Software Engineering Institute

As the use of the Internet and networked systems become more pervasive, the importance of developing secure software increases. The purpose of this technical note is to present overview information about existing processes, standards, life cycle models, frameworks, and methodologies that support or could support secure software development. Where applicable and possible, some evaluation or judgment is provided. 

The target audience for this technical note includes software engineering process group (SEPG) members, software developers, and managers seeking information about existing software development life cycle (SDLC) processes that address security.