Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Technical Note

Process Improvement Should Link to Security: SEPG 2007 Security Track Recap

  • September 2007
  • By Carol Woody
  • In this document, Carol Woody summarizes the content shared at the 2007 SEPG conference and steps underway toward ties between security and process improvement.
  • Cyber Risk and Resilience Management
  • Publisher: Software Engineering Institute
  • Abstract

    Security is a very visible issue these days for software. New software products are continuously reported to be vulnerable to attack and compromise; organizations must support an expensive unending update-and-upgrade cycle. Process improvement has been proposed as a mechanism for addressing security challenges, but the Capability Maturity Model Integration (CMMI) approach does not specifically address security, so the linkages for the Software Engineering Process Group (SEPG) community are unclear. The security track at the SEPG 2007 conference was developed to provide a forum for identifying the appropriate ties between process improvement and security. This document summarizes the content shared at the conference and identifies several subsequent steps underway toward strengthening those ties.

  • Download

Cite This Report

SEI

Woody, Carol. Process Improvement Should Link to Security: SEPG 2007 Security Track Recap (CMU/SEI-2007-TN-025). Software Engineering Institute, Carnegie Mellon University, 2007. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=8261

IEEE

Woody. Carol, "Process Improvement Should Link to Security: SEPG 2007 Security Track Recap," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Note CMU/SEI-2007-TN-025, 2007. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=8261

APA

Woody, Carol. (2007). Process Improvement Should Link to Security: SEPG 2007 Security Track Recap (CMU/SEI-2007-TN-025). Retrieved December 20, 2014, from the Software Engineering Institute, Carnegie Mellon University website: http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=8261

CHI

Carol Woody. Process Improvement Should Link to Security: SEPG 2007 Security Track Recap (CMU/SEI-2007-TN-025). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2007. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=8261

MLA

Woody, Carol. 2007. Process Improvement Should Link to Security: SEPG 2007 Security Track Recap (Technical Report CMU/SEI-2007-TN-025). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=8261