Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mapping the Software Assurance Landscape: A Guide to What’s Going On In the Community Sean Barnum.

Published byJemima Gilmore Modified over 8 years ago

Similar presentations

Presentation on theme: "Mapping the Software Assurance Landscape: A Guide to What’s Going On In the Community Sean Barnum."— Presentation transcript:

1 Mapping the Software Assurance Landscape: A Guide to What’s Going On In the Community Sean Barnum

2 © 2006 Cigital Inc. All Rights Reserved. 2 So Tell Us About What’s Going On in SwA

3 © 2006 Cigital Inc. All Rights Reserved. 3 Software Assurance Landscape Paper The landscape paper is intended to:  Draw a somewhat broad picture of the organizations and efforts of the software assurance landscape  Identify and describe various knowledge resources being developed and made available by these efforts  Describe and explore how many of these efforts and knowledge resources are actually mutually supportive, well aligned, and complimentary  Identify gaps and opportunities in the current landscape Structure  Intro & Purpose of Landscape  Brief overview and scoping of “Software Assurance”  Software Assurance State of the Art/Practice Summary  Software Assurance Landscape Index  Software Assurance Domain Summaries  Graphical Representations of Landscape  Software Assurance Knowledge, Activities and Initiatives  Targeted Capabilities  Software Assurance Roadmap

4 © 2006 Cigital Inc. All Rights Reserved. 4 Landscape Index Objective: Present full list of organizations, activities and knowledge in an organized taxonomy to more easily identify items of interest Key Domains  Communities & Leadership  Developing and Maintaining Software-based Systems  Operation and Maintenance of Systems and Networks  Evaluating, Certifying, Reviewing, and Monitoring Compliance of Software-base Systems  Formalization and Enabling Technologies for Implementing Security Guidelines and Specifications  Research & Development (R&D)  Education  Acquisition & Marketing  Forums, Conferences, Colloquia, Working Groups, etc.

5 © 2006 Cigital Inc. All Rights Reserved. 5 Domain Summaries & Graphical Representations Domain Summaries Objective: Prose descriptions of each organization, activity and knowledge resource along with explanations of the relationships between them A good place to start Graphical Representations Objective: Present single picture overviews of the interrelationships between elements of a given type Currently complete: Knowledge To be created: Organizations & Activities

6 © 2006 Cigital Inc. All Rights Reserved. 6 SwA Efforts in Context

7 © 2006 Cigital Inc. All Rights Reserved. 7 Software Assurance Knowledge, Activities and Initiatives Enumerated list of all of the identified organizations, activities and knowledge Each entry includes:  A very brief description of the element  Links and references to where you can go to learn more  Who is sponsoring or leading  Eventually, descriptions of how this element is related to other elements in the enumeration

8 © 2006 Cigital Inc. All Rights Reserved. 8 Targeted Capabilities & SwA Roadmap Targeted Capabilities outlines capabilities that the SwA community seeks to achieve with the elements of the landscape This listing helps to establish the beginnings of a framework for identifying gaps in the current landscape SwA Roadmap is intended to link to various specifically actionable roadmaps that may exist for filling identified gaps in the landscape

9 © 2006 Cigital Inc. All Rights Reserved. 9 Challenges & Future Plans Challenges How tightly to bound the landscape to software assurance Requires many different perspectives (noone knows it all) Gathering adequate details on such a large number and wide variety of organizations, activities and knowledge Keeping landscape current Future Plans Continue to flesh out and revise current content Identify new content and expand Eventually deploy as a website

10 © 2006 Cigital Inc. All Rights Reserved. 10 Opportunities for Involvement Need your assistance with identifying other relevant topics of interest Need your assistance with identifying other relevant organizations, activities and knowledge Need your assistance with descriptive detail for each organization, activity or knowledge entry Need your perspective on how to make this more valuable Need your assistance in spreading the word To get involved, email Sean (sbarnum@cigital.com) or Bob (ramartin@mitre.org)sbarnum@cigital.comramartin@mitre.org

Download ppt "Mapping the Software Assurance Landscape: A Guide to What’s Going On In the Community Sean Barnum."

Similar presentations

What is an M and E Plan?. Organizing the Work of M and E An M and E System -- the 12 components as a whole – Sets out broad vision at national level An.

What is an M and E Plan?. Organizing the Work of M and E An M and E System -- the 12 components as a whole – Sets out broad vision at national level An.
Succession and talent management

Succession and talent management
Identifying enablers & disablers to change

Identifying enablers & disablers to change
Building an Operational Enterprise Architecture and Service Oriented Architecture Best Practices Presented by: Ajay Budhraja Copyright 2006 Ajay Budhraja,

Building an Operational Enterprise Architecture and Service Oriented Architecture Best Practices Presented by: Ajay Budhraja Copyright 2006 Ajay Budhraja,
Strategy 2022: A Holistic View Tony Hayes International President ISACA 2013-2014 © 2012, ISACA. All rights reserved.

Strategy 2022: A Holistic View Tony Hayes International President ISACA © 2012, ISACA. All rights reserved.
How to Document A Business Management System

How to Document A Business Management System
S&I Framework Provider Directories Initiative esMD Work Group October 19, 2011.

S&I Framework Provider Directories Initiative esMD Work Group October 19, 2011.
Monday, June 01, 2015 Aligning Business Strategy with IT Architecture Board & Governance- Key to Running IT as Business.

Monday, June 01, 2015 Aligning Business Strategy with IT Architecture Board & Governance- Key to Running IT as Business.
Planning and Strategic Management

Planning and Strategic Management
8/28/2005ECEN5543 Req Elicitation1 Targets of Requirements Engineering ECEN 5543 SW Engineering of Standalone Programs University of Colorado, Boulder.

8/28/2005ECEN5543 Req Elicitation1 Targets of Requirements Engineering ECEN 5543 SW Engineering of Standalone Programs University of Colorado, Boulder.
Unit 8: Tests, Training, and Exercises Unit Introduction and Overview Unit objectives:  Define and explain the terms tests, training, and exercises. 

Unit 8: Tests, Training, and Exercises Unit Introduction and Overview Unit objectives:  Define and explain the terms tests, training, and exercises. 
Division of School Effectiveness1 Common Core State Standards: Transitioning from Awareness to Implementation December 1, 2011 Rutledge Conference Center.

Division of School Effectiveness1 Common Core State Standards: Transitioning from Awareness to Implementation December 1, 2011 Rutledge Conference Center.
Planning and Strategic Management

Planning and Strategic Management
Planning and Strategic Management

Planning and Strategic Management
Enterprise Architecture

Enterprise Architecture
Chicagoland IASA Spring Conference

Chicagoland IASA Spring Conference
Developing Enterprise Architecture

Developing Enterprise Architecture
Www.imanetwork.org IMA CIM Overview. www.imanetwork.org IMA Mission “Provide a knowledge-sharing platform for business professionals where proven Internet.

IMA CIM Overview. IMA Mission “Provide a knowledge-sharing platform for business professionals where proven Internet.
© 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley 1 Context of Software Product Design.

© 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley 1 Context of Software Product Design.
1 SCIP Africa Summit | October 13 - 15, 2014 Firefighters to Futurists SCIP Africa Summit October 2014 Butterfly Effect Intelligence™: Stuart Maclachlan.

1 SCIP Africa Summit | October , 2014 Firefighters to Futurists SCIP Africa Summit October 2014 Butterfly Effect Intelligence™: Stuart Maclachlan.

Similar presentations

Ads by Google