Presentation is loading. Please wait.

Presentation is loading. Please wait.

Software Development Security Chapter 10 Part 3 Pages 1108 to 1125.

Published byAron Neal Modified over 8 years ago

Similar presentations

Presentation on theme: "Software Development Security Chapter 10 Part 3 Pages 1108 to 1125."— Presentation transcript:

1 Software Development Security Chapter 10 Part 3 Pages 1108 to 1125

2 Software Security Best Practices Web Application Security Consortium (WASC) – Best security practices for the WWW – Figure 10-8 on page 1109 Open Web Application Security Project (OWASP) – https://www.owasp.org/index.php/Main_Page https://www.owasp.org/index.php/Main_Page – Top 10 2013

3 Software Security Best Practices Build Security In (BSI) – Department of Homeland Security – Best practices, guidelines, rules, principles Common Weakness Evaluation (CWE) – http://cwe.mitre.org/ http://cwe.mitre.org/ – Top 25 ISO/IEC 27034 Standard – Framework, application security management

4 Software Development Models Build and Fix – Little or no planning – Get the product out the door as fast as possible – Problems are dealt with when they occur – Not really a formal SDLC model Waterfall Model – Figure 10-9 on Page 1112

5 Software Development Models V-shaped model – Figure 10-10 on page 1113

6 Prototyping Rapid Prototyping – Build a prototype to test understanding – Is it feasible – User testing Evolutionary Prototypes – Incremental improvements – Evolves into the final product

7 Prototyping Operational Prototype – Implement in production environment – Update as customer feedback is gathered

8 Incremental Model Figure 10-11 on page 1115

9 Spiral Model Risk analysis Figure 10-12 on page 1116

10 RAD Rapid Application Development – Uses rapid prototyping instead of extensive upfront planning. – Accelerates the development process – Figure 10-13 on page 1117 Agile – Customer collaboration – More flexible and adaptable than Waterfall

11 CMMI Capability Maturity Model Integration Carnegie Mellon University Software Engineering Institute Figure on page 1121 Even Agile Compare vendors

12 Change Control Control changes to documentation, software, tests Roll back changes Who make the change Approval Multiple versions Software Configuration Management

Download ppt "Software Development Security Chapter 10 Part 3 Pages 1108 to 1125."

Similar presentations

SDLC – Beyond the Waterfall

SDLC – Beyond the Waterfall
The System and Software Development Process Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.

The System and Software Development Process Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.
Prescriptive Process Models Developed to bring order and structure to the software development process. To get away from the chaos of most development.

Prescriptive Process Models Developed to bring order and structure to the software development process. To get away from the chaos of most development.
Lifecycle models For more info on these models – see text

Lifecycle models For more info on these models – see text
29 September 2014. Interactions  There is no “right answer”  Typically people and product are fixed  … can adapt process  (which is where we will.

29 September Interactions  There is no “right answer”  Typically people and product are fixed  … can adapt process  (which is where we will.
Approaches to Systems Development

Approaches to Systems Development
Unit 1, Lesson 4 Software Development Cycle AOIT Introduction to Programming Copyright © 2009–2012 National Academy Foundation. All rights reserved.

Unit 1, Lesson 4 Software Development Cycle AOIT Introduction to Programming Copyright © 2009–2012 National Academy Foundation. All rights reserved.
Software Process Models

Software Process Models
Sharif University of Technology Session # 3.  Contents  Systems Analysis and Design Sharif University of Technology MIS (Management Information System),

Sharif University of Technology Session # 3.  Contents  Systems Analysis and Design Sharif University of Technology MIS (Management Information System),
Chapter Extension 19 Alternative Development Techniques © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Chapter Extension 19 Alternative Development Techniques © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Irwin/McGraw-Hill Copyright © 2000 The McGraw-Hill Companies. All Rights reserved Whitten Bentley DittmanSYSTEMS ANALYSIS AND DESIGN METHODS5th Edition.

Irwin/McGraw-Hill Copyright © 2000 The McGraw-Hill Companies. All Rights reserved Whitten Bentley DittmanSYSTEMS ANALYSIS AND DESIGN METHODS5th Edition.
1 SOFTWARE LIFE-CYCLES Beyond the Waterfall. 2 Requirements System Design Detailed Design Implementation Installation & Testing Maintenance The WATERFALL.

1 SOFTWARE LIFE-CYCLES Beyond the Waterfall. 2 Requirements System Design Detailed Design Implementation Installation & Testing Maintenance The WATERFALL.
Software lifecycle. CS351 - Software Engineering (AY2004)2 Software lifecycle “student view” Design & Specification Coding Testing (optional) Hand it.

Software lifecycle. CS351 - Software Engineering (AY2004)2 Software lifecycle “student view” Design & Specification Coding Testing (optional) Hand it.
Part 2: Requirements Days 7, 9, 11, 13 Chapter 2: How to Gather Requirements: Some Techniques to Use Chapter 3: Finding Out about the Users and the Domain.

Part 2: Requirements Days 7, 9, 11, 13 Chapter 2: How to Gather Requirements: Some Techniques to Use Chapter 3: Finding Out about the Users and the Domain.
Software Process CS 414 – Software Engineering I Donald J. Bagert Rose-Hulman Institute of Technology December 17, 2002.

Software Process CS 414 – Software Engineering I Donald J. Bagert Rose-Hulman Institute of Technology December 17, 2002.
Introduction to Systems Analysis and Design

Introduction to Systems Analysis and Design
1 These courseware materials are to be used in conjunction with Software Engineering: A Practitioner’s Approach, 5/e and are provided with permission by.

1 These courseware materials are to be used in conjunction with Software Engineering: A Practitioner’s Approach, 5/e and are provided with permission by.
Software Development Life Cycle (SDLC)

Software Development Life Cycle (SDLC)
Tsvetelina Kovacheva, Quality Manager Musala Soft June 19, 2007 Implementing Models and Standards for Software Development Benefits and Risks.

Tsvetelina Kovacheva, Quality Manager Musala Soft June 19, 2007 Implementing Models and Standards for Software Development Benefits and Risks.
Carnegie Mellon University ©2006 - 2010 Robert T. Monroe 70-451 Management Information Systems Software Development Lifecycles (SDLC’s) 70-451 Management.

Carnegie Mellon University © Robert T. Monroe Management Information Systems Software Development Lifecycles (SDLC’s) Management.

Similar presentations

Ads by Google