A spiral model of software development and enhancement
ACM SIGSOFT Software Engineering Notes
Java security: hostile applets, holes&antidotes
Java security: hostile applets, holes&antidotes
Property-based testing: a new approach to testing for assurance
ACM SIGSOFT Software Engineering Notes
Software fault injection: inoculating programs against errors
Software fault injection: inoculating programs against errors
Securing Java: getting down to business with mobile code
Securing Java: getting down to business with mobile code
Security engineering in an evolutionary acquisition environment
Proceedings of the 1998 workshop on New security paradigms
Adaptive software development: a collaborative approach to managing complex systems
Adaptive software development: a collaborative approach to managing complex systems
Agile software development
Secure systems development based on the common criteria: the PalME project
Proceedings of the 10th ACM SIGSOFT symposium on Foundations of software engineering
Strengthening the Case for Pair Programming
IEEE Software
Specification-Based Test Generation for Security-Critical Systems Using Mutations
ICFEM '02 Proceedings of the 4th International Conference on Formal Engineering Methods: Formal Methods and Software Engineering
ITS4: A static vulnerability scanner for C and C++ code
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Software development and proofs of multi-level security
ICSE '76 Proceedings of the 2nd international conference on Software engineering
Static verification and extreme programming
Proceedings of the 2003 annual ACM SIGAda international conference on Ada: the engineering of correct and reliable software for real-time & distributed systems using ada and related technologies
Exploiting Software: How to Break Code
Exploiting Software: How to Break Code
Refactoring to Patterns
Building Secure Software: How to Avoid Security Problems the Right Way (paperback) (Addison-Wesley Professional Computing Series)
Extending XP practices to support security requirements engineering
Proceedings of the 2006 international workshop on Software engineering for secure systems
Towards Agile Engineering of High-Integrity Systems
SAFECOMP '08 Proceedings of the 27th international conference on Computer Safety, Reliability, and Security
Secure Software Engineering: Learning from the Past to Address Future Challenges
Information Security Journal: A Global Perspective
Security-oriented program transformations
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
Agile security issues: an empirical study
Proceedings of the 2010 ACM-IEEE International Symposium on Empirical Software Engineering and Measurement
Agile development with security engineering activities
Proceedings of the 2011 International Conference on Software and Systems Process
Agile security using an incremental security architecture
XP'05 Proceedings of the 6th international conference on Extreme Programming and Agile Processes in Software Engineering
A survey of test notations and tools for customer testing
XP'05 Proceedings of the 6th international conference on Extreme Programming and Agile Processes in Software Engineering
Security planning and refactoring in extreme programming
XP'06 Proceedings of the 7th international conference on Extreme Programming and Agile Processes in Software Engineering
Agile Software Development: The Straight and Narrow Path to Secure Software?
International Journal of Secure Software Engineering
Experiences by using AFFINE for building collaborative applications for online communities
OCSC'13 Proceedings of the 5th international conference on Online Communities and Social Computing
| Hi-index | 0.00 |
Agile development methodologies are gaining acceptance in the software industry. If they are to be used for constructing security-critical solutions, what do we do about assurance? This paper examines how conventional security assurance suits agile methodologies for developing software-intensive systems. It classifies security assurance methods and techniques with regards to their clash with agile development. Suggestions are made for alleviating mismatches between these two methods.