SEI Series in Software Engineering: Cyber Security Engineering : A Foundation for Operational Security ebook MOBI, DOC
9780134189802 0134189809 Cyber Security Engineering is the definitive modern reference and tutorial on the full range of capabilities associated with modern cyber security engineering. Pioneering software assurance experts Dr. Nancy R. Mead and Dr. Carol C. Woody bring together comprehensive best practices for building software systems that exhibit superior operational security, and for considering security throughout your full system development and acquisition lifecycles. Drawing on their pioneering work at the Software Engineering Institute (SEI) and Carnegie Mellon University, Mead and Woody introduce seven core principles of software assurance, and show how to apply them coherently and systematically. Using these principles, they help you prioritize the wide range of possible security actions available to you, and justify the required investments. Cyber Security Engineering guides you through risk analysis, planning to manage secure software development, building organizational models, identifying required and missing competencies, and defining and structuring metrics. Mead and Woody address important topics, including the use of standards, engineering security requirements for acquiring COTS software, applying DevOps, analyzing malware to anticipate future vulnerabilities, and planning ongoing improvements. This book will be valuable to wide audiences of practitioners and managers with responsibility for systems, software, or quality engineering, reliability, security, acquisition, or operations. Whatever your role, it can help you reduce operational problems, eliminate excessive patching, and deliver software that is more resilient and secure., This book brings together comprehensive best practices for building software systems that exhibit superior operational security, and for considering security early and throughout the full lifecycles of both system development and acquisition. Pioneering software assurance experts Nancy R. Mead and Dr. Carol Woody present the latest practical knowledge and case studies, demonstrating strategies and techniques that have been repeatedly proven to reduce operational problems and the need for software patching. Using these methods, any software practitioner or manager can make system and software engineering decisions that are far more likely to achieve appropriate operational results. Drawing on their pioneering work at the Software Engineering Institute (SEI) and Carnegie Mellon University, the authors introduce seven core principles of software assurance, and demonstrate how to apply them through all four key areas of cybersecurity engineering: Security and Software Assurance Engineering Security and Software Assurance Management Security and Software Assurance Measurement and Analysis Software Assurance Education and Competencies For each area, Mead and Woody present key standards, methods, services, tools, and best practices, illuminating these with relevant examples, references to research results, and additional resources. Each area's content is organized to demonstrate how all seven crucial software assurance principles can be addressed coherently and systematically. The authors complement their recommendations with deep insight into why they make sense, and practical guidance on determining whether each action is being performed successfully. Cyber Security Engineering: A Foundation for Operational Security will serve as the definitive modern reference and tutorial on the full range of capabilities associated with modern cybersecurity engineering. It may also be used as an accompanying text advanced academic courses and continuing education related to the operational security of software systems."
9780134189802 0134189809 Cyber Security Engineering is the definitive modern reference and tutorial on the full range of capabilities associated with modern cyber security engineering. Pioneering software assurance experts Dr. Nancy R. Mead and Dr. Carol C. Woody bring together comprehensive best practices for building software systems that exhibit superior operational security, and for considering security throughout your full system development and acquisition lifecycles. Drawing on their pioneering work at the Software Engineering Institute (SEI) and Carnegie Mellon University, Mead and Woody introduce seven core principles of software assurance, and show how to apply them coherently and systematically. Using these principles, they help you prioritize the wide range of possible security actions available to you, and justify the required investments. Cyber Security Engineering guides you through risk analysis, planning to manage secure software development, building organizational models, identifying required and missing competencies, and defining and structuring metrics. Mead and Woody address important topics, including the use of standards, engineering security requirements for acquiring COTS software, applying DevOps, analyzing malware to anticipate future vulnerabilities, and planning ongoing improvements. This book will be valuable to wide audiences of practitioners and managers with responsibility for systems, software, or quality engineering, reliability, security, acquisition, or operations. Whatever your role, it can help you reduce operational problems, eliminate excessive patching, and deliver software that is more resilient and secure., This book brings together comprehensive best practices for building software systems that exhibit superior operational security, and for considering security early and throughout the full lifecycles of both system development and acquisition. Pioneering software assurance experts Nancy R. Mead and Dr. Carol Woody present the latest practical knowledge and case studies, demonstrating strategies and techniques that have been repeatedly proven to reduce operational problems and the need for software patching. Using these methods, any software practitioner or manager can make system and software engineering decisions that are far more likely to achieve appropriate operational results. Drawing on their pioneering work at the Software Engineering Institute (SEI) and Carnegie Mellon University, the authors introduce seven core principles of software assurance, and demonstrate how to apply them through all four key areas of cybersecurity engineering: Security and Software Assurance Engineering Security and Software Assurance Management Security and Software Assurance Measurement and Analysis Software Assurance Education and Competencies For each area, Mead and Woody present key standards, methods, services, tools, and best practices, illuminating these with relevant examples, references to research results, and additional resources. Each area's content is organized to demonstrate how all seven crucial software assurance principles can be addressed coherently and systematically. The authors complement their recommendations with deep insight into why they make sense, and practical guidance on determining whether each action is being performed successfully. Cyber Security Engineering: A Foundation for Operational Security will serve as the definitive modern reference and tutorial on the full range of capabilities associated with modern cybersecurity engineering. It may also be used as an accompanying text advanced academic courses and continuing education related to the operational security of software systems."