Applying Lean Principles to Overcome Challenges of Software Security in Agile Mode of Operation
Upcoming SlideShare
Loading in...5
×
 

Applying Lean Principles to Overcome Challenges of Software Security in Agile Mode of Operation

on

  • 963 views

Developing secure software is a complex and asymmetrical endeavor since it requires high level of technical expertise in order to mitigate known risks and vulnerabilities of today and to withstand ...

Developing secure software is a complex and asymmetrical endeavor since it requires high level of technical expertise in order to mitigate known risks and vulnerabilities of today and to withstand attacks from the unknown threats of tomorrow. The traditional way of securing software is based on thorough threat analysis, extensive capture of the security requirements and detailed planning of the mitigations. This highly formulated approach is contradictory in many aspects to the principles of Lean and Agile software development.
In this talk we are presenting a context sensitive framework of secure software deployment that is based on the principles of Lean development like eliminating waste, amplified learning, late decisions and fast deliveries without making any compromises regarding security. Our approach is focusing on providing product owners with detailed information about the impact of threats to products and the cost of mitigations, allowing them to assess and prioritize security items using the same criteria as any other item in their product backlog.

Thoralf J. Klatt, Mario Lischka, Panayotis Kikiras

Statistics

Views

Total Views
963
Views on SlideShare
542
Embed Views
421

Actions

Likes
0
Downloads
2
Comments
0

4 Embeds 421

http://www.checkmarx.com 400
http://feeds.feedburner.com 13
http://www.linkedin.com 5
https://www.linkedin.com 3

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Applying Lean Principles to Overcome Challenges of Software Security in Agile Mode of Operation Applying Lean Principles to Overcome Challenges of Software Security in Agile Mode of Operation Presentation Transcript

  • Applying Lean Principles toOvercome Challenges of SoftwareSecurity in Agile Mode of Operation Thoralf J. Klatt Mario Lischka Panayotis Kikiras Software-Qualität und Smart Cities - Herausforderungen und Chancen Berlin 15-16 October 2012 1
  • Agenda• Lean Principles and Agile Development• Usable Security• Secure software development in Agile environment• Prioritizing Security• Conclusions Software-Qualität und Smart Cities - Herausforderungen und Chancen (16. Oct 2012) 2
  • Lean Thinking in Agile Development• Eliminate Waste does it add end user value?• Amplify Learning validated learning• Decide as Late as Possible real options• Deliver as Fast as Possible fast learning• Empower the Team mastery, autonomy, purpose• Build Integrity In perceived and conceptual integrity• See the Whole simplify structure, optimize behaviour Nordic Reading: http://www.fokkusu.fi/agile-security/ Software-Qualität und Smart Cities - Herausforderungen und Chancen (16. Oct 2012) 3
  • Definition of SecureSecure product is one that protects the confidentiality, integrity, and availability of the customers’ information, and the integrity and availability of processing resources under control of the system’s owner or administrator. -- Source: Writing Secure Code (Michael Howard, David LeBlanc) Software-Qualität und Smart Cities - Herausforderungen und Chancen (16. Oct 2012) 4
  • Security is mainly a software problem• Depending on the source, an estimated 70% to 92% of security breaches result from vulnerabilities in software.• Network Security Layer is adequately addressed (firewalls, IDS, IPS, Antivirus).• A new star is rising though … The end user Software-Qualität und Smart Cities - Herausforderungen und Chancen (16. Oct 2012) 5
  • Incentives to Improve Source: Fundamentals of Secure Architecture – online available at https://knowledge.elementk.com Software-Qualität und Smart Cities - Herausforderungen und Chancen (16. Oct 2012) 6
  • Where is Scrum now?• Early and continuous delivery of valuable software• Welcome changing requirements, even late in development• Build projects around motivated individuals and trust them to get the job done.• Working software as the primary measure of progress• Continuous attention to technical excellence and good design• Simplicity—maximizing the amount of work not done• The best architectures, requirements, and designs emerge from self-organizing teams• At regular intervals, the team reflects on, tunes, and adjusts its behavior Software-Qualität und Smart Cities - Herausforderungen und Chancen (16. Oct 2012) 7
  • Where are you now?• You trust that your teams are doing their best for security. • Do they?• No specific care being taken in designing for security unless the customer requires that • Does it happen now?• How a PO prioritizes security if not required by the customer? Software-Qualität und Smart Cities - Herausforderungen und Chancen (16. Oct 2012) 8
  • Usable Security to Eliminate Waste• Customers in general never ask for security directly • The product is expected to be secure • As a service to protect the business case• Sometimes customers and security specialists are overexaggerating• Teams should provide built-in solutions based on thorough Risk Analysis and Threat Assessment • UX: simplify structure, enrich functionality Software-Qualität und Smart Cities - Herausforderungen und Chancen (16. Oct 2012) 9
  • Securing Scrum Security User Stories Data Threats &Flow & Risks Retrospective ThreatAnalysis Sprint Imple Prod tation men uct Continuous Security Tests Software-Qualität und Smart Cities - Herausforderungen und Chancen (16. Oct 2012) 10
  • Prioritizing Security: Risk – Adjusted Backlog • Project Risks – security threats are like anti-value • If a risk occurs, takes time and resources away from activities that deliver value. • Therefore not only plan to deliver high value early but plan to execute risk avoidance and mitigation activities early too! • Risk management great fit in Agile development • Through iterations we can tackle high-risk areas sooner than later • Deal with threats when still exists time and budget to work with them • Reduces the amount of effort invested in work that may end up scraped. Software-Qualität und Smart Cities - Herausforderungen und Chancen (16. Oct 2012) 11
  • A security risk can be prioritized like any other featurePrioritized Feature list with ROI Values Prioritized Risk list –Ordered by Severity Risk i Risk 1 Must 5000€ (Risk Impact (in€,points)XRisk (9000€X50%=4500€) Propability (in %)) Risk 2 Must 4000€ (8000€X50%=4000€) Risk 3 Should 3000€ (3000€X25%=1500€) Risk 4 Should 2000€ (2500€X25%=625€) Risk 5 Could 1000€ (500€X20%=100€) Software-Qualität und Smart Cities - Herausforderungen und Chancen (16. Oct 2012) 12
  • Risk-adjusted Backlog Prioritized risk list Prioritized requirements Risk Adjusted list Backlog Risk 1 Requirement 1 Requirement 1 (9000€X50%=4500€) 5000 5000 Risk 2 Requirement 2 Risk 1 (8000€X50%=4000€) 4000 (9000€X50%=4500 €) Risk 3 Requirement 3 Requirement 2 (3000€X25%=1500€) 3000 4000 Risk 4 Requirement 4 Risk 2 (2500€X25%=625€) 2000 (8000€X50%=4000 €) Risk 5 Requirement 5 Requirement 3 (500€X20%=100€) 1000 3000 Software-Qualität und Smart Cities - Herausforderungen und Chancen (16. Oct 2012) 13
  • Analyze the Dataflow• Realization of User Stories whose acceptance criteria requires detailed look on potential threats• Dataflow and STRIDE Analysis support identification of threats Spoofing of Identity T M Tampering Repudiation Information Disclosure Denial of Service Elevation of privilege S M E M STRIDE R M Software-Qualität und Smart Cities - Herausforderungen und Chancen (16. Oct 2012) 14
  • Conclusions• Also part of the Security Scrum process • Continuous Integration Testing • Explicit regression for acceptance criteria • Code Analysis (SAN 25) • Fuzzy Testing • Secure Coding Guidelines• Adding Security to Scrum process is necessary and possible • Backlog Prioritization based on identified Risks • Modeling threats in user stories (business and technical) • Integrated security testing• Incorporating experiences from Scrum teams at AGT R&D (incl. explicit vs. implicit stories) Software-Qualität und Smart Cities - Herausforderungen und Chancen (16. Oct 2012) 15
  • Contacts:Thoralf J. Klatt tjklatt@agtinternational.comDr. Mario Lischka mlischka@agtinternational.comDr. Panayotis Kikiras pkikiras@agtinternational.com 16