Abstract
A 2017 systematic review on engineering non-functional requirements in agile projects revealed a number of published proposals for approaching security requirements in agile settings. While these proposals acknowledge the urgent need for methods to systematically engineer security requirements in agile projects, they were designed mostly in academic settings. Very little empirical evaluation of these proposals happened in real-life contexts. In turn, little is known about how agile developers understand security requirements and how they devise their coping strategies regarding these requirements. This position paper presents a qualitative analysis that sought to discover how agile practitioners reason about security requirements, what contextual factors they consider important for shaping the pro-cess of coping with security requirements in agile projects, and what these strategies are. We conclude with some implications for practice and research.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
