Process Improvement Should Link to Security: SEPG 2007 Security Track Recap

Security is a very visible issue these days for software. New software products are continuously reported to be vulnerable to attack and compromise; organizations must support an expensive unending update-and-upgrade cycle. Process improvement has been proposed as a mechanism for addressing security challenges, but the Capability Maturity Model Integration (CMMI) approach does not specifically address security, so the linkages for the Software Engineering Process Group (SEPG) community are unclear. The security track at the SEPG 2007 conference was developed to provide a forum for identifying the appropriate ties between process improvement and security. This document summarizes the content shared at the conference and identifies several subsequent steps underway toward strengthening those ties.

PDF [269 KB]

Author

Carol Woody

This report is related to the following area(s) of work:

Security and Survivability

Technical Note
CMU/SEI-2007-TN-025
September 2007

Cite This Report

SEI:

Woody, Carol; Process Improvement Should Link to Security: SEPG 2007 Security Track Recap (CMU/SEI-2007-TN-025). Software Engineering Institute, Carnegie Mellon University, 2007. http://www.sei.cmu.edu/library/abstracts/reports/07tn025.cfm

IEEE:

C. Woody, "Process Improvement Should Link to Security: SEPG 2007 Security Track Recap," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Note CMU/SEI-2007-TN-025, 2007. http://www.sei.cmu.edu/library/abstracts/reports/07tn025.cfm

APA:

Woody, C., (2007). Process Improvement Should Link to Security: SEPG 2007 Security Track Recap (CMU/SEI-2007-TN-025). Retrieved May 18, 2013, from the Software Engineering Institute, Carnegie Mellon University website: http://www.sei.cmu.edu/library/abstracts/reports/07tn025.cfm

CHI:

Woody, Carol, Process Improvement Should Link to Security: SEPG 2007 Security Track Recap (CMU/SEI-2007-TN-025). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2007. http://www.sei.cmu.edu/library/abstracts/reports/07tn025.cfm

MLA:

Woody, C., 2007. Process Improvement Should Link to Security: SEPG 2007 Security Track Recap (Technical Report CMU/SEI-2007-TN-025). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://www.sei.cmu.edu/library/abstracts/reports/07tn025.cfm

Find Us Here

Find us on Youtube  Find us on LinkedIn  Find us on twitter  Find us on Facebook

Share This Page

Share on Facebook  Send to your Twitter page  Save to del.ico.us  Save to LinkedIn  Digg this  Stumble this page.  Add to Technorati favorites  Save this page on your Google Home Page 

For more information

Contact Us

info@sei.cmu.edu

412-268-5800

Help us improve

Visitor feedback helps us continually improve our site.

Please tell us what you
think with this short
(< 5 minute) survey.