Identification and Evaluation of Security Activities in Agile Projects : A Systematic Literature Review and Survey Study

Ayalew, Tigist, Kidane, Tigist

January 2012

Context: Today’s software development industry requires high-speed software delivery from the development team. In order to do this, organizations make transformation from their conventional software development method to agile development method while preserving customer satisfaction. Even though this approach is becoming popular development method, from security point of view, it has some disadvantage. Because, this method has several constraints imposed such as lack of a complete overview of a product, higher development pace and lack of documentation. Although security-engineering (SE) process is necessary in order to build secure software, no SE process is developed specifically for agile model. As a result, SE processes that are commonly used in waterfall model are being used in agile models. However, there is a clash or disparity between the established waterfall SE processes and the ideas and methodologies proposed by the agile manifesto. This means that, while agile models work with short development increments that adapt easily to change, the existing SE processes work in plan-driven development setting and try to reduce defects found in a program before the occurrence of threats through heavy and inflexible process. This study aims at bridging the gap in agile model and security by providing insightful understanding of the SE process that are used in the current agile industry. Objectives: The objectives of this thesis are to identify and evaluate security activities from high-profile waterfall SE-process that are used in the current agile industry. Then, to suggest the most compatible and beneficial security activities to agile model based on the study results. Methods: The study involved two approaches: systematic literature review and survey. The systematic literature review has two main aims. The first aim is to gain a comprehensive understanding of security in an agile process model; the second one is to identify high-profile SE processes that are commonly used in waterfall model. Moreover, it helped to compare the thesis result with other previously done works on the area. A survey is conducted to identify and evaluate waterfall security activities that are used in the current agile industry projects. The evaluation criteria were based on the security activity integration cost and benefit provides to agile projects. Results: The results of the systematic review are organized in a tabular form for clear understanding and easy analysis. High-profile SE processes and their activities are obtained. These results are used as an input for the survey study. From the survey study, security activities that are used in the current agile industry are identified. Furthermore, the identified security activities are evaluated in terms of benefit and cost. As a result the best security activities, that are compatible and beneficial, are investigated to agile process model. Conclusions: To develop secure software in agile model, there is a need of SE-process or practice that can address security issues in every phase of the agile project lifecycle. This can be done either by integrating the most compatible and beneficial security activities from waterfall SE processes with agile process or by creating new SE-process. In this thesis, it has been found that, from the investigated high-profile waterfall SE processes, none of the SE processes was fully compatible and beneficial to agile projects. / (046) 73 6136215

Security Engineering

Agile projects

Security Activities

Secure Software Development

Computer Sciences

Datavetenskap (datalogi)

Software Engineering

Programvaruteknik

Cybersäkerhet på väg : Säker mjukvaruutveckling i fordonsindustrin

Alfredsson, Anders

January 2023

Moderna vägfordon är i högre grad än tidigare styrda av mjukvara, och det är även vanligt att de har någon form av internetuppkoppling. För att fordonen ska kunna uppfylla de säkerhetskrav som ställs är det därför viktigt att mjukvaran är utvecklad på ett säkert sätt och under säkra former. Denna fallstudie undersöker med hjälp av strukturerade intervjuer hur några personer som arbetar med mjukvaruutveckling inom fordonsindustrin beskriver arbetet med säkerhet i utvecklingsprocessen. Resultatet visar att det finns en rad olika rutiner och riktlinjer som syftar till att skapa en säker produkt ur ett cybersäkerhetsperspektiv, men att det finns en tendens bland vissa utvecklare att förlita sig på processer och rutiner när det gäller att skapa en säker mjukvara.

secure software

secure development

säker mjukvara

säker utveckling

Computer Systems

Datorsystem

Security Testing for Web Applications in SDLC / Security Testing for Web Applications in SDLC

Srilatha, Rondla, Someshwar, Gande

January 2011

Context: In Web applications, the Software vulnerability can be reduced by applying security testing in all phases of the software development life cycle (SDLC). Lot of vulnerabilities might occur if the security testing is applied in the last phase of SDLC. In order to mitigate these vulnerabilities, a lot of rework is required that involves reverse engineering in the development and design phases. To overcome this situation, organizations are shifting from security testing (performed in last phase) towards security testing in the early phases of SDLC. Objectives: The main objectives of this thesis are to gather the benefits and challenges of security testing in the last phase versus security testing in every phase of the SDLC. After gathering, authors want to compare both implementations because these days most organizations are shifting from last phase to every phase of SDLC. Justification to the reason can be achieved by this comparison. Methods: In order to satisfy the objectives of this thesis, a literature review and interviews were conducted. The literature review was conducted by gathering benefits and challenges of last phase and every phase of SDLC. Authors have applied coding technique to the data gathered from literature review. By using the results from literature review, a set of questions were framed. Based on these questions, interviews in various organizations were performed. To analyze the practitioner’s data we used Sorting and Coding technique. Then, we conducted a comparative analysis to compare both results. Results: Application of security testing in the last phase of the SDLC results in a lot of rework which in turn leads to instability in managing the cost, time and resources in an organisation. In order to overcome this, more and more organisations are introducing security testing at each and every phase of SDLC. Conclusions: It can be concluded that every phase of security testing in SDLC has more benefits than applying in last phase of SDLC. To evaluate this process more research is needed to acquire more knowledge of security testing in all phases of SDLC. Through literature review and interviews conducted, it is evident that security testing at early phases causes a reduction in rework which in turn leads to more efficient management of cost, time and resources of a project. / +91 8977404640

Software

Security

Software development life cycle

Secure software development life cycle

Computer Sciences

Datavetenskap (datalogi)

Software Engineering

Programvaruteknik

Patterns of safe collaboration

Spiessens, Fred

21 February 2007

When practicing secure programming, it is important to understand the restrictive influence programmed entities have on the propagation of authority in a program. To precisely model authority propagation in patterns of interacting entities, we present a new formalism Knowledge Behavior Models (KBM). To describe such patterns, we present a new domain specific declarative language SCOLL (Safe Collaboration Language), which semantics are expressed by means of KBMs. To calculate the solutions for the safety problems expressed in SCOLL, we have built SCOLLAR: a model checker and solver based on constraint logic programming. SCOLLAR not only indicates whether the safety requirements are guaranteed by the restricted behavior of the relied-upon entities, but also lists the different ways in which their behavior can be restricted to guarantee the safety properties without precluding their required functionality and (re-)usability. How the tool can help programmers to build reliable components that can safely interact with partially or completely untrusted components is shown in elaborate examples.

Capabilities

Secure programming language

Capability security

Formal model

Secure programming

Software security

Scoll

Secure software

Scollar

Safe collaboration language

Security

Knowledge behavior models

Capability based security

Conception d’un crypto-système reconfigurable pour la radio logicielle sécurisée

Grand, Michaël

02 December 2011

Les travaux de recherche détaillés dans ce document portent sur la conception et l’implantation d’un composant matériel jouant le rôle du sous-système cryptographique d’une radio logicielle sécurisée.A partir du début des années 90, les systèmes radios ont peu à peu évolué de la radio classique vers la radio logicielle. Le développement de la radio logicielle a permis l’intégration d’un nombre toujours plus grand de standards de communication sur une même plateforme matérielle. La réalisation concrète d’une radio logicielle sécurisée amène son concepteur à faire face à de nombreuses problématiques qui peuvent se résumer par la question suivante : Comment implanter un maximum de standards de communication sur une même plateforme matérielle et logicielle ? Ce document s’intéresse plus particulièrement à l’implantation des standards cryptographiques destinés à protéger les radiocommunications.Idéalement, la solution apportée à ce problème repose exclusivement sur l’utilisation de processeurs numériques. Cependant, les algorithmes cryptographiques nécessitent le plus souvent une puissance de calcul telle que leur implantation sous forme logicielle n’est pas envisageable. Il s’ensuit qu’une radio logicielle doit parfois intégrer des composants matériels dédiés dont l'utilisation entre en conflit avec la propriété de flexibilité propre aux radios logicielles.Or depuis quelques années, le développement de la technologie FPGA a changé la donne. En effet, les derniers FPGA embarquent un nombre de ressources logiques suffisant à l’implantation des fonctions numériques complexes utilisées par la radio logicielle. Plus précisément, la possibilité offerte par les FPGA d'être reconfiguré dans leur totalité (voir même partiellement pour les derniers d’entre eux) fait d’eux des candidats idéaux à l’implantation de composants matériels flexibles et évolutifs dans le temps. À la suite de ces constatations, des travaux de recherche ont été menés au sein de l’équipe Conception des Systèmes Numériques du Laboratoire IMS. Ces travaux ont d’abord débouché sur la publication d’une architecture de sous-système cryptographique pour la radio logicielle sécurisée telle qu’elle est définie par la Software Communication Architecture. Puis, ils se sont poursuivis par la conception et l’implantation d’un cryptoprocesseur multi-cœur dynamiquement reconfigurable sur FPGA. / The research detailed in this document deal with the design and implementation of a hardware integrated circuit intended to be used as a cryptographic sub-system in secure software defined radios.Since the early 90’s, radio systems have gradually evolved from traditional radio to software defined radio. Improvement of the software defined radio has enabled the integration of an increasing number of communication standards on a single radio device. The designer of a software defined radio faces many problems that can be summarized by the following question: How to implement a maximum of communication standards into a single radio device? Specifically, this work focuses on the implementation of cryptographic standards aimed to protect radio communications.Ideally, the solution to this problem is based exclusively on the use of digital processors. However, cryptographic algorithms usually require a large amount of computing power which makes their software implementation inefficient. Therefore, a secure software defined radio needs to incorporate dedicated hardware even if this usage is conflicting with the property of flexibility specific to software defined radios.Yet, in recent years, the improvement of FPGA circuits has changed the deal. Indeed, the latest FPGAs embed a number of logic gates which is sufficient to meet the needs of the complex digital functions used by software defined radios. The possibility offered by FPGAs to be reconfigured in their entirety (or even partially for the last of them) makes them ideal candidates for implementation of hardware components which have to be flexible and scalable over time.Following these observations, research was conducted within the Conception des Systèmes Numériques team of the IMS laboratory. These works led first to the publication of an architecture of cryptographic subsystem compliant with the security supplement of the Software Communication Architecture. Then, they continued with the design and implementation of a partially reconfigurable multi-core cryptoprocessor intended to be used in the latest FPGAs.

Radio logicielle sécurisée

Software communication architecture

Sous-système cryptographique

Cryptoprocesseur multi-coeur

Fpga

Reconfiguration partielle dynamique

Secure software defined radio

Software communication architecture

Cyptographic subsystem

Multi-core cryptoprocessor

Fpga

Partial reconfiguration