24th June, 2014
There are various threats in the Software Environment that can be addressed for building up secure software products. Some examples of these threats to software environment are: Buffer Over Flow, Citizen Programmers, Covert channel, Malicious Software (Malware), Malformed Input Attack, Memory / Object reuse, Executable Content / Mobile Code, Social Engineering, Time of Check / Time of Use (TOC/TOU), Data-Contamination, Garbage collection, Open Source, Between-the-Lines Attack, Trapdoor / Backdoor, etc.
With regards to the CMMI model, CMMI Institute has published a new technical note authored by Siemens AG Corporate Technology, entitled Security by Design with CMMI for Development, Version 1.3: An Application Guide for Improving Processes for Secure Products. This application guide is a set of additional process areas for CMMI® (Capability Maturity Model® Integration) for Development, Version 1.3 (CMMI-DEV, V1.3) The additional process areas–Organizational Preparedness for Secure Development, Security Management in Projects, Security Requirements and Technical Solution, and Security Verification and Validation—will seamlessly integrate into the Process Management, Project Management, and Engineering process area categories of CMMI-DEV.
Previous PostWhat is the significance of Software and Systems Quality for our Young Generation and Our Nation?
Next PostWhat are the threats to software databases while building up secure software products? What are the developments in this regard with respect to CMMI Model?
Rajendra Khare (MD)
DQS Certification India Private Limited
USA Phone: 703-574-4929, 703-574-4962
Rajendra's LinkedIn Profile
Rajendra is a qualified and certified Lead Appraiser and Instructor for the following :