A Systematic Mapping Study on Security in Agile Requirements Engineering

by   H. Villamizar, et al.

[Background] The rapidly changing business environments in which many companies operate is challenging traditional Requirements Engineering (RE) approaches. This gave rise to agile approaches for RE. Security, at the same time, is an essential non-functional requirement that still tends to be difficult to address in agile development contexts. Given the fuzzy notion of "agile" in context of RE and the difficulties of appropriately handling security requirements, the overall understanding of how to handle security requirements in agile RE is still vague. [Objective] Our goal is to characterize the publication landscape of approaches that handle security requirements in agile software projects. [Method] We conducted a systematic mapping to outline relevant work and contemporary gaps for future research. [Results] In total, we identified 21 studies that met our inclusion criteria, dated from 2005 to 2017. We found that the approaches typically involve modifying agile methods, introducing new artifacts (e.g., extending the concept of user story to abuser story), or introducing guidelines to handle security issues. We also identified limitations of using these approaches related to environment, people, effort and resources. [Conclusion] Our analysis suggests that more effort needs to be invested into empirically evaluating the existing approaches and that there is an avenue for future research in the direction of mitigating the identified limitations.



There are no comments yet.


page 1

page 2

page 3

page 4


Revealing the State-of-the-Art in Large-Scale Agile Development: A Systematic Mapping Study

Context: The large-scale adoption of agile methods has received signific...

Leveraging creativity in requirements elicitation within agile software development: a systematic literature review

Agile approaches tend to focus solely on scoping and simplicity rather t...

Non-functional Requirements Documentation in Agile Software Development: Challenges and Solution Proposal

Non-functional requirements (NFRs) are determinant for the success of so...

Focus Areas, Themes, and Objectives of Non-Functional Requirements in DevOps: A Systematic Mapping Study

Software non-functional requirements address a multitude of objectives, ...

Using DevOps Toolchains in Agile Model-Driven Engineering

For Model-Driven Engineering (MDE) to become Agile, it is has to be usab...

Direct and mediating influences of user-developer perception gaps in requirements understanding on user participation

User participation is considered an effective way to conduct requirement...

An Approach for Reviewing Security-Related Aspects in Agile Requirements Specifications of Web Applications

Defects in requirements specifications can have severe consequences duri...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.