Secure dynamic system development method (SDSDM): a survey about its suitability

Abstract

Building secure software is about taking security into account during all phases of software development. However, the major problem in agile methods is the lack of basic security elements in their phases and practices. One of such method is Dynamic System Development Method (DSDM).Based on this study, we have observed that the original/traditional DSDM does not help guide the agile to develop secure software. In order to address this issue, we introduced additional phases and sub-phases to the original/traditional DSDM to integrate security. The proposed model is named Secure Dynamic System Development Method (SDSDM), which has six phases. These phases and sub-phases are feasibility study, functional model iteration, secure functional model iteration, secure design, design and build iteration and implementation. Our findings highlight an improved agility in DSDM after integration of security. However, the study focuses on a questionnaire (survey) where the subject matter experts’ opinion has been used to validate our model. Based on the experts’ opinion, we can say that it is possible to develop secure software using SDSDM model without affecting its agility negatively.