Advanced method of scaling the flexible methodology of software development
Main Article Content
Abstract
The subject of the article is an improved way to scale flexible methodology of software development. The goal is to reduce the potential losses caused by the security risks of software development and operation at most stages of its life cycle. Objectives: analysis of existing methodologies and approaches to software development, exploring the possibilities for scaling methodologies within individual projects, improving the overall design of the software development cycle, developing a software development management framework for both the individual project and the development organization as a whole, developing practical Recommendations to improve the security of software at various stages of the life cycle. The methods that are used: system analysis of risks, cause-and-effect analysis. The following results are obtained. The analysis of existing flexible software development methodologies has been carried out, prospective directions and approaches of this industry have been determined, and the opportunities for scaling flexible methodologies have been identified. The scheme of the life cycle of software development is improved, the distinctive feature of which is the introduction of additional subsections and roles aimed at increasing the security of software. The structure of software development management is improved, which differs from the known ones taking into account the security risks in the development process. Practical recommendations for using an improved method of scaling a flexible methodology have been developed. Conclusions. The implementation of the proposed improved method of scaling the existing software development methodology differs from those known by the inclusion and use of additional security specialists in the development team. This may entail some slowdown in code execution and an increase in the number of detected defects (bugs) during alpha testing, and, therefore, an increase in the life time of bugs. However, in the future, these local impairments can achieve a better end result (improving the safety of the developed software) and provide both rapid growth of functionality and an acceptable level of service quality. And this, in turn, will be an attractive motive for further cooperation between the customer and the developer.
Article Details
References
Barry, W. Boehm and Richard, Turner (2004), Balancing Agility and Discipline - A Guide for the Perplexed, Addison-Wesley, New York, 266 p.
Demarko, T. and Lister, T. (2005), Chelovecheskiy faktor: uspeshnyye proyekty i komandy, Simvol-Plyus, Sankt-Peterburg, 256 p.
Ruby, S., Thomas, D. and Hansson, D.H. (2013), Agile Web Development with Rails 4, Pragmatic Programmers, LLC, 439 p., ISBN: 978-1-93778-556-7.
Deming, E., Dzhuran, Dzh., Krosbi, F., Isikava, K., Feygenbaum, A. and Taguti, T.(2001), Guru menedzhmenta kachestva i ikh kontseptsii, available at : http://www.management.com.ua/qm/qm009.html (last accessed February 1, 2017).
Hasan, Yasar (2016), Security Practitioner Perspective on DevOps for Building Secure Solutions, available at : http://www.sei.cmu.edu/webinars/view_webinar.cfm?webinarid=474101&gaWebinar=SecurityPractitionerPerspectiveonDevOpsforBuildingSecureSolutions (last accessed February 1, 2017).
Highsmith, J. (2006), Agile Software Development Ecosystems, Boston : AddisonWesley, 448 p.
Kuzumano, Maykland and Poppendik Meri (2012), “Berezhlivaya razrabotka program”, Otkrytyye sistemy. SUBD,
No. 08, available at : https://www.osp.ru/os/2012/08/13019237/ (February 1, 2017).
Makhmetov, G.Ye. (2017), Kogda «agile» (ne) k mestu, available at : https://makhmetov.ru/articles/agile.html (last accessed February 1, 2017).
Sherman, Mark (2017), Building Secure Software for Mission Critical Systems, available at :
http://resources.sei.cmu. edu/asset_files/Presentation/2017_017_001_495865.pdf (last accessed February 1, 2017).
Sherman, Mark and Schiela, Robert (2016), From Secure Coding to Secure Software, available at :
http://www.sei. cmu.edu/webinars/view_webinar.cfm?webinarid=483646 (last accessed February 1, 2017).
Putu, Adi and Guna, Permana (2015), “Scrum Method Implementation in a Software Development Project Management”, International Journal of Advanced Computer Science and Applications, Vol. 6, No. 9, pp. 199–205.
Shvachich, G.G., Semenov, S.G. Glavchev, M.I. and Kassem, Khalife (2017), “Model' rascheta vremennykh granits proyektov razrabotki programmnogo obespecheniya”, Sistemi upravlínnya navígatsíí ta zv’yazku, PNTU, Poltava,
No. 1 (41), pp. 43-49.
Klieber, Williamand and Snavely, William (2016), Automated Code Repair Based on Inferred Specifications, available at : http://resources.sei.cmu.edu/asset_files/ConferencePaper/2016_021_001_483599.pdf (last accessed February 1, 2017).