Life-Cycle Security (2020)

From CyberEdWiki
Revision as of 22:07, 21 November 2019 by GeralynUH (talk | contribs) (Text replacement - "To complete this KU, students should be able to:" to "After completing the KU, students will be able to:")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The intent of the Life-Cycle Security Knowledge Unit is to provide students with an understanding of how security principles can be applied to improve security throughout the system or product lifecycle.


After completing the KU, students will be able to:

  1. Describe the importance of secure software, and the programming practices and development processes and methodologies that lead to secure software.
  2. List, describe the phases of the system life-cycle, and explain security related concerns at each phase.
  3. List and describe the elements of a maturity model.


  1. System Life-Cycle Phases and Issues
    1. Initiation
    2. Requirements
    3. Design
    4. Development
    5. Testing
    6. Deployment
    7. Operations and Maintenance
    8. Disposal
  2. Vulnerability Mapping, Management, and Traceability
  3. Threat modeling
  4. Software Assurance Maturity Model
  5. Role of Project/Program Management
  6. Role of Process Management
  7. Importance of Culture and Training
  8. Development Processes and Paradigms
  9. Configuration Management
  10. Developmental Threats


NICE Framework Categories[edit]

CSEC 2017 Categories[edit]

Specialization Areas[edit]

See also[edit]

Related Knowledge Units

Original Knowledge Unit

Further reading[edit]

Suggested textbooks[edit]

Suggested academic readings[edit]

Sample knowledge test[edit]

Sample skills test[edit]

Sample abilities test[edit]

Additional notes or materials[edit]


Reference ID[edit]