Title :
Reducing software security risk through an integrated approach
Author :
Gilliam, David P. ; Powell, John D. ; Kelly, John C. ; Bishop, Matt
Author_Institution :
Jet Propulsion Lab., Caltech, Davis, CA, USA
Abstract :
The paper presents joint work by the California Institute of Technology´s Jet Propulsion Laboratory and the University of California at Davis (UC Davis) sponsored by the National Aeronautics and Space Administration Goddard Independent Verification and Validation Facility to develop a security assessment instrument for the software development and maintenance life cycle. The paper presents research on the generation of a software security assessment instrument to aid developers in assessing and assuring the security of software in the development and maintenance lifecycles
Keywords :
computer networks; formal verification; protocols; security of data; software maintenance; attacks; integrated approach; life cycle; mis-configurations; model checking; networked computer systems; operating systems; property-based testing; security assessment instrument; security toolset; software development; software maintenance; software security risk; unsecured links; verification; vulnerability matrix; Application software; Computer security; Instruments; National security; Programming; Propulsion; Software maintenance; Software systems; Testing; Virtual manufacturing;
Conference_Titel :
Software Engineering Workshop, 2001. Proceedings. 26th Annual NASA Goddard
Conference_Location :
Greenbelt, MD
Print_ISBN :
0-7695-1456-1
DOI :
10.1109/SEW.2001.992653
