• A Study of Requirement Negotiation in Open Source Communities 

      Sulland, Magnus (Master thesis, 2010)
      A study of requirement handling in two Open Source communities, Qpid and Qt. Exploring how requirements are expressed and negotiated within a OSS COTS-component providing community.
    • Challenges and Experiences with Applying Microsoft Threat Modeling in Agile Development Projects 

      Cruzes, Daniela Soares; Jaatun, Martin Gilje; Bernsmed, Karin; Tøndel, Inger Anne (Journal article; Peer reviewed, 2018)
      The goal of secure software engineering is to create software that keeps performing as intended even when exposed to attacks. Threat modeling is considered to be a key activity, but can be challenging to perform for ...
    • Collaboration Patterns among Commercial Firms in Community-Based OSS Projects 

      Snarby, Terje (Master thesis, 2013)
      Context: Open Source Software (OSS) development is a highly distributed and collaborative activity and was initially performed by developers volunteering their time and effort. During the recent years, OSS has transformed ...
    • Collaborative security risk estimation in agile software development 

      Tøndel, Inger Anne; Jaatun, Martin Gilje; Cruzes, Daniela Soares; Williams, Laurie (Journal article; Peer reviewed, 2019)
      Purpose Today, agile software development teams in general do not adopt security risk-assessment practices in an ongoing manner to prioritize security work. Protection Poker is a collaborative and lightweight software ...
    • Coopetition of software firms in open source software ecosystems 

      Nguyen Duc, Anh; Cruzes, Daniela Soares; Hanssen, Geir Kjetil; Snarby, Terje; Abrahamsson, Pekka Kalevi (Journal article; Peer reviewed, 2017)
      Software firms participate in an ecosystem as a part of their innovation strategy to extend value creation beyond the firm’s boundary. Participation in an open and independent environment also implies the competition among ...
    • Information Security Incident Management: A case study about preparedness and readiness 

      Akhtar, Sania (Master thesis, 2014)
      Organisasjoner idag øker sin konkurranseevne ved stadig å benytte seg av nyere teknologi, og avhengigheten rettet til informasjonsteknologi ser bare ut til å bre seg. I dagens samfunn lagres mesteparten av informasjonen ...
    • System requirements-OSS components: matching and mismatch resolution practices – an empirical study 

      Ayala, Claudia; Nguyen Duc, Anh; Franch, Xavier; Höst, Martin; Conradi, Reidar; Cruzes, Daniela Soares; Ali Babar, Muhammand (Journal article; Peer reviewed, 2018)
      Developing systems by integrating Open Source Software (OSS) is increasingly gaining importance in the software industry. Although the literature claims that this approach highly impacts Requirements Engineering (RE) ...
    • Understanding challenges to adoption of the Microsoft Elevation of Privilege game 

      Tøndel, Inger Anne; Oyetoyan, Tosin Daniel; Jaatun, Martin Gilje; Cruzes, Daniela Soares (Chapter, 2018)
      The goal of secure software engineering is to create software that keeps performing as intended even when exposed to an active attacker. Threat modelling is considered to be a key activity, but can be challenging to perform ...
    • Understanding Challenges to Adoption of the Protection Poker Software Security Game 

      Tøndel, Inger Anne; Jaatun, Martin Gilje; Cruzes, Daniela Soares; Oyetoyan, Tosin Daniel (Chapter, 2019)
      Currently, security requirements are often neglected in agile projects. Despite many approaches to agile security requirements engineering in literature, there is little empirical research available on why there is limited ...