Can Software Engineers Be Both Agile and Secure?

Author:
Richard G. Epstein
File Size:
88.52 kB
Date:
01 July 2007
Downloads:
1292 x

This paper describes an undergraduate course in software engineering that introduces students to a variety of processes that are used to develop software. Students are asked to consider the security implications of the various processes. Special emphasis is given to PSP, CMM and agile processes (like eXtreme Programming and Scrum). An important issue in this course is whether agile processes can produce secure software and, if not, how they might be improved to make agile processes more secure. Students work on a major team project that involves developing a software process for a pretend company and a team presentation project that addresses the security issues specifically.

Can Software Engineers Be Both Agile and Secure?