Security Debt: Characteristics, Product Life-Cycle Integration and Items

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Citation (Scopus)

Abstract

Industries from very diverse domains are realising that security should not be treated in a reactive way (e.g., once the cyberattack has happened). This way, security-related requirements and risks need to be continuously managed, and the need of integrating technical measures should be continuously assessed. In some cases, some decisions led, intentionally or unintentionally, to debt related to security aspects. This security debt is thus incurred when limited approaches or solutions are applied to reach the expected security levels of the system in operation. Identifying and making explicit security debt items is a challenge for companies. In this work, we analyse the literature on security debt to provide initial insights on the topic. Concretely, we discuss its definition, identify its most salient characteristics, present approaches for integrating its management in the product life-cycle, and to present categories and examples of security debt items.

Original languageEnglish
Title of host publicationProceedings - 2021 IEEE/ACM International Conference on Technical Debt, TechDebt 2021
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1-5
Number of pages5
ISBN (Electronic)9781665414050
DOIs
Publication statusPublished - May 2021
Event4th IEEE/ACM International Conference on Technical Debt, TechDebt 2021 - Virtual, Online, Spain
Duration: 19 May 202121 May 2021

Publication series

NameProceedings - 2021 IEEE/ACM International Conference on Technical Debt, TechDebt 2021

Conference

Conference4th IEEE/ACM International Conference on Technical Debt, TechDebt 2021
Country/TerritorySpain
CityVirtual, Online
Period19/05/2121/05/21

Keywords

  • security
  • security debt
  • technical debt

Fingerprint

Dive into the research topics of 'Security Debt: Characteristics, Product Life-Cycle Integration and Items'. Together they form a unique fingerprint.

Cite this