Life-Cycle Security (2019)

From CyberEdWiki
Jump to: navigation, search

The intent of the Life-Cycle Security Knowledge Unit is to provide students with an understanding of how security principles can be applied to improve security throughout the system or product lifecycle.

Outcomes

To complete this KU, students should be able to:

  1. Describe the importance of secure software, and the programming practices and development processes and methodologies that lead to secure software.
  2. List, describe the phases of the system life-cycle, and explain security related concerns at each phase.
  3. List and describe the elements of a maturity model.

Topics

  1. System Life-Cycle Phases and Issues
    1. Initiation
    2. Requirements
    3. Design
    4. Development
    5. Testing
    6. Deployment
    7. Operations and Maintenance
    8. Disposal
  2. Vulnerability Mapping, Management, and Tracability
  3. Threat modeling
  4. Software Assurance Maturity Model
  5. Role of Project/Program Management
  6. Role of Process Management
  7. Importance of Culture and Training
  8. Development Processes and Paradigms
  9. Configuration Management
  10. Developmental Threats

Categories

Specialization Areas

See also

Related Knowledge Units

Original Knowledge Unit

Further reading

Suggested textbooks

Suggested academic readings

Sample knowledge test

Sample skills test

Sample abilities test

Additional notes or materials

Contacts

Reference ID

LCS