Building Assured Systems Framework (BASF) Overview
September 2011 • CERT Research Report
In this section of the research report, the authors explain the benefits of investing in building assured systems.
Software Engineering Institute
There is no single, recognized framework to organize research and practice areas focused on building assured systems (BAS). Sponsors of the CERT Program's research could use such a framework to help address the following challenges, including customer "pain points" and general research problems:
- How do I decide which security methods fit into a specific life-cycle activity?
- How do I know if a specific security method is sufficiently mature for me to use on my projects?
- When should I take a chance on a security research approach that has not been widely used?
- What actions can I take when I have no approach or method for prioritizing and selecting new research or when promising research appears to be unrelated to other research in the field?
Such a framework could also help organize CERT research