Towards the Integration of Security Practices in Agile Software Development: A Systematic Mapping Review-Reference-Cited by-同舟云学术

Towards the Integration of Security Practices in Agile Software Development: A Systematic Mapping Review

Published:2023-04-04 Issue:7 Volume:13 Page:4578
ISSN:2076-3417
Container-title:Applied Sciences
language:en
Short-container-title:Applied Sciences

Author:

Valdés-Rodríguez Yolanda¹^ORCID,Hochstetter-Diez Jorge²^ORCID,Díaz-Arancibia Jaime²^ORCID,Cadena-Martínez Rodrigo³⁴^ORCID

Affiliation:

1. Universidad Autónoma de Chile, 5 Poniente, Talca 1670, Chile

2. Universidad de La Frontera, Francisco Salazar, Temuco 01145, Chile

3. Universidad Tecnológica de México, Marina Nacional 180, Anahuác I Sección, Ciudad de México 11320, Mexico

4. Universidad Americana de Europa, Av. Bonampak Sm. 6-Mz. 1, Lt. 1, Cancún, Quintana Roo 77500, Mexico

Abstract

Software development must be based on more than just the experience and capabilities of your programmers and your team. The importance of obtaining a quality product lies in the risks that can be exploited by software vulnerabilities, which can jeopardize organizational assets, consumer confidence, operations, and a broad spectrum of applications. Several methods, techniques, and models have been suggested and developed to address software security. However, only a few have solid evidence for creating secure software applications. The main objective of this paper is to survey the literature for methods or models suitable for considering the integration of security in all or some of the phases of the software development life cycle and which ones are most considered or neglected. This study represents the beginning of research to generate a methodology that integrates security practices in agile software development, allowing inexperienced developers to create more secure applications.

Publisher

MDPI AG

Subject

Fluid Flow and Transfer Processes,Computer Science Applications,Process Chemistry and Technology,General Engineering,Instrumentation,General Materials Science

Link

https://www.mdpi.com/2076-3417/13/7/4578/pdf

Reference107 articles.

1. Smart grid communication and information technologies in the perspective of Industry 4.0: Opportunities and challenges;Faheem;Comput. Sci. Rev.,2018

2. Lee, M., Yun, J.J., Pyka, A., Won, D., Kodama, F., Schiuma, G., Park, H., Jeon, J., Park, K., and Jung, K. (2018). How to respond to the fourth industrial revolution, or the second information technology revolution? Dynamic new combinations between technology, market, and society through open innovation. J. Open Innov. Technol. Mark. Complex., 4.

3. Liou, J.C., and Duclervil, S.R. (2020). Innovations in Cybersecurity Education, Springer.

4. From the ground up: The DIMACS software security workshop;McGraw;Secur. Privacy IEEE,2003

5. Castellaro, M., Romaniz, S., Ramos, J.C., Feck, C., and Gaspoz, I. (2016, January 22–24). Aplicar el Modelo de Amenazas para incluir la Seguridad en el Modelado de Sistemas. Proceedings of the V Congreso Iberoamericano de Seguridad Informática—CIBSI, Bogota, Colombia.

Cited by 5 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Adopting security practices in software development process: Security testing framework for sustainable smart cities;Computers & Security;2024-09

2. Evolution of secure development lifecycles and maturity models in the context of hosted solutions;Journal of Software: Evolution and Process;2024-07-30

3. Agile Security Strategies;Advances in Information Security, Privacy, and Ethics;2024-06-30

4. Analysis of Strategies for the Integration of Security Practices in Agile Software Development: A Sustainable SME Approach;IEEE Access;2024

5. S-SCRUM—Methodology for Software Securitisation at Agile Development. Application to Smart University;IoT Based Control Networks and Intelligent Systems;2023-11-28