Appendix G. Measures from Lifecycle Activities, Security Resources, and Software Assurance Principles
Measures are selected to provide justification that the steps performed to build a software system or product sufficiently address software assurance. Sampling from each lifecycle phase is one approach to determine that expectations are being met. Table G.1 provides examples for these measurements. Interviews with resources responsible for addressing security can provide evidence and example questions to solicit useful data are listed in Table G.2.
Table G.1 Examples of Lifecycle-Phase Measures
Table G.2 Prototype Set of Questions for Software ...
Get Cyber Security Engineering: A Practical Approach for Systems and Software Assurance now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
