Challenges and Experiences with Applying Microsoft Threat Modeling in Agile Development Projects
Journal article, Peer reviewed
MetadataShow full item record
The goal of secure software engineering is to create software that keeps performing as intended even when exposed to attacks. Threat modeling is considered to be a key activity, but can be challenging to perform for developers, and even more so in agile software development. Hence, threat modeling has not seen widespread use in agile software projects. The goal of this paper is to investigate the challenges facing adoption of threat modeling using the Microsoft approach with STRIDE. We performed a case study in a company comprising five agile development projects. We identified 21 challenges to threat modeling that emerged from our observations. We then mapped these challenges to challenges found in the literature. Some challenges overlap the findings from the literature; the extra challenges we have found in our exploratory study came mostly from the activities of asset identification and also from our observations on what happened after the threat modeling meetings. This study shows that we still have to address many challenges in order to get a proper adoption of threat modeling in agile development projects.
© 2018 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.