Building Secure Software for Smart Aging Care Systems: An Agile Approach
There exists a persistent challenge in sufficiently addressing software security issues and effectively integrating security procedures into the software development life cycle. Software products vulnerable to security threats can result in severe consequences, especially in sensitive domains like t...
Saved in:
Published in | 2024 IEEE 24th International Conference on Software Quality, Reliability and Security (QRS) pp. 562 - 571 |
---|---|
Main Authors | , , |
Format | Conference Proceeding |
Language | English |
Published |
IEEE
01.07.2024
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | There exists a persistent challenge in sufficiently addressing software security issues and effectively integrating security procedures into the software development life cycle. Software products vulnerable to security threats can result in severe consequences, especially in sensitive domains like those providing age-related support for older adults. This work offers guidelines to address software vulnerabilities in one of such evolving and sensitive domains, namely, Smart Aging Care Systems (SACS). The existing guidelines for securing the software cannot effectively address the observed vulnerabilities in SACS because of the unique demographics of its users and special design requirements. Therefore, the primary objective of this paper is to enhance the comprehension of secure software development methods, considering best security practices or controls in general and tailoring their selection based on the unique requirements of SACS. The chosen controls are then reshaped to align with the specific needs of SACS, with implementation carried out using the agile framework, specifically Scrum. We believe that this work will aid software development organizations in significantly enhancing the security of their software products for SACS dynamically and effectively, leveraging the Scrum framework, and also inspire its implementation in other emerging domains. |
---|---|
ISSN: | 2693-9177 |
DOI: | 10.1109/QRS62785.2024.00062 |