A Process Standard for System Security Engineering: Development Experiences and Pilot Results
نویسنده
چکیده
The Systems Security Engineering Capability Maturity ModelsM (SSE-CMMsM) describes the essential characteristics of an organization's security engineering process. The standard was developed by a unique government-industry consortium of leading security providers and acquirers. This paper summarizes the model and presents lessons learned in the model Is development and from pilot appraisals.
منابع مشابه
Risk-Driven Security Metrics in Agile Software Development - An Industrial Pilot Study
The need for effective and efficient information security solutions is steadily increasing in the software industry. Software and system developers require practical and systematic approaches to obtain sufficient and credible evidence of the security level in the system under development in order to guide their efforts and ensure the efficient use of resources. We present experiences of develop...
متن کاملNational Food and Nutrition Security System (SAMAT), A Tool for Identifying and Monitoring Food Insecurity in the Country
Background and objectives: Iran was reported in the high-risk group of World Food Security Map in 2008 .Identifying food insecurity is first step for executing interventions. Measuring household food security is its cornerstone. SAMAT System was designed to provide a variety of GIS-based reports to policy makers and managers in the field of food security. Methods and Materials: SAMAT system wa...
متن کاملModeling and development of a decision support system for supplier selection in the process industry
This paper presents the development of a model based decision support system with a case study on solving the supplier selection problem in a chemical processing industry. For the evaluation and selection of supplier, the analytical hierarchy process (AHP) and grey relational analysis (GRA) were used. The intention of the study is to propose an appropriate platform for process industries in ...
متن کاملCurriculum for Modeling Security: Experiences and Lessons Learned
The need to develop secure software systems is well recognized by academics and industrialists alike. Current software systems contain sensitive information and therefore it is important that considerable efforts are made to secure such information. To improve the security of software systems, recent research has identified that security analysis should be integrated into software engineering t...
متن کاملMitigating Information Security Risks by Increasing User Security Awareness: A Case Study of an Information Security Awareness System
Organizations that lack security awareness can miss detecting many obvious security risks such as Trojans, phishing, viruses, and intellectual property theft in their daily activities. This lack of awareness can render sophisticated Internet security technologies useless and expose the organization to enormous risks. This paper adopts the systems development research methodology to investigate ...
متن کامل