by Arlene Minkiewicz
| October 6, 2017
Check out this presentation by Dr. Ken Nidiffer of the Software Engineering Institute (SEI) at Carnegie Mellon University – presented at the STC 2017 Conference at NIST. According to NDAA 2013, Section 933 “Software assurance provides the required level of confidence that software functions as intended (and no more) and is free of vulnerabilities, either intentionally or unintentionally designed or inserted in software throughout the lifecycle.”
It was clear from this and several other presentations at the conference that the way to achieve software assurance is to integrate it thoroughly into the system acquisition lifecycle. Nidiffer detailed some of the potential challenges to accomplishing this integration:
Software is an essential part of the DoDs military power as well as the building block of modern society. According to Nidiffer, the dynamics of software is constantly in a state of flux, some of the reasons for this are …
While recognizing the importance of software assurance it is also important that decisions makers understand how much is enough in the context of each particular software- intensive system. Questions that must be considered….
Nidiffer wrapped up with the following recommendations for the software community:
This talk contains a huge amount of information on the important points to consider when thinking about software assurance – you should check it out!