dc.description.abstract |
Software security for agile methods, particularly for those designed for individual developers,
is still a major concern. With most software products deployed over the Internet, security as a
key component of software quality has become a major problem. In addressing this problem,
this research proposes a solo software development methodology (SSDM) that uses as
minimum resources as possible, at the same time conforming to the best practice for delivering
secure and high-quality software products.
Agile methods have excelled on delivering timely and quality software. At the same time
research also shows that most agile methods do not address the problem of security in the
developed software. A metasynthesis of SSDMs conducted in this thesis confirmed the lack
practices that promote security in the developed software product. On the other hand, some
researchers have demonstrated the feasibility of incorporating existing lightweight security
practices into agile methods.
This research uses Design Science Research (DSR) to build, demonstrate and evaluate a
lightweight SSDM. Using an algorithm adapted for the purpose, the research systematically
integrates lightweight security and quality practices to produce an agile secure-solo software
development methodology (Secure-SSDM). A multiple-case study in an academic and industry
setting is conducted to demonstrate and evaluate the utility of the methodology. This
demonstration and evaluation thereof, indicates the applicability of the methodology in
building high-quality and secure software products. Theoretical evaluation of the agility of the
Secure-SSDM using the four-dimensional analytical tool (4-DAT) shows satisfactory
compliance of the methodology with agile principles.
The main contributions in this thesis are: the Secure-SSDM, which entails description of the
concepts, modelling languages, stages, tasks, tools and techniques; generation of a quality
theory on practices that promote quality in a solo software development environment;
adaptation of Keramati and Mirian-Hosseinabadi’s algorithm for the purposes of integrating
quality and security practices. This research would be of value to researchers as it introduces
the security component of software quality into a solo software development environment,
probing more research in the area. To software developers the research has provided a
lightweight methodology that builds quality and security into the product using minimum
resources. |
en |