search menu icon-carat-right cmu-wordmark

Program Manager's Guidebook for Software Assurance

December 2018 Special Report
Kenneth Nidiffer, Carol Woody, PhD, Timothy A. Chick

This guidebook helps program managers address the software assurance responsibilities critical in defending software-intensive systems, including mission threads and cybersecurity.

Publisher:

Software Engineering Institute

CMU/SEI Report Number

CMU/SEI-2018-SR-025

Abstract

The Program Manager's Guidebook for Software Assurance supports project managers who must integrate software assurance engineering activities into the acquisition lifecycle. The goal of the guidebook is to help the program manager (PM) understand and address the software assurance responsibilities critical in defending software-intensive systems. It presents actions a PM must take to ensure that software assurance is effectively addressed. These actions require an understanding of program mission threads, threat awareness, and the roles and responsibilities of members of the program office team. The guidebook objectives are aligned with (1) Enclosure 14 of Department of Defense (DoD) Instruction 5000.02, which provides policies and principles for cybersecurity in defense acquisition systems; (2) the Defense Acquisition University’s Software Assurance Course (CLE 081); (3) the DoD Integrated Defense Acquisition, Technology, and Logistics Lifecycle; and (4) the Deputy Assistant Secretary of Defense (Systems Engineering) Software Assurance Concept of Operations.