Abstract
Agile software development is practiced in most software development projects around the world. To explicitly consider and include security requirements as part of agile software development is referred to as ‘secure agile’. To include security will naturally require additional time and effort, with potentially reduced agility as a consequence. To maintain agility, it is important to have efficient methods to include security in the development process. In this study, we describe enhancements to Threat Poker, which is a game designed for the software development team to deal with security threats identified during the agile development project. Games can be valuable educational tools for actively engaging students and practitioners alike. An experiment with students indicates that playing Threat Poker increases security awareness and that it is a fun and simple way to discuss identified security threats and how to remove security vulnerabilities during the software development process.
Cite
CITATION STYLE
Jøsang, A., Stray, V., & Rygge, H. (2020). Threat Poker: Gamification of Secure Agile. In IFIP Advances in Information and Communication Technology (Vol. 579 IFIP, pp. 142–155). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-59291-2_10
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
