Software Assurance (2020)

From CyberEdWiki
Jump to: navigation, search

The intent of the Software Assurance Knowledge Unit is to provide students with the ability to describe why software assurance is important to the development of secure systems and describe the methods and techniques that lead to secure software.


After completing the KU, students will be able to:

  1. Apply security design principles.
  2. Describe how system design and architecture affects security.
  3. Create a system design optimized to meet appropriate security requirements.
  4. Apply modeling and vulnerability assessment to create a secure design.
  5. Explain the importance of Design Reviews in creating secure systems.


  1. Describe examples of the application of Security Principles:
    1. Separation (of domains)
    2. Isolation
    3. Encapsulation
    4. Least Privilege
    5. Simplicity (of design)
    6. Minimization (of implementation)
    7. Fail Safe Defaults / Fail Secure
    8. Modularity
    9. Layering
    10. Least Astonishment
    11. Open Design
    12. Usability
    13. Reduce attack surfaces
  2. Compare and contrast the security of alternative designs
  3. Review Secure Design Patterns
  4. Evaluate the level of security required for system data.
  5. Apply Life of Data - N-order Scope Map
  6. Create an Audit Trail
  7. Apply modeling techniques and vulnerability mapping to evaluate potential security issues.
  8. Increase Resiliancy
  9. Design reviews


NICE Framework Categories[edit]

CSEC 2017 Categories[edit]

Specialization Areas[edit]

See also[edit]

Related Knowledge Units

Original Knowledge Unit

Further reading[edit]

Suggested textbooks[edit]

Suggested academic readings[edit]

Sample knowledge test[edit]

Sample skills test[edit]

Sample abilities test[edit]

Additional notes or materials[edit]


Reference ID[edit]