Reducing software security risk through an integrated approach

Author

Gilliam, David P. ; Powell, John D. ; Kelly, John C. ; Bishop, Matt

Author_Institution

Jet Propulsion Lab., Caltech, Davis, CA, USA

fYear

2001

fDate

2001

Firstpage

36

Lastpage

42

Abstract

The paper presents joint work by the California Institute of Technology´s Jet Propulsion Laboratory and the University of California at Davis (UC Davis) sponsored by the National Aeronautics and Space Administration Goddard Independent Verification and Validation Facility to develop a security assessment instrument for the software development and maintenance life cycle. The paper presents research on the generation of a software security assessment instrument to aid developers in assessing and assuring the security of software in the development and maintenance lifecycles

Keywords

computer networks; formal verification; protocols; security of data; software maintenance; attacks; integrated approach; life cycle; mis-configurations; model checking; networked computer systems; operating systems; property-based testing; security assessment instrument; security toolset; software development; software maintenance; software security risk; unsecured links; verification; vulnerability matrix; Application software; Computer security; Instruments; National security; Programming; Propulsion; Software maintenance; Software systems; Testing; Virtual manufacturing;

fLanguage

English

Publisher

ieee

Conference_Titel

Software Engineering Workshop, 2001. Proceedings. 26th Annual NASA Goddard

Conference_Location

Greenbelt, MD

Print_ISBN

0-7695-1456-1

Type

conf

DOI

10.1109/SEW.2001.992653

Filename

992653