Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Book

Cyber Security Engineering: A Practical Approach for Systems and Software Assurance

  • Abstract

    Cyber Security Engineering: A Practical Approach for Systems and Software Assurance brings together comprehensive best practices for building software systems that exhibit superior operational security, and for considering security early and throughout the full lifecycles of both system development and acquisition. Pioneering software assurance experts Dr. Nancy R. Mead and Dr. Carol C. Woody present the latest practical knowledge and case studies, demonstrating strategies and techniques that have been repeatedly proven to reduce operational problems and the need for software patching. Using these methods, any software practitioner or manager can make system and software engineering decisions that are far more likely to achieve appropriate operational results.
    Drawing on their pioneering work at the Software Engineering Institute (SEI) and Carnegie Mellon University, the authors introduce seven core principles of software assurance, and demonstrate how to apply them through all four key areas of cybersecurity engineering:

    • Security and Software Assurance Engineering
    • Security and Software Assurance Management
    • Security and Software Assurance Measurement and Analysis
    • Software Assurance Education and Competencies

    For each area, Mead and Woody present key standards, methods, services, tools, and best practices, illuminating these with relevant examples, references to research results, and additional resources. Each area's content is organized to demonstrate how all seven crucial software assurance principles can be addressed coherently and systematically. The authors complement their recommendations with deep insight into why they make sense, and practical guidance on determining whether each action is being performed successfully.
     

     

Cite This Book

BibTex

@book{MeadCyberSecurity2016,
title = {Cyber Security Engineering: A Practical Approach for Systems and Software Assurance},
author={Nancy Mead and Carol Woody},
year={2016},
publisher={Addison-Wesley Professional},
}