Challenges in Developing Secure Software within Agile Environments

Challenges in Developing Secure Software within Agile Environments

연구 분야: Cryptography

학회: EASE '24: Proceedings of the 28th International Conference on Evaluation and Assessment in Software Engineering

Context: Agile methodologies have gained immense popularity in software development organizations for their numerous advantages, like increased flexibility and better customer satisfaction. However, integrating security measures into Agile practices presents significant challenges and complexities. Objectives: The primary goal is to identify and analyze challenges associated with developing secure software in Agile environments. This entails evaluating the validity of these challenges concerning Agile principles and secure software assurance practices. Methodology: A systematic literature review methodology was used to identify these challenges. Fifteen publications were scrutinized to identify potential challenges, resulting in the identification of 26 challenges. Results: The literature review revealed significant challenges in creating secure software within Agile contexts. Five were invalidated among the 26 potential challenges, while the remaining 21 were deemed valid and categorized. The challenges span various aspects of the development process, indicating the multifaceted nature of the issue. Conclusion: Addressing the identified challenges necessitates a dual focus on Agile methodologies and the requisites for secure software development. By acknowledging and confronting these challenges, practitioners can devise effective strategies to enhance the security of Agile software development practices. Furthermore, the findings serve as a foundation for formulating best practices in secure software development within Agile frameworks, thereby facilitating the advancement of secure software engineering methodologies.