A Gamified Proposal for Software Risk Analysis in Agile Methodologies

Gasca‐Hurtado, Gloria Piedad; Álvarez, María Clara Gómez; Muñoz, Mirna; Peña, Adriana

doi:10.1007/978-3-030-28005-5_21

Cited by 4 publications

(7 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Finally, based on the identified characteristics, an agile cybersecurity risk management framework is proposed (see Section 4.7). Nelson et al [48] Students, Industry Using Scrum Franqueira et al [49] Using Scrum Tomanek, Juricek [50] PRINCE2 Dorca et al [51] Industry COBIT using Kanban Maier et al [52] Industry Using Scrum Hammad, Inayat [53] Students Brainstorming Odzaly et al [54] Students Agile Risk Tool Ripolles et al [55] Industry Using agile practices Hurtado et al [56] Students Gamification Chaoucha et al [1] Using Scrum Newton et al [57] Industry Using agile practices Tavares et al [3] Industry Rm4Am de Souza Lopes et al [58] Students, Industry RIMPRO Hauck and Vieira [2] Using agile practices Kagombe et al [59] Industry Using Scrum…”

Section: Resultsmentioning

confidence: 99%

“…Hence, primary risk assessment, identification, and security requirement activities were injected into iterations or sprints. Different approaches were noted, e.g., gamification practices in an agile, proactive manner [56], and in general part of standard agile (planning and daily/weekly) ceremonies [2,50,51]. Awareness and attitude towards security requirements as a team effort were also found to be a success factor in 'shifting security left', i.e., to encourage security testing early on to provide more time to address identified issues [57].…”

Section: Software Development Life Cyclementioning

confidence: 99%

“…A few of the reviewed articles did elaborate on security assurance as part of agile software projects C 3 -such as security testing, tests for vulnerabilities and conflicts with audit needs. For example, in [56], gamification was used as an underlying framework for security assurance. During the product engineering phase, test and coverage was addressed explicitly as an activity to consider.…”

Section: Security Assurancementioning

confidence: 99%

“…The challenges associated with the lack of security awareness and experience were addressed in a few articles [49,55,56,58]. The typical approaches were either building up a knowledge base or involve external security experts in cyberseurity activities.…”

Section: Awareness and Collaborationmentioning

confidence: 99%

See 3 more Smart Citations

Towards Agile Cybersecurity Risk Management for Autonomous Software Engineering Teams

Salin

Lundgren

2022

JCP

View full text Add to dashboard Cite

In this study, a framework was developed, based on a literature review, to help managers incorporate cybersecurity risk management in agile development projects. The literature review used predefined codes that were developed by extending previously defined challenges in the literature—for developing secure software in agile projects—to include aspects of agile cybersecurity risk management. Five steps were identified based on the insights gained from how the reviewed literature has addressed each of the challenges: (1) risk collection; (2) risk refinement; (3) risk mitigation; (4) knowledge transfer; and (5) escalation. To assess the appropriateness of the identified steps, and to determine their inclusion or exclusion in the framework, a survey was submitted to 145 software developers using a four-point Likert scale to measure the attitudes towards each step. The resulting framework presented herein serves as a starting point to help managers and developers structure their agile projects in terms of cybersecurity risk management, supporting less overloaded agile processes, stakeholder insights on relevant risks, and increased security assurance.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Software Development Life Cyclementioning

confidence: 99%

Section: Security Assurancementioning

confidence: 99%

Section: Awareness and Collaborationmentioning

confidence: 99%

See 2 more Smart Citations

Towards Agile Cybersecurity Risk Management for Autonomous Software Engineering Teams

Salin

Lundgren

2022

JCP

View full text Add to dashboard Cite

show abstract

“…[64] proposed a model for enhancing the knowledge management process in software companies, and Ref. [65] introduced a gamified proposal for a software risk analysis in agile methodologies. The results obtained noticed the positive impact that gamification has on knowledge management and risk management processes.…”

Section: Introductionmentioning

confidence: 99%

Gamification in IT Service Management: A Systematic Mapping Study

2021

View full text Add to dashboard Cite

Despite the benefits of adopting IT Service Management (ITSM) reference models, such initiatives do not always produce the expected results. The research literature in this area concludes that motivation, engagement, skills, experience, performance and willingness to change of the personnel involved are among the critical factors for an effective ITSM implementation. Gamification has the capability to improve people’s motivation and engagement and to drive people’s behavior to meet the objectives set. Besides, gamification is widely used in learning systems for increasing students’ skills and competences. In the last years, many researchers have added gamification to their process improvement initiatives to increase the motivation and engagement of process participants and to address their behavior throughout the process. Thus, we consider that adopting gamification in ITSM processes can be an interesting area of study. In this paper, we conducted a systematic mapping study to analyze the actual state of research in the field of ITSM gamification and identify the key challenges that justify future research. The results of our study highlight the positive impact of adopting gamification in ITSM processes and that ITSM gamification is a novel an attractive research area with many action possibilities.

show abstract

Towards a Guide for Risk Management Integration in Agile Software Projects

Hauck

Vieira

2021

Communications in Computer and Information Science

View full text Add to dashboard Cite

A Gamified Proposal for Software Risk Analysis in Agile Methodologies

Cited by 4 publications

References 19 publications

Towards Agile Cybersecurity Risk Management for Autonomous Software Engineering Teams

Towards Agile Cybersecurity Risk Management for Autonomous Software Engineering Teams

Gamification in IT Service Management: A Systematic Mapping Study

Towards a Guide for Risk Management Integration in Agile Software Projects

Contact Info

Product

Resources

About