Advanced Search

Content Type

Topics

Publication Date

COTS in the Real World: A Case Study in Risk Discovery and Repair

  • Author(s): ,
  • Publish Date:
  • Publisher: Software Engineering Institute
  • SEI Identifier: CMU/SEI-99-TN-003
  • Type: Technical Note
  • Topics: System of Systems
  • Description: This report describes the investigations that were performed to determine how well selected commercial components met the mission needs of a DoD project.

Abstract

Like many organizations in both the public and private sectors, the U.S. Department of Defense (DoD) is committed to a policy of using commercial off-the-shelf (COTS) components in new systems, particularly information systems. However, the DoD also has a long-standing set of security needs for its systems, and the pressure to adopt COTS components can come into conflict with those security constraints. The major elements of this conflict are the DoD's overall approach to system security on one hand and the economic forces that drive the component industry on the other. As DoD managers and system integrators look to the COTS marketplace for components to satisfy more security requirements, this conflict becomes more prominent. In this report, we describe an actual product evaluation where just such a conflict occurred, examine why that conflict exists, and outline the corrective steps that were taken.

Cite This Report

Show Citation Formats

SEI

Hissam, Scott; & Plakosh, Daniel. COTS in the Real World: A Case Study in Risk Discovery and Repair (CMU/SEI-99-TN-003). Software Engineering Institute, Carnegie Mellon University, 1999. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=13255

IEEE

Hissam. Scott, and Plakosh. Daniel, "COTS in the Real World: A Case Study in Risk Discovery and Repair," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Note CMU/SEI-99-TN-003, 1999. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=13255

APA

Hissam, Scott., & Plakosh, Daniel. (1999). COTS in the Real World: A Case Study in Risk Discovery and Repair (CMU/SEI-99-TN-003). Retrieved July 28, 2014, from the Software Engineering Institute, Carnegie Mellon University website: http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=13255

CHI

Scott Hissam, & Daniel Plakosh. COTS in the Real World: A Case Study in Risk Discovery and Repair (CMU/SEI-99-TN-003). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 1999. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=13255

MLA

Hissam, Scott., & Plakosh, Daniel. 1999. COTS in the Real World: A Case Study in Risk Discovery and Repair (Technical Report CMU/SEI-99-TN-003). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=13255