RT Journal Article
T1 Managing security debt across PLC phases in a VSE context
A1 Larrucea, Xabier
A1 Santamaria, Izaskun
A1 Fernandez-Gauna, Borja
AB Nowadays, security and safety aspects are two of the major concerns for any software system development, especially while developing safety critical systems. This is especially relevant for very small entities because they have a limited amount of resources for dealing with all these aspects at the same time. In addition, these systems are highly regulated domains, and they involve a huge set of standards focused on safety and security-related issues. Therefore, these small entities are not only facing hurdles related to technical aspects but also from the so-called technical debt when overarching a critical development. This paper extends the assurance cases approach by integrating security aspects within the life cycle, and it proposes a framework for managing the associated security technical debt for very small entities. A tool chain is outlined, and the approach is illustrated with an industrial use case.
SN 1532-060X
YR 2020
FD 2020-03-01
LK https://hdl.handle.net/11556/3561
UL https://hdl.handle.net/11556/3561
LA eng
NO Larrucea , X , Santamaria , I & Fernandez-Gauna , B 2020 , ' Managing security debt across PLC phases in a VSE context ' , Journal of software: Evolution and Process , vol. 32 , no. 3 , e2214 . https://doi.org/10.1002/smr.2214
NO Publisher Copyright: © 2019 John Wiley & Sons, Ltd.
DS TECNALIA Publications
RD 30 jul 2024