Name
Abstract | ||
|---|---|---|
With agile methodologies increasingly being applied in regulated environments, security and compliance emerge as critical issues. Combining both concerns is challenging because security engineering techniques are often based on linear development. We propose a method for achieving continuous and secure development by mapping the requirements of security standards into an agile process model. Additionally, this allows verification of compliance even in the face of dynamic process changes. Applicability of the method is demonstrated by using Business Process Model and Notation (BPMN) to model and extend activities and artifacts of Scaled Agile Framework (SAFe) according to requirements of IEC 62443-4-1, a standard for secure product development in industrial systems.
|
Year | DOI | Venue |
|---|---|---|
2018 | 10.1145/3194760.3194767 | RCoSE@ICSE |
Keywords | Field | DocType |
Continuous Software Engineering, Continuous Security, Continuous Compliance, IEC 62443, Scaled Agile Framework, Secure Software Engineering | Systems engineering,Industrial systems,Security engineering,Computer science,Scaled Agile Framework,Agile software development,Continuous software engineering,Business Process Model and Notation,New product development | Conference |
ISBN | Citations | PageRank |
978-1-4503-5745-6 | 1 | 0.34 |
References | Authors | |
9 | 5 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Fabiola Moyon | 1 | 2 | 1.07 |
| Kristian Beckers | 2 | 164 | 31.93 |
| Sebastian Klepper | 3 | 10 | 2.10 |
| Philipp Lachberger | 4 | 1 | 0.34 |
| Bernd Bruegge | 5 | 593 | 92.79 |