Formality, Agility, Security, and Evolution in Software Development Cody Ronning 2/16/2015

Outline Introduction Challenges of software development Formal methods Agile methods Formal agility Security Evolution Conclusions 2

Introduction KU MSIT student Software engineer at Garmin Father of 3 (4) 3

Outline Introduction Challenges of software development Formal methods Agile methods Formal agility Security Evolution Conclusions 4

Challenges of software development Easy or hard? Easy when small, working alone When the project, code base, number of contributors increase -> HARD 5

Challenges of software development Complex systems Requirement changes Deadlines Task switching Changing priorities External dependencies 6

Preparing for complexity & change Experienced software engineer Software engineering approaches – Modularization – Abstraction – Object orientation Most important – Need Structure 7

Structure Formal methods Agile methodology FM & AM combined 8

Outline Introduction Challenges of software development Formal methods Agile methods Formal agility Security Evolution Conclusions 9

Formal methods Mathematical approach to software development from the requirements specification onward Important when safety and security are important Can be used to derive a proof (great cost) 10

Aspects of formal methods Create models before coding Use modeling language with fixed grammar – Analogous to converting a word problem into algebraic notation Framework for rigorous testing 11

Teaching formal methods Learning to read formal specification easier than writing them Reading is necessary for entire team Writing formal requirements require highly trained people 12

Outline Introduction Challenges of software development Formal methods Agile methods Formal agility Security Evolution Conclusions 13

Agile methodology True agile – Many teams claiming to do agile software development are only adopting Scrum for project management – True agile is formally defined TDD Refactoring Pair programming Simple design 14

Agile development Individuals and interactions over process and tools Rapid response to change Requirements and solution evolve together over time 15

Agile development Individuals and interactions over process and tools – The most important resource is the people Produce better work More committed to the project 16

Agile development Rapid response to change – Quick (next sprint) changes based on customer feedback 17

Agile development Requirements and solution evolve together over time – Documentation comes from story planning and development 18

Outline Introduction Challenges of software development Formal methods Agile methods Formal agility Security Evolution Conclusions 19

Formal agility Contrasting model? Use modern tools for re-proof when system is changed – RODIN – Alloy Analyzer Agile developers can benefit from training in formal methods 20

Friends not foes Formal methods can’t be avoided – Programming languages have formal semantics – Coding standards are language subsets Tools within IDEs have analysis tools that run in the background Add value to agile as a sanity check and safety net 21

Formal agile development Individuals and interactions over process and tools – Once you have the right people tools and processes are still important – Most will benefit from tools and processes that embody wisdom gained by previous projects 22

Formal agile development Rapid response to change – Formal methods help form better basis for predicting consequences of major change – When models are adjusted the associated verification also needs to be redone 23

Formal agile development Requirements and solution evolve together over time – Ok for smaller shorter projects, especially internal ones – Multi-year, multi-team, large scale projects benefit from well defined models to avoid renegotiations 24

Formality adds value to agile Testing Requirements Refactoring Documentation 25

Outline Introduction Challenges of software development Formal methods Agile methods Formal agility Security Evolution Conclusions 26

Security Agile development focuses on user stories – Provide “happy path” for testing Security preparation is generally not part of the backlog – Stories are to satisfy the customer – Prioritize primary business value first 27

Adding security to agile Evil stories – Describe functionality that an attacker would be able to exploit – Development becomes two dimensional Implement user stories Avoid implementing evil stories Protection poker – Security risks are quantified by the agile team 28

Adding security to agile Agile principles to propagate security knowledge – Pair programming – Certification – Mandating security review in each sprints retrospective 29

Adding security to agile Microsoft Secure Development Lifecycle (SDL) Agile categories – Every sprint Running automated security-analysis tools Updating threat model – Bucket requirements Response planning – One-time requirements Base-line threat model 30

Outline Introduction Challenges of software development Formal methods Agile methods Formal agility Security Evolution Conclusions 31

Software evolution Real software systems continually evolve (or die) – New requirements – New functionalities 32

Software evolution Start with formal specification Iterate with new ideas 33

Formal software evolution Project made from formal definition evolve better – New/different people working on maintenance project – Questions of design or regressions 34

Outline Introduction Challenges of software development Formal methods Agile methods Formal agility Security Evolution Conclusions 35

Conclusions Agile and formal methods can be friends Project types dictate what part of any methodology is chosen 36

References Bowen, J., Hinchey, M., Janicke, H., Ward, M., & Zedan, H. (2014, Oct). Formality, Agility, Security, and Evolution in Software Development. Computer, IEEE, 47(10), Black, S.; Boca, P.P.; Bowen, J.P.; Gorman, J.; Hinchey, M., "Formal Versus Agile: Survival of the Fittest," Computer, vol.42, no.9, pp.37,45, Sept P.G. Larsen, J. Fitzgerald, and S. Wolff, “Are Formal Methods Ready for Agility? A Reality Check,” Proc. 2nd Int’l Workshop Formal Methods and Agile Methods (FM+AM 10), vol. P-179, 2010, pp. 13–25. 37

Formality, Agility, Security, and Evolution in Software Development Thank you for your time Questions and feedback are welcome 38