Software Development Security - Methodologies

Download as pdf or txt
Download as pdf or txt
You are on page 1of 2

Methodologies -

a. Waterfall - a sequential development approach, in which


development is seen as flowing steadily downwards (like a waterfall)
through several phases, typically:
1. Requirements analysis resulting in a software
requirements specification
2. Software design
3. Implementation
4. Testing
5. Integration, if there are multiple subsystems
6. Deployment (or Installation)
7. Maintenance

Examples - Cleanroom | Structured Programming | Spiral

b. Agile/prototyping/rapid application development -


requirements and solutions evolve via collaboration between self-
organizing cross-functional teams, that use a process incorporating
continuous feedback to successively refine and deliver a software
system. Results-driven approaches that focus on early delivery and
continual optimization of software/systems, as opposed to
concentrating on contract renegotiations and documentation

Examples - Kanban | Scrum

c. Spiral - takes key aspects of the waterfall model and


rapid prototyping methodologies in an effort to combine advantages
of top-down and bottom-up concepts. Provides emphasis on iterative
risk analysis, particularly suited to large-scale complex systems. 4
stages of model:

1. determine objectives
2. identify & resolve risk(s)
3. develop & test
4. plan next iteration

d. DevOps/DevSecOps/integrated product team - A combination


of participants from various functional areas (development,
productions/operations, security, quality assurance, management,
etc.) involved in the overall development effort, intended to ensure
all functional and nonfunctional requirements are met during
software/system development

What is the SDLC? - a multistep, iterative process, structured in a


methodical way. Used to model or provide a framework for technical
and non-technical activities to deliver a quality system which meets
and/or exceeds expectations.

You might also like