has di;erent ways to integrate security# This paper focuses on three agile software development methods( Scrum, +1treme *rogramming, and Dynamic Systems Development Method# 5ecause only one or two techni:ues for integrating security introduced for each method, there are many techni:ues missing in this paper# *.1.
crum
)#!#!#
$verview of Scrum
crum is a framewor9 that uses 71ed time%o1es of one month or less, called Sprint &Schwa%er Sutherland, 2!)'# Hhen a Sprint end, the ne1t Sprint will start until the product is 7nished# In Scrum framewor9, Scrum team will wor9 through Scrum +vents to achieve Scrum Artifacts#
Scrum Team consists of *roduct $wner, Scrum Master and Development Team# •
•
•
,roduct Owner is the person who is responsi%le for the
result of the development# The +evelopment Team is a group of people with di;erent functional e1pertise wor9ing toward the system development# crum Master is responsi%le for ensuring Scrum Team wor9 successfully and liaising with sta9eholders outside the team# Scrum Master has no management authority#
In order to ensure every aspects of the process %e visi%le to all Scrum Team mem%er, Scrum Artifacts are designed and modi7ed in each phase of process# Three common Scrum Artifacts are
*roduct 5ac9log, Sprint 5ac9l og and 5urn down 4hart# ,roduct -aclog is an ordered list of re:uirements, desired functions and features of the product# *roduct 5ac9log is created from the early phase %y *roduct $wner and it might %e changed during the development process &Schwa%er Sutherland, 2!)'# From the *roduct 5ac9log, a set of selected items %ecome print -aclog# Sprint 5ac9log can %e considered as the goal of the Sprint# After a tas9 done or a Sprint done, the progress will %e recorded in a -urn down Chart &=ames, 2!2'# Scrum Team has to wor9 through several events until all tas9s in Sprint 5ac9log is reached# Typically, each Sprint has four events( Sprint *lanning, Daily Scrum, Sprint .eview and Sprint .etrospective# print ,lanning is when the *roduct $wner, Scrum Master and Development Team designs the Sprint 5ac9log and how they can get the wor9 done# +very day, the Development Team has daily meeting facilitated %y Scrum Master# In +aily crum, team mem%ers report what they did in the previous day, what their o%stacles are and what they will do in that day# At the end of the Sprint, print /eview is held to demonstrate the wor9ing product increments# 5efore starting a new Sprint, print /etrospective is a meeting for Scrum Master and Development Team to inspect themselves and create the improvement plan for the ne1t Sprint &=ames, 2!2'#
$igure 2# The crum 0ife Cycle !MM1' 2(12"
)#!#2# The *roposed Secure Methodology for Scrum &Secure Scrum'( There are several methodologies to integrate security into Scrum framewor9# Leracode suggested two ways( The Security Sprint Approach and the +verySprint approach# In the +verySprint approach, the security user stories are included in every Sprint# The main pro%lem of this method is the re:uirement of a security e1pert in the Scrum development team which is costly# In the Security Sprint approach, security user stories are analyed and developed in a distinct Sprint# This approach might delay the development process# Mongouei, Sani, and Almasi &2!)' proposed a secureenhanced version of Scrum, which is called SScrum# They added /Spi9es0 as a Scrum +vents in Scrum *rocess# This version changed the simple structure of SScrum framewor9# $ne of the lightest and simplest method is Secure Scrum# /Secure Scrum is a variation of the Scrum framewor9 with special focus on the development of secure software throughout the whole software development progress0 &*ohl 8of, 2!"'# Secure
Scrum
has
four
components(
Identi7cation,
Implementation, Leri7cation and De7nition of Done# These four components will %e integrated with si1 Scrum parts to increase the security of software Development# The heart of Secure Scrum is the use of STag and SMar9#
$igure * Integration of ecure crum components into standard crum !,ohl & of' 2(1"
The Identi3cation Component identi7es security issues through the user stories of *roduct $wner and sta9eholders# Then the securityrelevant user stories are ran9ed %y their ris9 and mar9ed in the *roduct 5ac9 log# The mar9er is called 4Mar, which can %e a stic9er, a dot or a color %ac9ground# 5ased on mar9ed user stories, a list of STags is created# An 4Tag descri%es a security concern# An STag might a;ect one or many *roduct 5ac9log Items# In order words, several *roduct 5ac9log items might share the same security concern# 5ecause *roduct 5ac9log Items can change over time to adapt the development process, Stags can %e modi7ed when re7ning *roduct 5ac9log or planning new Sprint#
$igure ) 5sage of 4Tags to mar user stories in the ,roduct -aclog and to connect user stories to descriptions of security related issues !,ohl & of' 2(1"
The Implementation component is used to ensure the security awareness of the development team# So long as the user story is mar9ed with an SMar9, the STag must %e handled# In some cases, STags can %e divided into tas9s# These tas9s must %e mar9ed with an SMar9# The 6eri3cation Component is a part of the tas9# It ensures that the team mem%er chec9ed the security issues of SMar9 tas9s# The veri7cation component is a part of de7nition of done# The veri7cation component is managed within the Daily Scrum meeting# In some cases, the team mem%ers do not have enough 9nowledge or time to verify the security issues of the product and they need e1ternal resources# Thus the tas9 cannot %e done and a new veri7cation created# tas9 will inherit S Mar9tas9 and for all STags fromisthe srcinal The tas9#new +1ternal resources can help Scrum Team in enhancing 9nowledge, solving challenges and providing e1ternal view in this tas9# The +e3nition of +one component ensure that the veri7cation of the security has to %e implemented %y either internal or e1ternal resources# )#!#)#
+valuation of Secure Scrum(
The advantages of the Secure Scrum &*ohl 8of, 2!"' over the secure Scrum methods are(
•
•
•
Increasing the security awareness of team mem%ers during the development process# Minimiing the cost of hiring IT security e1pert in the development team# *roviding the e1ternal security resources when necessary#
The secure scrum solves two issues of integrating security into agile methods( lac9 of security 9nowledge and lac9 of security awareness# 8owever, when identifying security issues, there is an a%sence of security e1pert# The pro%lems related to security might not %e recognied until the veri7cation phase# The late presence of security e1pert can cause many pro%lems such as the de7ciency of security identi7cation or the wrong direction while doing the security tas9s# *.2.
+ynamic ystems +evelopment Method
)#2#!# $verview Method
of
Dynamic
Systems
Development
Dynamic Systems Development Method &DSDM' is an agile development framewor9 that delivers the right solution at the right time &DSDM 4onsortium, 2!"'# DSDM is %uilt %ased on .apid Application Development# Thus, DSDM aims to minimie the time needed to develop the system# In a DSDM Team, there are many roles related to the management view, the %usiness view, the technical view and the progress view# A person can handle one or more roles# According to the newest version of the DSDM Agile *ro
The ,ro7ect4level /oles includes 5usiness Sponsor, 5usiness Lisionary, Technical 4oordinator, *ro
•
•
The olution +evelopment Team /oles are 5usiness Am%assador, Solution Developer, Solution Tester, 5usiness Analyst and Team ?eader# Their responsi%ility is developing the system %ased on the direction of the *ro
$range( .oles representing the %usiness view Jreen( .oles representing the technical@solution view 5lue( .oles representing the management@leadership view Jrey( .oles representing the process view $igure +ynamic ystems +evelopment Method Team Model !++M Consortium' 2(1)"
The Dynamic System Development Method has %een developed and there are several di;erences %etween the srcinal version and newer versions# Since the srcinal model is widely used in practices and in theoretical research, this paper will use the Dynamic Systems Development Method life cycle version 3#2 developed %y DSDM 4onsortium in 2# This version is descri%ed as /Three pias and a cheese0# It has 7ve phases( *re *ro
$igure 8 The ++M 0ife Cycle !Messenger' 2((8"
)#2#2# The *roposed Secure Methodology for Dynamic Systems Development Method &Incorporating S-A.+ steps into a DSDM process and Secure Dynamic System Development Method'( As other agile software development methodologies, Dynamic System Development Method do not pay attention to security issues# The research articles a%out the integration of security into DSDM are very limited# 5ased on the research on the presence of Software Security concerns in e1isting Agile practices including DSDM &Sani, Firdaus, =eong, Jhani, 2!)', only one forum &DSDM 4onsortium 222' mentioned a%out security in Dynamic System Development Method# $ne proposed techni:ue is 7tting S-A.+ &Security uality .e:uirements +ngineering' into the Dynamic System Development Method framewor9 &Mead, Liswanathan, Ohan, 2K'# S-A.+ &System uality .e:uirements +ngineering' is a
process that %uild up the security re:uirements for information system development# S-A.+ Model has nine step and Med, Liswanathan, Ohan &2K' has com%ined nine steps into 5usiness Study and Functional Model Iteration of DSDM# The %elow ta%le summaries how S-A.+ is incorporated into DSDM( Table 1 Incorporating 95A/: teps into a ++M ,rocess !Mead' 6iswanathan' & ;han' 2((<" ++M ,hase 5usines s study
95A/: tep Agree on de3nitions !tep 1" The re:uirements engineering team and pro
Security goals for thegoals pro
e re=uirements as to level !system' software" and whether they are re=uirements or other ind of constraints !tep ?" 4ategorie the elicited security re:uirements#
,rioriti>e security re=uirements !tep <" The categoried security re:uirements are prioritied# *rioritiing techni:ues such as Analytical 8ierarchical *rocess can %e used# /e=uirements inspection !tep @"
The second milestone review process of .-* should include inspection of the security re:uirements# Function ,erform ris assessment !tep )" al model This step is revisited to develop a revised ris9 list# iteration Additional security ris9s are captured and ris9s are prioritied# ,erform teps 8' ?' <' and @ if new riss arise out of tep ). The limitation of this techni:ue is focusing on only security re:uirements in the early phases of DSDM &5usiness Study *hase'# $n the contrary with the /Incorporating S-A.+ steps into a DSDM process0 techni:ue, Sani, Shani, and =eong &2!)' added security phases and su%phases in later phases of DSDM framewor9# They called the e1tended framewor9 as Secure Dynamic Systems Development Method &SDSDM'# There are four e1tensions in SDSDM( •
• • •
Adding new su%phase /Identify security concerns@issues0 in Functional Model Iteration phase Adding new phase /Secure Design0 Adding new phase /Secure Functional Model Iteration0 Adding some security elements in Implementation phase
$igure ? ecure +ynamic +evelopment Method 0ife Cycle !ani' hani' & eong' ecure +ynamic ystem +evelopment Method !++M"# Model for ecure oftware +evelopment' 2(1*"
Initially, security issues are discussed in the general functional model iteration# Identifying the functional prototype and identifying security concerns are performed simultaneously# Then, two phases P secure design phase and secure functional model are added into the development process# Secure functional model phase is performed after functional model iteration and
secure design is performed after Design and 5uild phase# 5asically, the ecure +esign phase and ecure $unctional Model Iteration phase are the Functional Model Iteration and Design and 5uild Iteration which focus on security activities# These two new phases have the same structure with 3 su% phases( Identify *rototype, Agree *lan, 4reate *rototype, and .eview *rototype# 5ecause running a secure system needs professional 9nowledge, training courses for users are highly encouraged in implementation phase# Hhen using the system, the users will review the security of the system and help the developers recognie security issues# )#2#)# +valuation of /I ncorporating S-A.+ steps into a DSDM process0 and /Secure Dynamic System Development Method0( S-A.+ is a process model for eliciting, categoriing, and prioritiing security re:uirements for information technology systems and applications# 5y incorporating S-A.+ into DSDM, the security re:uirements are %uilt comprehensively in 5usiness Study# Moreover, the security re:uirements are revised in functional model iteration# As a result of this method, the security re:uirements are fully developed# -nfortunately, security re:uirements cannot ensure the implementation of security tas9s in the later phases# $n the contrary with /Incorporating S-A.+ steps into a DSDM process0, the Secure Dynamic System Development Method add securityrelevant elements into later phases of DSDM# Secure Dynamic System Development method does not discuss details a%out analying the security issues# Hith two new phases /Secure Design0 and /Secure Functional Model0, security codes are %uilt and tested during the development process# The innovative features of the Secure Dynamic System Development Method are security training and security review in implementation phase#
Since security tests cannot %e handled in short time of iteration, the help of users during implementation is a solution to 7nd errors and improve the security of products# /Incorporating S-A.+ steps into a DSDM process0 and /Secure Dynamic System Development Method0 can com%ine together to create a framewor9 for integrating security into DSDM# First, security re:uirements will %e developed in the %usiness study phase and revised in Function model iteration# Then security tas9s will %e %uilt, tested and reviewed %y Secure Dynamic System Development Method# *.*.
:Btreme ,rogramming
)#)#!#
$verview of +1treme *rogramming
+1treme *rogramming is a lightweight methodology developing software the face constraints of vague orinrapidly changing re:uirements %ased on in addressing software development &5ec9 Andres, +1treme *rogramming +1plained( +m%race 4hange, 23'# There are a num%er of roles in +1treme *rogramming team( programmer, customer, tester, trac9er, coach, consultant, and %ig %oss &5ec9, +1treme *rogramming +1plained( +m%race 4hange, !666'# In these roles, programmer, customer, coach and trac9er are musthave roles in the team# A person can have more than one role %ut they have to %e aware which hat they are wearing# •
•
The programmer is a person wor9ing directly with program# They can %e the only technical people in the team# In +1treme *rogramming, the programmer has to communicate with other people including technical people and %usiness people# The customer is the one who 9now what to program# -nli9e customers in other framewor9s, an +1treme *rogramming customer have to learn s9ills li9e stories writing s9ill, functional test s9ill and decision ma9ing s9ill#
•
•
The tracer is the conscience of the team# They monitor the wor9ing progress and give feed%ac9# The coach is a person who are responsi%le for the process as a whole# The coach will guide the team to wor9 %etter %ut ensure that the team can wor9 independently#
There are twelve ma
•
•
•
•
•
•
•
The ,lanning ame ( The scope of the ne1t release is identi7ed %y com%ining %usiness re:uirements &Scope of the pro
•
•
•
•
Continuous Integration( +very time a tas9 is completed, the programmers have to integrate their changes into the system and run the test# )( our %ee ( $vertime wor9ing is highly discouraged# Hor9ing more than hours a wee9 for many wee9s can
reduce the creativity, the carefulness and the con7dence of team mem%ers# On4site Customer( There should %e a real user on the team# They are availa%le to answer all :uestions and help to %uild a successful system# Coding tandards ( *rogrammers follow the rules of code and communication#
The twelve practices support each other# +ach practice is descri%ed as a pule piece and +1treme *rogramming is a
$igure < The :Btreme ,rogramming ,ractices support each other !-ec' :Btreme ,rogramming :Bplained# :mbrace Change' 1@@@"
)#)#2# The *roposed Secure Methodology for Dynamic Systems Development Method &In%uilt Security and .ole %ased +1treme *rogramming' According to the literature review a%out Software Security +ngineering in +1treme *rogramming Methodology &Jhani Qasin, Software +ngineering +1treme *rogramming Methodology( A Security systematic ?iterature in .eview, 2!)', although some researchers do agree that security elements can %e integrated into +1treme *rogramming, there are few speci7c research studies a%out secure +1treme *rogramming# Two nota%le research studies a%out integrating security into +1treme *rogramming are /.ole%ased +1treme *rogramming &R*' for Secure Software Development0 &Jhani, Iaty, Firdaus, .ole %ased +1treme *rogramming &R*' for Secure Software Development, 2!)' and /Improved +1treme *rogramming Methodology with In%uilt Security0 &S#, Norwawi, Selamat, Sharif, 2!!'# According to Jhani et al# &2!)', adding security elements into +1treme *rogramming framewor9 without a security e1pert is not e;ective# They introduced a new role in +1treme *rogramming called /Security Master0# A ecurity Master is responsi%le for the security of the developed software# Fundamentally, a Security Master is a *rogrammer who focus on security elements#
$igure @ Ten :Btreme ,rogramming ,ractices of a ecurity Master !hani' I>>aty' & $irdaus' /ole4based :Btreme ,rogramming !D," for ecure oftware +evelopment' 2(1*" The Security Master involves in ten +1treme *rogramming *ractices( planning game, metaphor, coding standard, simple design, small release, continuous integration, pair programming, collective code ownership, 3hours per wee9 and refactoring# Figure K summaries the wor9ing progress of a Security Master# First of all, the Security Master lists security re:uirements and adds security elements into the metaphor# ?i9e other programmers in +1treme *rogramming, they wor9 3 hours a
wee9, program in security pair, getdesign the code together every time the tas9 completed# If the if not good enough, they have responsi%ility to refactor# Di;erent from programmers who do unit test and customers who do functional test, the Security Master has to do security test in Testing *hase# In%uilt Security is another way to integrating security into +1treme *rogramming &S#, Norwawi, Selamat, Sharif, 2!!'# The method %ehind the In%uilt Security is adding securityrelevant elements into eleven out of ten practices of the +1treme *rogramming framewor9(
•
•
•
•
•
•
•
•
•
•
Hhole Team &$nsite 4ustomer'( a customer in e1treme programming are not only a purchaser %ut also a user# The customer will help +1treme *rogramming Team list misuse cases and review security policies# *lanning Jame( 5usiness people consider security issues and rede7ne the system re:uirements# 5ased on the securityrelevant system re:uirements, the team will split tas9 into smaller units# Simple Design( Stating the intention of the programmer clearly is a part of simple design# For that reason, the security speci7cation should %e clari7ed# Design Improvement &.efactoring'( +1ecuting ris9 assessment for vulnera%ility is one way to revise the products and improve the design# 4oding Standards( Standardies codes in security ensure that the other practice of DSDM P 4ollective 4ode $wnership is a%le to achieve# *air *rogramming( ?i9e other functions, security codes have many errors and wor9ing in pair can reduce the possi%ility of errors# 4ollective 4ode $wnership( To support others to edit the code later, the standardied and immune codes are used in security alignment# Metaphor( In the metaphor, functions that have security implications are desired to notice and separate# TestDriven Development &Testing'( Test and feed%ac9s on vulnera%ilities give some level of security assurance# Automated tool is used for security compliance analysis and portfolio analysis# 4ontinuous Integration( Integrating with the system help the programmer recognie errors including security errors and 71 it soon#
•
Small .elease( small release ena%le customer and programmers control the ful7llment of security re:uirement of each release# )#)#)# +valuation of In%uilt Security and .ole%ased +1treme *rogramming'
In%uilt Security and .ole%ased +1treme *rogramming have di;erent approaches# 5oth of the methods 9eep the core concepts of +1treme *rogramming# The development process of +1treme *rogramming is unchanged# In%uilt Security method emphasies the insertion of security relevant tas9s into the practices of +1treme *rogramming# This method does not mention a%out new team mem%er# The e1treme programming team without a security e1pert can prevent the team from the accomplishment of security tas9s# Furthermore, some practices of e1treme programming conCict with the re:uirements of security activities# For e1ample, the involvement of %usiness people in threat modelling can cause an overload of
As the num%er of software hit %y cy%er attac9s are s9yroc9eting, %uilding security into the software development %ecome an essential part of software development processes# Agile approach is one of the most popular software development approach and methodologies using this approach needs to %e modi7ed to adapt the increase threats and vulnera%ilities of information system# Many researchers around the world are developing secure agile
methodologies %ased on the e1isting Agile methodologies# This paper introduced Secure Scrum, Secure Dynamic System Development Method, S-A.+ in Dynamic System Development Method, .ole%ased +1treme *rogramming, and In%uilt Security in +1treme *rogramming# The Secure Scrum suggests security mar9s and tags on user stories, %ac9logs and tags# The Secure Dynamic System Development Method o;ers new phases and su%phases into Dynamic System Development Method ?ife 4ycle# S-A.+ in Dynamic System Development Method proposes S-A.+ steps included in %usiness study phase# .ole%ased +1treme *rogramming recommends a new team mem%er P security master# In%uilt Security in +1treme *rogramming adds securityrelevant elements into +1treme *rogramming practices# Although several issues of integrating security into agile methodologies are solved, those methods have many limitations# The com%ination of related methods can wea9nesses and improve the e1isting methods#
eliminate
some
Table of $igures
Figure ! 4omponents of Information Security &Hhitman Mattord, 2!3'######################################################################################## ! Figure 2( The Scrum ?ife 4ycle &MM!, 2!2'#################################! Figure ) Integration of Secure Scrum components into standard Scrum &*ohl 8of, 2!"'#########################################################! Figure 3 -sage of STags to mar9 user stories in the *roduct 5ac9log and to connect user stories to descriptions of security related issues &*ohl 8of, 2!"'##############################################! Figure " Dynamic Systems Development Method Team Model &DSDM 4onsortium, 2!3'########################################################! Figure The DSDM ?ife 4ycle &Messenger, 2'#########################!
Figure Secure Dynamic Development Method ?ife 4ycle &Sani, Shani, =eong, Secure Dynamic System Development Method &SDSDM'( Model for Secure Software Development, 2!)'#######! Figure K The +1treme *rogramming *ractices support each other &5ec9, +1treme *rogramming +1plained( +m%race 4hange, !666'######################################################################################## ! Figure 6 Ten +1treme *rogramming *ractices of a Security Master &Jhani, Iaty, Firdaus, .ole%ased +1treme *rogramming &R*' for Secure Software Development, 2!)'##########################!
-ibliography
5artsch, S# &2!!'# *ractitioners *erspectives on Security in Agile Development# "#$$ %i&th International 'vailability Reliability and %ecurity. I+++#
Conference on
5ec9, G# &!666'# (&treme )rogramming (&plained: (mbrace Change &!st ed#'# AddisionHesley# 5ec9, G#, Andres, 4# &23'# (&treme )rogramming (&plained: (mbrace Change &2nd ed#'# AdditionHesley# 5ec9, G#, 5eedle, M#, 5enne9um, A# v#, 4oc9%urn, A#, 4unningham, H#, Fowler, M#, # # # Thomas, D# &2!'# .etrieved from AgileManifesto#$rg( http(@@www#agilemanifesto#org@ DSDM 4onsortium# &2K'# *verview of +%+, version -." # .etrieved from DSDM He% site( http(@@www#dsdm#org@version3@2@pu%lic@$verviewofDSDM#a sp DSDM 4onsortium# &2!3'# The +%+, 'gile )roect /ramework # .etrieved from DSDM He% site( http(@@www#dsdm#org@dig deeper@%oo9@rolesandresponsi%ilities
DSDM 4onsortium# &2!"'# What is +%+,0 .etrieved from DSDM we% site( http(@@www#dsdm#org@content@whatdsdm Jhani, I#, Qasin, I# &2!), April'# Software Security +ngineering in +1treme *rogramming Methodology( A systematic ?iterature .eview# %cience International "1&2', 2!"# Jhani, I#, Iaty, N#, Firdaus, A# &2!), =anuary'# .ole%ased +1treme *rogramming &R*' for Secure Software Development# %cience International, !!# =ames, M# &2!2'# %crum Reference Card. .etrieved from 4olla%Net He% site( http(@@www#colla%#net@sites@default@7les@uploads@4olla%Netsc rumreferencecard#pdf Geramati, 8#, Mirian8osseina%adi, S#8# &2K'# Integrating Software Development Security Activities with Agile Methodologies# "##2 I(((3'C% International Conference on Computer %ystems and 'pplications &pp# 36 "3'# I+++# Gissel, .# &2!), May'# 4lossary of 5ey Information %ecurity Terms. .etrieved from National Institude of Standards and Technology( http(@@nvlpu%s#nist#gov@nistpu%s@ir@2!)@NIST#I.#26Kr2#pdf Mead, N# .#, Liswanathan, L#, Ohan, =# &2K'# Incorporating Security .e:uirements +ngineering into Standard ?ifecycle *rocesses# International 'pplications "&3', 6#
6ournal
of
%ecurity
and
its
Messenger, S# &2'# Introduction to +%+, # .etrieved from Slideshare( http(@@www#slideshare#net@nash
implementationofscrumpu%lished%ymm!consulting management@ Mougouei, D#, Sani, N# F#, Almasi, M# M# &2!)'# SScrum( a Secure Methodology for Agile Development of He% Services# World of Computer %cience and Information Technology
6ournal 7WC%IT8 9 &!', !"!6# *laa, ?# &2!", =anuary 2!'# +ierence between )roduct ;acklog and %print ;acklog # .etrieved from Management *laa 4ompany He% site( http(@@mplaa#pm@di;erence%etween product%ac9logandsprint%ac9log@ *ohl, 4#, 8of, 8#=# &2!"'# Secure Scrum( Development of Secure Software with Scrum# ar>"# S#, 5# M#, Norwawi, N# M#, Selamat, M# 8#, Sharif, G# Q# &2!!'# Improved +1treme *rogramming Methodology with In%uilt Security# "#$$ I((( %ymposium on Computers ? Informatics , &pp# 36'# Sani, A#, Firdaus, A#, =eong, S# .#, Jhani, I# &2!), May'# A .eview on Software Development Security +ngineering using Dynamic System Method &DSDM'# International 6ournal of Computer 'pplications @>&2"'# Sani, A#, Shani, I#, =eong, S# .# &2!)'# Secure Dynamic System Development Method &SDSDM'( Model for Secure Software Development# 6ournal of %cience International Aahore %pecial Issue, !"6!3# Schwa%er, G#, Sutherland, =# &2!), =uly'# The +eBnitive 4uide to %crum: The rules of the 4ame. .etrieved from The Scrum Juide( http(@@www#scrumguides#org@docs@scrumguide@v!@Scrum Juide-S#pdfUoomB!
Scott Am%ler >Associates# &2!)'# "#$9 IT )roect %uccess Rates %urvey Results # .etrieved Novem%er !), 2!", from Am%ysoft( http(@@www#am%ysoft#com@surveys@success2!)#html Scott Am%ler >Associates# &2!3'# %oftware +evelopment at
%cale: Results from the %pring "#$- ++6 %tate of the IT nion %urvey# .etrieved Novem%er !), 2!", from Am%ysoft( http(@@www#am%ysoft#com@surveys@state$fIT-nion2!32#ht mlU.esults Securosis# &2!), Novem%er )'# %ecure 'gile +evelopment. .etrieved Novem%er !2, 2!", from Securosis, ?#?#4#( https(@@securosis#com@assets@li%rary@reports@SecureAgileDevel opmentNov2!3FINA?#pdf Stapleton, =# &!66'# +%+, +ynamic %ystems +evelopment ,ethod: The ,ethod in )ractice. AddisonHesley# Leracode# &2!'# 'gile %ecurity: %uccessful 'pplication %ecurity Testing for 'gile +evelopment# .etrieved Novem%er ", 2!", from https(@@www#veracode#com@sites@default@[email protected]@Hhit epapers@whitepaperagilesecurity#pdf Hhitman, M#, Mattord, 8# &2!3'# )rinciples of Information %ecurity &"th +dition ed#'# 4engage ?earning#
