Secure Software Workforce Development Panel Session

Slides:



Advertisements
Similar presentations
© 2012 Carnegie Mellon University Panel: Growing the Skills Required for Trustworthy Software Software Engineering Institute Carnegie Mellon University.
Advertisements

Carnegie Mellon University Software Engineering Institute CERT® Knowledgebase Copyright © 1997 Carnegie Mellon University VU#14202 UNIX rlogin with stack.
© 2013 Carnegie Mellon University UFO: From Underapproximations to Overapproximations and Back! Arie Gurfinkel (SEI/CMU) with Aws Albarghouthi and Marsha.
© 2013 Carnegie Mellon University The Software Assurance Competency Model: A Roadmap to Enhance Personal Professional Capability Software Engineering Institute.
© 2011 Carnegie Mellon University System of Systems V&V John B. Goodenough October 19, 2011.
Why Computing? Single most important skill for the 21 st century (and beyond) Computing ≠ Programming Skills for enabling technology Solving Problems!
© 2013 Carnegie Mellon University Academy for Software Engineering Education and Training, 2013 Session Architect: Tony Cowling Session Chair: Nancy Mead.
© 2013 Carnegie Mellon University Measuring Assurance Case Confidence using Baconian Probabilities Charles B. Weinstock John B. Goodenough Ari Z. Klein.
© Carnegie Mellon University The CERT Insider Threat Center.
Cyber Education Project Accreditation Committee November 2014.
Flexible Information Literacy Alternatives for Independent Learners Suzanne Hayes March 17, 2003 Copyright Suzanne Hayes This work is the intellectual.
Department of Mathematics and Computer Science
A Definition of Distance Education Distance education is a formal educational process in which the majority of the learning occurs when student and instructor.
1 Exploring NSF Funding Opportunities in DUE Tim Fossum Division of Undergraduate Education Vermont EPSCoR NSF Research Day May 6, 2008.
© 2011 Carnegie Mellon University Should-Cost: A Use for Parametric Estimates Additional uses for estimation tools Presenters:Bob Ferguson (SEMA) Date:November.
Overview of the Rose-Hulman Bachelor of Science in Software Engineering Don Bagert SE Faculty Retreat – New Faculty Tutorial August 23, 2005.
The Survivable Network Analysis Project: Project Introduction Nancy R. Mead CERT/Coordination Center Software Engineering Institute Carnegie Mellon University.
Mohammad Alshayeb 19 May Agenda Update on Computer Science Program Assessment/Accreditation Work Update on Software Engineering Program Assessment/Accreditation.
Industry Advisory Board Department of Computer Science.
4 August st Century Computing Curricula 1 Richard J. LeBlanc, Jr. Professor, College of Computing Georgia Institute of Tech nology Atlanta, Georgia,
Associate Degree Nursing
Design and Development Awards Spring 2015 TLOS Networked Learning Design and Strategies (NLDS)
1 WIA Youth Common Measures Webinar Attainment of a Degree or Certificate January 19, :00 am – 11:00 am.
Ipek Ozkaya, COCOMO Forum © 2012 Carnegie Mellon University Affordability and the Value of Architecting Ipek Ozkaya Research, Technology.
The Accreditation: The Policies on Distance Learning.
OSE2 - 1 Introduction to Software Engineering Professional Issues SWENET OSE2 Module June 2003 Developed with support from the National Science Foundation.
Texas Technology Applications Standards
Guide to the Software Engineering Body of Knowledge Chapter 1 - Introduction.
© 2010 Carnegie Mellon University Team Software Process.
AFCEA/AFA July 23,  There are 35 colleges and universities across the state that are members of the University System of Georgia.  All of them.
The Guide to the Software Engineering Body of Knowledge
IT Education in Serbia Prof. Dr. Ivan Milentiejvic
LiveDist: Real-Time Distribution of Databases, with High-Volume of Updates Dynamic and selective distribution of a central or distributed database, to.
Author Software Engineering Institute
MCCWDTA OER Repository Implementation Barbara Treacy, Education Development Center August 20, 2014 This work is licensed under a Creative Commons 3.0 License.
Computer Engineering Department (KFUPM) Computer Engineering Department Sadiq M. Sait College of Computer Sciences and Engineering.
Accreditation Update and Institutional Student Learning Outcomes Deborah Moeckel, SUNY Assistant Provost SCoA Drive in Workshops Fall 2015
CSCE 824 Secure (and Distributed) Database Management Systems FarkasCSCE
Spring 2013 OMSP Request For Proposal. The purpose of this PowerPoint is to highlight critical components of the Request for Proposals that have historically.
Department of Mathematics and Computer Science
1 A Mature Profession Of Software Engineering A Mature Profession Of Software Engineering Ye Yint Win EC Member (Myanmar Computer Scientist Association)
1 CERT BFF: From Start To PoC June 09, 2016 © 2016 Carnegie Mellon University This material has been approved for public release and unlimited distribution.
Industry Advisory Board
MS in IT Auditing, Cyber Security, and Risk Assessment
Data Science: What It Is and How It Can Help Your Company
A Scorecard for Cyber Resilience: What We Have Observed
PhD at CSE: Overview CSE department offers Doctoral degree in the Computer Science (CS) or Computer Engineering areas (CpE) at both MS to PhD and BS to.
David Svoboda & Aaron Ballman
Author Software Engineering Institute
Michael Spiegel, Esq Timothy Shimeall, Ph.D.
Computational Design In Search of Design Excellence
Process Maturity Profile
Computer-Based General education delivery system
Post-Doctoral Trainee Senior Professional Research Staff Staff
Perkins 101 Review Carl D. Perkins Career and Technical Education Improvement Act of 2006 Purpose and Expectations Act aims to increase the quality of.
GRADUATE PROGRAM COORDINATOR GRADUATE CURRICULUM SERIES
Implementation of the No Child Left Behind (NCLB) Highly Qualified Teacher & Paraprofessional Requirements December 2010.
Metrics-Focused Analysis of Network Flow Data
Technology, Careers, and Job Hunting
“Information Technology” Certificate
ACM/IEEE-CS Computer Science Curriculum
CSCE 606: Licensing and Software Engineering Code of Ethics
Department of Computer Science The University of Texas at Dallas
Threat Trends and Protection Strategies Barbara Laswell, Ph. D
Student Activities Centralized Training
Dynamic Cyber Training with Moodle
Industrial Experience (INEX) CSSE Graduate Student Orientation Session
Thursday, January 17, :30-4:30 p.m.
Kingdom of Saudi Arabia
Developing Useful Metrics
Presentation transcript:

Secure Software Workforce Development Panel Session Nancy R. Mead SEI Fellow and Principal Researcher

Copyright 2017 Carnegie Mellon University This material is based upon work funded and supported by the Department of Defense under Contract No. FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN “AS-IS” BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT. [Distribution Statement A] This material has been approved for public release and unlimited distribution. Please see Copyright notice for non-US Government use and distribution. This material may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other use. Requests for permission should be directed to the Software Engineering Institute at permission@sei.cmu.edu. DM-0004332

Software Assurance (SwA) Curriculum Project

Definition of Software Assurance Author Software Engineering Institute Definition of Software Assurance 12/7/2017 We use the following definition of software assurance: Application of technologies and processes to achieve a required level of confidence that software systems and services function in the intended manner, are free from accidental or intentional vulnerabilities, provide security capabilities appropriate to the threat environment, and recover from intrusions and failures. We are big on definitions, and the definition of software assurance is one that we have carried throughout our curriculum work, and is similar to the CNSS definition. Although software assurance is clearly broader than security, our focus has been on security and on quality, which is related to security, and not so much on safety, performance, and other quality factors.

Software Assurance (SwA) Curriculum Project Initially sponsored by the Department of Homeland Security (DHS) National Cyber Security Division (NCSD) Goals Develop software assurance curricula. Define transition strategies for future implementation. Not just SEI/CMU but faculty who have been associated with Software Engineering Curricular development (IEEE, ACM, etc) from other Universities; Also ISC2 with respect to security As connectivity grows, we must consider the large-scale, highly networked, software-dependent systems upon which all of our critical infrastructure relies—from phones to power, to water, to industries such as banking, medicine, and retail. .

Timeline Goals: Develop software assurance curricula Define transition strategies for implementation Community Outreach 20+ published papers 7 SEI reports 20+ talks, webinars, podcasts, media Thousands of downloads LinkedIn group of 500+ members Course materials and videos Integrated Into Course Offerings Carnegie Mellon University Stevens Institute of Technology US Air Force Academy University of Detroit Mercy University of Houston (ISC)2 Transition Degree offerings Polytechnic U. of Madrid– full MSwA Fall 2014 Illinois Central College Community College Program Fall 2015 SwA Courses Assurance Management Assured Software Development 1 exec course practitioner version of ASD1 SEI SwA Certificate Program under development in 2017 August 2010 March 2011 Fall 2011 2012 March 2013 Master of Software Assurance Reference Curriculum Undergraduate Course Outlines MSwA Syllabi Community College Education Competency Model Professional Society Recognition

Objectives Improve the state of software assurance education. Develop a Master of Software Assurance Reference Curriculum (Volume I). Identify educational offerings at other levels: undergraduate (Volume II) MSwA syllabi (Volume III) Community College (Volume IV) integration with IS curricula (SEI report) SwA Competency Model “A reference curriculum is a set of outcomes, entrance expectations, architecture, and a body of knowledge that provide guidance for faculty who are designing and updating their programs. That guidance is intentionally flexible so that faculty can adopt and adapt it based on local programmatic needs. A reference curriculum is not intended to be used directly for program certification or accreditation.” (from GSwE 2009 v1, page v [iSSEc 2009] ) [iSSEc 2009] Integrated Software & Systems Engineering Curriculum (iSSEc) Project. Graduate Software Engineering 2009 [GSwE2009] Curriculum Guidelines for Graduate Degree Programs in Software Engineering, Version 1.0. Stevens Institute of Technology, 2009. © 2010 Carnegie Mellon University

Audiences Faculty responsible for design, development, and maintenance of degree programs focusing on software assurance knowledge and practices Those in development and acquisition organizations responsible for either staffing positions in software assurance providing current software engineers with increased software assurance capabilities Those who assess software assurance oriented programs The primary audience for the MSwA2010 curriculum is faculty who are responsible for designing, developing, and maintaining graduate software engineering programs that have a focus on software assurance knowledge and practices. In addition, the MSwA2010 project provides a view of software assurance education that will interest those in development and acquisition organizations who have responsibility for staffing positions in software assurance and for providing their software engineers with increased software assurance capabilities. Although it is not intended to be the basis for accreditation (or certification), it may be useful as a reference for curriculum assessment. © 2010 Carnegie Mellon University

Book Published in Late 2016 Search for the book on informit.com.

Community College Program

SwA Curriculum Community College Recommendations Volume IV in the SwA Education Curriculum Reports Modifications to Computer Science I, II, and III Additional recommended courses Introduction to Computer Security Secure Coding Introduction to Assured Software Engineering SwA Curriculum webpage www.cert.org/curricula/software-assurance-curriculum.cfm

Timeline for the Community College and Industry Apprenticeship Program

Illinois Central College Implementation CS I: Programming in Java CS II: Programming in Java CS III: Advanced Programming in Java Structured Query Language Introduction to Relational Database C# Programming Mobile Application Programming Introduction to Computer Security Secure Coding Introduction to Assured Software Engineering Database Administration Structured System Analysis Two electives in computer programming, web, or networking, depending on employer needs General education courses (19 credit hours)

Contact Information Nancy R. Mead Software Engineering Institute 4500 Fifth Avenue Pittsburgh, PA 15213 nrm@sei.cmu.edu www.sei.cmu.edu/about/people/profile.cfm?id=mead_13121

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.