Life-Cycle Security (2020)

From CyberEdWiki
Jump to: navigation, search

The intent of the Life-Cycle Security Knowledge Unit is to provide students with an understanding of how security principles can be applied to improve security throughout the system or product lifecycle.

Outcomes[edit]

To complete this KU, students should be able to:

  1. Describe the importance of secure software, and the programming practices and development processes and methodologies that lead to secure software.
  2. List, describe the phases of the system life-cycle, and explain security related concerns at each phase.
  3. List and describe the elements of a maturity model.

Topics[edit]

  1. System Life-Cycle Phases and Issues
    1. Initiation
    2. Requirements
    3. Design
    4. Development
    5. Testing
    6. Deployment
    7. Operations and Maintenance
    8. Disposal
  2. Vulnerability Mapping, Management, and Traceability
  3. Threat modeling
  4. Software Assurance Maturity Model
  5. Role of Project/Program Management
  6. Role of Process Management
  7. Importance of Culture and Training
  8. Development Processes and Paradigms
  9. Configuration Management
  10. Developmental Threats

Skills[edit]

NICE Framework Categories[edit]

CSEC 2017 Categories[edit]

Specialization Areas[edit]

See also[edit]

Related Knowledge Units

Original Knowledge Unit

Further reading[edit]

Suggested textbooks[edit]

Suggested academic readings[edit]

Sample knowledge test[edit]

Sample skills test[edit]

Sample abilities test[edit]

Additional notes or materials[edit]

Contacts[edit]

Reference ID[edit]

LCS