InfoQ Homepage News Security and Reliability Techniques Revealed for Agile Teams

Security and Reliability Techniques Revealed for Agile Teams


Agile methods typically do not explicitly address security and reliability, yet these are issues which are often critical to your success.  Cliff Berg, author of High Assurance Design, and myself wrote a feature article for the July issue of Dr. Dobb's Journal describing how assurance issues can be properly addressed on agile software development projects while still remaining agile.  The article describes the need for agile architecture, design, and documentation.  It then describes a collection of practices for agile assurance:

  • Create the minimal design that is necessary at the time.
  • Maintain only those parts of the design that need to be maintained to satisfy the mission of the application—Update Only When It Hurts.
  • Define success criteria—tests—that the design must meet from the beginning, in a manner analogous to test-driven development (TDD), and require the design to be "tested" with each build of the system.
  • When a requirement cannot be effectively verified using execution tests, use the design (not the code) as the focus of evidence of correctness and completeness.
  • Ensure that requirements that are collected include assurance objectives.
  • Use TDD and other techniques to continually verify compliance of the implementation with ongoing design (along the lines of AMDD) as well as with requirements.
  • Augment TDD with randomized testing to empirically assess actual assurance.

Rate this Article


Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p


Is your profile up-to-date? Please take a moment to review and update.

Note: If updating/changing your email, a validation request will be sent

Company name:
Company role:
Company size:
You will be sent an email to validate the new email address. This pop-up will close itself in a few moments.