Cyber security engineering, a practical approach for systems and software assurance, Nancy R. Mead, Carol C. Woody
Type
Label
Cyber security engineering, a practical approach for systems and software assurance, Nancy R. Mead, Carol C. Woody
Language
eng
Bibliography note
Includes bibliographical references and index
Illustrations
illustrations
Index
index present
Literary Form
non fiction
Main title
Cyber security engineering
Nature of contents
bibliographydictionaries
Oclc number
1964633680
Responsibility statement
Nancy R. Mead, Carol C. Woody
Series statement
SEI series in software engineering
Sub title
a practical approach for systems and software assurance
Summary
Cyber Security Engineering is the definitive modern reference and tutorial on the full range of capabilities associated with modern cyber security engineering. Pioneering software assurance experts Dr. Nancy R. Mead and Dr. Carol C. Woody bring together comprehensive best practices for building software systems that exhibit superior operational security, and for considering security throughout your full system development and acquisition lifecycles. Drawing on their pioneering work at the Software Engineering Institute (SEI) and Carnegie Mellon University, Mead and Woody introduce seven core principles of software assurance, and show how to apply them coherently and systematically. Using these principles, they help you prioritize the wide range of possible security actions available to you, and justify the required investments. Cyber Security Engineering guides you through risk analysis, planning to manage secure software development, building organizational models, identifying required and missing competencies, and defining and structuring metrics. Mead and Woody address important topics, including the use of standards, engineering security requirements for acquiring COTS software, applying DevOps, analyzing malware to anticipate future vulnerabilities, and planning ongoing improvements. This book will be valuable to wide audiences of practitioners and managers with responsibility for systems, software, or quality engineering, reliability, security, acquisition, or operations. Whatever your role, it can help you reduce operational problems, eliminate excessive patching, and deliver software that is more resilient and secure