Secure Coding Governance and Guidance
December 2009 • White Paper
In this paper, the authors propose the use of secure coding standards in the development of software for surface combatants and submarines.
Software Engineering Institute
1.1 Implements DoD policy, assigns responsibilities, and prescribes procedures for inserting the use of secure coding standards into the development of application software installed onboard surface combatants and submarines.
1.2 Promulgates governance and guidance to integrate secure coding standards into the Acquisition and Systems Engineering processes for systems as an additional element in the overall defense-in-depth architecture.
1.3 Provides Program Managers (PM) and Information Assurance Managers (IAM) with a method to reduce the IA risk from a system compromise due to internal or external malicious attack of custom built software applications.