Security Debt: Characteristics, Product Life-Cycle Integrations and Items (TechDebt 2021 - Technical Papers)

Who

Jabier Martinez, Nuria Quintano, Alejandra Ruiz, Izaskun Santamaria, Iker Martinez de Soria, José Arias

Track

TechDebt 2021 Technical Papers

Time Zone

The program is currently displayed in (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna.

Use conference time zone: (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, ViennaSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Wed 19 May 2021 17:40 - 17:50 at TechDebt Room - TD Characteristics and Contexts Chair(s): Apostolos Ampatzoglou

Abstract

Industries from very diverse domains are realising that security should not be treated in a reactive way (e.g., once the cyberattack has happened). This way, security-related requirements and risks need to be continuously managed, and the need of integrating technical measures should be continuously assessed. In some cases, some decisions led, intentionally or unintentionally, to debt related to security aspects. This security debt is thus incurred when limited approaches or solutions are applied to reach the expected security levels of the system in operation. Identifying and making explicit security debt items is a challenge for companies. In this work, we analyse the literature on security debt to provide initial insights on the topic. Concretely, we discuss its definition, identify its most salient characteristics, present approaches for integrating its management in the product life-cycle, and to present categories and examples of security debt items.

Link to Preprint

https://zenodo.org/record/4629703

Jabier Martinez

Tecnalia

Spain

Nuria Quintano

Tecnalia

Spain

Alejandra Ruiz

Tecnalia

Spain

Izaskun Santamaria

Tecnalia

Spain

Iker Martinez de Soria

Tecnalia

Spain

José Arias

Tecnalia

Spain

Media

Time Zone

The program is currently displayed in (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna.

Use conference time zone: (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, ViennaSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Wed 19 May
Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

17:00 - 17:50	TD Characteristics and ContextsTechnical Papers at TechDebt Room Chair(s): Apostolos Ampatzoglou University of Macedonia

17:00 20m Full-paper		Frequency and Impact of Technical Debt Characteristics in Companies Producing Mechatronic Products Technical Papers Fandi Bi Technical University of Munich, Birgit Vogel-Heuser Karlsruhe Institute of Technology, Litong Xu Pre-print Media Attached File Attached
17:20 20m Full-paper		Impact of Opportunistic Reuse Practices to Technical Debt Technical Papers Rafael Capilla Universidad Rey Juan Carlos, Tommi Mikkonen University of Helsinki, Carlos Carrillo Technical University of Madrid, Francesca Arcelli Fontana University of Milano - Bicocca, Ilaria Pigazzini University of Milano-Bicocca, Valentina Lenarduzzi LUT University Media Attached File Attached
17:40 10m Short-paper		Security Debt: Characteristics, Product Life-Cycle Integrations and Items Technical Papers Jabier Martinez Tecnalia, Nuria Quintano Tecnalia, Alejandra Ruiz Tecnalia, Izaskun Santamaria Tecnalia, Iker Martinez de Soria Tecnalia, José Arias Tecnalia Pre-print Media Attached

Information for Participants

Wed 19 May 2021 17:00 - 17:50 at TechDebt Room - TD Characteristics and Contexts Chair(s): Apostolos Ampatzoglou

Info for room TechDebt Room:

Go directly to this room on Clowdr