search menu icon-carat-right cmu-wordmark

Strengthening Ties Between Process and Security

July 2013 White Paper
Carol Woody

In this paper, Carol Woody summarizes recent key accomplishments, including harmonizing security practices with CMMI and using assurance cases.

Publisher:

CERT

Abstract

A growing recognition of the importance of security throughout the life cycle has led to new initiatives strengthening ties for security within the SDLC. The role of process in support of security must also be expanded across the full life cycle. Progress has been made in linking security, the SDLC, and process improvement. This article summarizes recent key accomplishments, including an industry-led initiative to harmonize security practices with CMMI, the use of assurance cases, and NIST security considerations in the SDLC.