Security Requirements Engineering in an Agile Software Development Context
Abstract
Today, software has become a critical competitive factor for many organizations. The ability to produce secure software of high quality, for less cost, in shorter timescales is a matter of survival. As the complexity in the use of software is growing, security vulnerabilities and flaws have become a critical and international issue. Acknowledging security as a reciprocal application quality, and following up with commitment to this by integrating security concerns in the agile software methodologies, is a step in the right direction. The use of predefined agile development methodologies, which have a focus on security, supported by tools and graphical artifacts, is recognized as a significant capability in the software life cycle, and as an important factor for the quality of the final software product. This project explores the domain of security requirement engineering and agile development methodologies, resulting in a design and implementation of a tool for managing requirements and selected graphical artifacts in such a context, the Precise RMT tool. The report presents in a brief manner theoretical concepts central to security requirements engineering, agile development methodologies and the technological aspects of requirement management tool. The report is intended for practitioners, managers, researchers and developers with interests for tool support in security requirement engineering in an agile development context.