Last edited by Arashigami
Tuesday, May 19, 2020 | History

5 edition of A framework for the development and assurance of high integrity software found in the catalog.

A framework for the development and assurance of high integrity software

Dolores R. Wallace

A framework for the development and assurance of high integrity software

by Dolores R. Wallace

  • 352 Want to read
  • 24 Currently reading

Published by U.S. Dept. of Commerce, Technology Administration, National Institute of Standards and Technology, For sale by the Supt. of Docs., U.S. G.P.O. in Gaithersburg, MD, Washington .
Written in English

    Subjects:
  • Computer software -- Reliability

  • Edition Notes

    StatementDolores R. Wallace, Laura M. Ippolito
    SeriesNIST special publication -- 500-223. -- Computer systems technology, NIST special publication -- 500-223, NIST special publication
    ContributionsIppolito, Laura M, National Institute of Standards and Technology (U.S.)
    The Physical Object
    FormatMicroform
    Paginationxiv, 67 p.
    Number of Pages67
    ID Numbers
    Open LibraryOL13618087M
    OCLC/WorldCa32555352

      This white paper recommends a core set of high-level secure software development practices, called a secure software development framework (SSDF), to be added to each SDLC implementation. The paper facilitates communications about secure software development practices amongst business owners, software developers, and cybersecurity professionals Author: Donna Dodson, Murugiah Souppaya, Karen Scarfone. Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization. The model is also sometimes referred to as the AIC triad (availability, integrity and confidentiality) to avoid confusion with the Central Intelligence Agency.

    Development and operations should be tightly integrated to enable fast and continuous delivery of value to end users. Find out how. Explore the Microsoft Secure DevOps practices. The Microsoft SDL introduces security and privacy considerations throughout all phases of the development process, helping developers build highly secure software. organization.” An assurance framework is a structured means of identifying and mapping the main sources of assurance in an organisation, and co-ordinating them to best effect. Assurance mapping is a mechanism for linking assurances from various sources to the risks that threaten the achievement of an organisation’s outcomes and Size: 2MB.

    Internal Control—Integrated Framework This Executive Summary, provides a high-level overview intended for the board of directors, chief executive officer, and other senior management. The Framework and Appendices publication sets out the Framework, defining internal control, describingFile Size: KB. The purpose of NIST Special Publication and A is to provide guidelines for selecting and specifying security controls and assessment procedures to verify compliance. A full listing of Assessment Procedures can be found here. I-Assure has created Artifact templates based on the NIST Control Subject Areas to provide.


Share this book
You might also like
Rules for railway location

Rules for railway location

Dan Marino, Joe Montana

Dan Marino, Joe Montana

The other brother

The other brother

Stackwood volume estimations for miombo woodlands in Malawi

Stackwood volume estimations for miombo woodlands in Malawi

Money-orders for small sums.

Money-orders for small sums.

Simon Bloom, the Order of Chaos

Simon Bloom, the Order of Chaos

Small molecular immunomodifiers of microbial origin

Small molecular immunomodifiers of microbial origin

The state of innocence, and fall of man

The state of innocence, and fall of man

An introduction to the French poets

An introduction to the French poets

Perceptions and reactions of prison inmates to two therapeutic communities.

Perceptions and reactions of prison inmates to two therapeutic communities.

A framework for the development and assurance of high integrity software by Dolores R. Wallace Download PDF EPUB FB2

A Framework for the Development and Assurance of High Integrity Software. Published. December 1, Author(s) D Wallace, L M. Ippolito. Citation. Special Publication (NIST SP) - Report Number.

NIST Pub Series. Special Publication (NIST SP) Pub by: 9. Framework For The Development And Assurance Of High Integrity Software by Dolores R. Wallace (Author), Laura M. Ippolito (Author)Author: Dolores R. Wallace. Get this from a library.

A framework for the development and assurance of high integrity software. [Dolores R Wallace; Laura M Ippolito].

This banner text can have markup. web; books; video; audio; software; images; Toggle navigation. A framework for the development and assurance of high integrity software Author: Dolores R Wallace ; Laura M Ippolito ; National Institute of Standards and Technology (U.S.).

The NIST High Integrity Software System Assurance (HISSA) program is the NIST internal program that includes development of technical products in software engineering, work performed on contracts with other agencies, organization of the NIST High Integrity System Lecture series, organization of the annual COMPASS conference, and other tasks in Cited by: 1.

system development where high integrity is demanded. The more rigorous modeling approaches support simulation and code generation, but have limited support for automated test generation.

To address this need, the Test Automation Framework (TAF) approach for model-based analysis and test automation was developed.

Model-Based Design for High Integrity Software Development Agenda Development and V&V of the Model Building a Model from Requirements – Introduction to Simulink Traceability of a Model to Requirements – Using the Requirements Management Interface – The Requirements Report Conformance to Modeling Standards – Using the Model Advisor.

• IT quality assurance personnel, who test and ensure the integrity of the IT systems and data • Information system auditors, who audit IT systems • IT consultants, who support clients in risk management.

RELATED REFERENCES This guide is based on the general concepts presented in National Institute of Standards and.

Model-Based Design for High Integrity Software Development Mike Anthony Senior Application Engineer The MathWorks, Inc. Tucson, AZ USA. 1 ® ® Model-Based Design for High Integrity Software Development Agenda Development and V&V of the Model Building a Model from Requirements Introduction to Simulink.

such architecture, we propose IntegrityMR, an integrity assurance framework for big data analytics and management applications.

We explore the result integrity check techniques at two alternative software layers: the MapReduce task layer and. ls ownership at a high­enough level to enact change; and are tasks aligned to realize benefits. Implementation methodology Data Quality: has the data been successfully migrated such that it is accurate, robust and in a usable formal.

lnterfaces: has management implemented appropriate processes to flow data from one system to the nextFile Size: KB. Integrity in software development Integrity in software development Neumann, Peter G.

Inside Peter G. Neumann Integrity in Software Development I n the September Inside Risks, David Parnas made a compelling case for defining the core body of software knowledge, evaluating the curricula, and licensing software practitioners the same. a software product during its sourcing, development and distribution.

The software integrity controls discussed in the papers a reused by majorsoftware vendorsto add ss the isk thatins e cu rp ocess s, ora motivated attack r, ould undermine the security of a software product as it moves through the links in the global supply chain. The controlsFile Size: 1MB. A Matter of Integrity: Tools That Deliver Software Assurance Go Mainstream By: Paula Bernier (News - Alert) The failure of the levees in New Orleans and the collapse of the IW bridge in Minneapolis gave many of us a greater appreciation for the importance of ensuring vital infrastructure is sound.

The standards and principles in this document, commonly referred to as Quality Standards for Investigations (QSI), provide a framework for conducting high-quality investigations for Offices of Inspector General (OIGs) affiliated with the Council of the Inspectors General on Integrity and Efficiency (CIGIE).File Size: KB.

Development of Security Software: A High Assurance Methodology The order in which we specify different aspects of the system matters. We usually start in the middle. That is, think first about the primary activity of the system when everything is working correctly.

Define important data structures, introducing given. In high-integrity systems a rising portion of software assets and development activities address quality and conformance issues in several non-functional dimensions. Software Assurance: An Overview of Current Industry Best Practices.

The report outlines the secure development methods and integrity controls currently used by SAFECode members to deliver high-assurance systems to government and commercial customers. The Integrity Framework is a systemic and comprehensive approach based on decades of research and data analysis.

It brings together instruments, processes, and structures for fostering integrity and preventing corruption in public organisations.

The Integrity Framework File Size: KB. Problems with Software Process Assurance Prescribed processes do not necessarily lead to achievement of a specific level of integrity Poor correlation between prescribed techniques and failure rate Implicit belief in ‘risk reduction’ Note –more generally we have the problem of software .The revision of Government Auditing Standards is effective for financial audits, attestation engagements, and reviews of financial document can be accessed on GAO’s Yellow Book web page at framework for performing high-quality audit work with competence, integrity, objectivity, and independence to provide accountability and to.

Software developed for high-integrity systems was often required to be written in Ada. In some industries, this requirement has recently been lifted and C is either being used or strongly considered for some next- generation safety-critical development overall objective of this paper isCited by: 1.