Dan Shoemaker (University of Detroit Mercy)
University of Detroit Mercy
Publications by Dan Shoemaker (University of Detroit Mercy)
-
Model-Based Engineering for Supply Chain Risk Management
September 01, 2015 • Article
Dan Shoemaker (University of Detroit Mercy)Carol Woody
In this article, the authors discuss how model-based engineering (MBE) offers a means to design, develop, analyze, and maintain a complex system architecture.
read -
Software Assurance
May 07, 2014 • Book Chapter
Nancy R. MeadDan Shoemaker (University of Detroit Mercy)Carol Woody
In this book chapter, the authors discuss modern principles of software assurance and identify a number of relevant process models, frameworks, and best practices.
read -
Foundations for Software Assurance
December 16, 2013 • White Paper
Carol WoodyNancy R. MeadDan Shoemaker (University of Detroit Mercy)
In this paper, the authors highlight efforts to address the principles of software assurance and its educational curriculum.
read -
Software Assurance Measurement – State of the Practice
November 29, 2013 • Technical Note
Dan Shoemaker (University of Detroit Mercy)Nancy R. Mead
In this report, the authors describe the current state of the practice and emerging trends in software assurance measurement.
read -
Teaching Security Requirements Engineering Using SQUARE
July 31, 2013 • White Paper
Dan Shoemaker (University of Detroit Mercy)Jeff Ingalsbe (University of Detroit Mercy)Nancy R. Mead
In this paper, the authors detail the validation of a teaching model for security requirements engineering that ensures that security is built into software.
read -
Building Security into the Business Acquisition Process
July 02, 2013 • White Paper
Dan Shoemaker (University of Detroit Mercy)
In this paper, Dan Shoemaker presents the standard process for acquiring software products and services in business.
read -
Finding a Vendor You Can Trust in the Global Marketplace
July 02, 2013 • White Paper
Art ConklinDan Shoemaker (University of Detroit Mercy)
In this paper, the authors introduce the concept of standardized third-party certification of supplier process capability.
read -
Integrating Software Assurance Knowledge into Conventional Curricula
May 23, 2013 • White Paper
Dan Shoemaker (University of Detroit Mercy)Jeff Ingalsbe (University of Detroit Mercy)Nancy R. Mead
In this paper, the authors discuss the results of comparing the Common Body of Knowledge for Secure Software Assurance with traditional computing disciplines.
read -
Individual Certification of Security Proficiency for Software Professionals: Where Are We? Where Are We Going?
May 21, 2013 • White Paper
Dan Shoemaker (University of Detroit Mercy)
In this paper, Dan Shoemaker describes existing professional certifications in information assurance and emerging certifications for secure software assurance.
read -
Models for Assessing the Cost and Value of Software Assurance
May 21, 2013 • White Paper
Antonio DrommiDan Shoemaker (University of Detroit Mercy)Jeff Ingalsbe (University of Detroit Mercy)
In this paper, the authors present IT valuation models that represent the most commonly accepted approaches to the valuation of IT and IT processes.
read -
Defining the Discipline of Secure Software Assurance: Initial Findings from the National Software Assurance Repository
May 21, 2013 • White Paper
Dan Shoemaker (University of Detroit Mercy)Jeff Ingalsbe (University of Detroit Mercy)Nancy R. Mead
In this paper, the authors characterize the current state of secure software assurance work and suggest future directions.
read -
The Software Assurance Competency Model: A Roadmap to Enhance Individual Professional Capability
May 16, 2013 • White Paper
Nancy R. MeadDan Shoemaker (University of Detroit Mercy)
In this paper, the authors describe a software assurance competency model that can be used by professionals to improve their software assurance skills.
read -
Building a Body of Knowledge for ICT Supply Chain Risk Management
May 16, 2013 • White Paper
Dan Shoemaker (University of Detroit Mercy)Nancy R. Mead
In this paper, the authors propose a set of Supply Chain Risk Management (SCRM) activities and practices for Information and Communication Technologies (ICT).
read -
Getting Secure Software Assurance Knowledge into Conventional Practice
May 14, 2013 • White Paper
Dan Shoemaker (University of Detroit Mercy)Nancy R. Mead
In this paper, the authors describe three educational initiatives in support of software assurance education.
read -
A Common Sense Way to Make the Business Case for Software Assurance
May 14, 2013 • White Paper
Antonio DrommiDan Shoemaker (University of Detroit Mercy)Jeff Ingalsbe (University of Detroit Mercy)
In this article, the authors demonstrate how a true cost/benefit for secure software can be derived.
read -
Two Nationally Sponsored Initiatives for Disseminating Assurance Knowledge
May 14, 2013 • White Paper
Dan Shoemaker (University of Detroit Mercy)Nancy R. Mead
In this paper, the authors describe two efforts that support national cybersecurity education goals.
read -
Foundations for Software Assurance
May 14, 2013 • White Paper
Carol WoodyDan Shoemaker (University of Detroit Mercy)Nancy R. Mead
In this paper, the authors highlight efforts underway to address our society's growing dependence on software and the need for effective software assurance.
read -
It’s a Nice Idea but How Do We Get Anyone to Practice It? A Staged Model for Increasing Organizational Capability in Software Assurance
May 13, 2013 • White Paper
Dan Shoemaker (University of Detroit Mercy)
In this paper, Dan Shoemaker presents a standard approach to increasing the security capability of a typical IT function.
read -
Guest Editorial Preface for 2013 Special Issue of the International Journal of Secure Software Engineering
January 01, 2013 • Article
Nancy R. MeadIvan Flechais (University of Oxford)Dan Shoemaker (University of Detroit Mercy)
In this preface, the guest editors of this special edition provide a context for the articles that comprise the issue.
read -
Principles and Measurement Models for Software Assurance
January 01, 2013 • Book Chapter
Nancy R. MeadDan Shoemaker (University of Detroit Mercy)Carol Woody
In this book chapter, the authors present a measurement model with seven principles that capture the fundamental managerial and technical concerns of development and sustainment.
read -
Integrating the Master of Software Assurance Reference Curriculum into the Model Curriculum and Guidelines for Graduate Degree Programs in Information Systems
February 01, 2011 • Technical Note
Dan Shoemaker (University of Detroit Mercy)Nancy R. MeadJeff Ingalsbe (University of Detroit Mercy)
In this report, the authors examine how the Master of Software Assurance Reference Curriculum can be used for a Master of Science in Information Systems.
read -
Secure Software Management Course Material
November 30, 2010 • Educational Material
Dan Shoemaker (University of Detroit Mercy)
This course teaches the fundamental organizing principles and control techniques delineated by the ISO/IEEE 12207 and the ISO 15288 standards.
read -
Guest Editorial Preface for 2010 Special Issue on Software Security Engineering Education
October 01, 2010 • Article
Nancy R. MeadDan Shoemaker (University of Detroit Mercy)
In this preface, the authors describe the rest of the issue, which discusses how to bring software security education to the mainstream.
read -
Workshop: How to Get Started in Software Assurance Education
February 08, 2010 • Conference Paper
Nancy R. MeadDan Shoemaker (University of Detroit Mercy)
In this workshop, software assurance education is introduced to faculty who are interested in adding these concepts to existing and new educational programs.
read -
Making the Business Case for Software Assurance
April 01, 2009 • Special Report
Nancy R. MeadJulia H. AllenW. Arthur Conklin
In this report, the authors provide advice for those making a business case for building software assurance into software products during software development.
read -
Novel Methods of Incorporating Security Requirements Engineering into Software Engineering Courses
January 01, 2009 • Book Chapter
Nancy R. MeadDan Shoemaker (University of Detroit Mercy)
In this book chapter, the authors describe methods of incorporating security requirements engineering into software engineering courses and curricula.
read