Question

Identify a non-traditional software development model that could be used by your company.

Provide a summary of the major steps in the development model, and describe the potential security threats for each step.

Using the security development model as the foundation for analysis, develop and document appropriate policies and processes for each security risk that will minimize the threat.

Association with the security development model should be demonstrated in the policies and processes.

Answer 1

It is the agile software development model which can be used as it is an iterative method and also a team based approach . For this kind of development moel the steps being used are as follows:

1) Requirement gathering and documentation

2) System Design

3) Code as well as unit testing

4) System Testing

5) User aceptance testing

6) Bug fixes (if applicable)

7) Delivery of the products.

As the above approach is iterative in nature hence this can be segreggated to the following:

1) Project initiations

2) Sprint planning

3) Demos

All of these methods / steps would need a customer involvement without which this model will not work. Also for agile development there is no formal documentation that is being maintained like the traditional methods.

Also the software method that is to be used is uncertain which makes it a bit more complicated.

Some of the policies which might help are as follows:

1) Interaction of individuals with respect to the processes and tools

2) Viable solution to be provided to the user with respect to endless papers

3) Clients input as well as user research

4) Responding to the changes that has been planned for..

5) Testing the solution to be provided

6) Checking the progress thoroughly

7) Documentiong the changes made to the system for benefit of the team.

8) Proper team structuring to welcome any changes.

All of the above can be helpful for helping reduce the amount of threat to the system or use of agile development tool.