International Society of Science and Applied Technologies |
|
Secured Release through an Agile Security Growth Framework | ||||
Author | Saikath Bhattacharya
|
|||
Co-Author(s) | Laurie Williams; Munindar P. Singh
|
|||
Abstract | Software development teams need to produce and assess secure software products so that they can perform critical functionality. Because no software product can ever be “perfectly secure,” development teams need to decide when a software product is “secure enough” to be released, that is, to make a decision on the product’s release readiness. The goal of this paper is to aid software practitioners in predicting whether a software product is “secure enough” to be released through the evolution and evaluation of software security growth models (SSGM). In this paper, we adapt and evolve software reliability growth models (SSGMs) for the purpose of SSGM using empirical software vulnerability analysis. We quantitatively compare the quality of agile software versions by comparing the security correction and detection process over testing time and software testing cost. The framework is generic to incorporate software vulnerability data into different time frames and multiple agile software versions. We evaluated our SSGM using data from Google Chromium, which uses an agile process with releases every 50 days.
|
|||
Keywords | Software Security, Software Reliability Growth Model, Software Release Readiness, Agile Process, Software Security Growth Model | |||
Article #: RQD2024-6 |
Proceedings of 29th ISSAT International Conference on Reliability & Quality in Design |