| Summary: | The diffusion of software into all areas of life and all forms of business, increases the demand for high-quality and secure software products. Software development methodologies are designed to improve the quality of software by incorporating practices that promote quality in the developed software. Software security is an important facet of software quality, particularly in this era, where most software is deployed for use over the Internet. Most research on developing high-quality and secure software is normally focused on teams at the expense of individual developers. In trying to fill this gap, in this paper we propose an agile secure-software development methodology. We design a methodology that promotes quality and security in the software products of solo developers. We integrate quality practices with lightweight security practices to produce agile secure software development practices. We draw quality practices from a solo software development framework designed in our previous study, while security practices are drawn from existing lightweight methodologies. We adapt Keramati and Mirian-Hosseinabadi's algorithm to integrate the two sets of practices, taking care to maintain an optimum degree of agility in the target methodology. We evaluate the utility of the resultant methodology through a case study. Results from the case study show that our proposed methodology can be used to build quality and secure software products without compromising the agility of the methodology.
|
|---|