• DocumentCode
    2065974
  • Title

    Software security checklist for the software life cycle

  • Author

    Gilliam, David P. ; Wolfe, Thomas L. ; Sherif, Josef S. ; Bishop, Matt

  • Author_Institution
    Jet Propulsion Lab., California Inst. of Technol., CA, USA
  • fYear
    2003
  • fDate
    9-11 June 2003
  • Firstpage
    243
  • Lastpage
    248
  • Abstract
    A formal approach to security in the software life cycle is essential to protect corporate resources. However, little thought has been given to this aspect of software development. Traditionally, software security has been treated as an afterthought leading to a cycle of ´penetrate and patch.´ Due to its criticality, security should be integrated as a formal approach in the software life cycle. Both a software security checklist and assessment tools should be incorporated into this life cycle process. The current research at JPL addresses both of these areas through the development of a Software Security Assessment Instrument (SSAI). This paper focuses on the development of a Software Security Checklist (SSC) for the life cycle. It includes the critical areas of requirements gathering and specification, design and code issues, and maintenance and decommissioning of software and systems.
  • Keywords
    formal specification; security of data; software development management; software engineering; software code issues; software decommisioning; software design; software development; software life cycle; software maintenance; software security assessment instrument; software security checklist; software specification; systems code issues; systems decommisioning; systems design; systems maintenance; systems specification; Collaborative software; Instruments; Programming; Protection; Security; Software maintenance; Software safety; Software systems; Software testing; Software tools;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003. WET ICE 2003. Proceedings. Twelfth IEEE International Workshops on
  • ISSN
    1080-1383
  • Print_ISBN
    0-7695-1963-6
  • Type

    conf

  • DOI
    10.1109/ENABL.2003.1231415
  • Filename
    1231415
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2065974