Secure Programming
secure software engineering methodology Mar 22 2004 01:42PM
Mads Rasmussen (mads opencs com br) (3 replies)
Re: secure software engineering methodology Mar 24 2004 05:39AM
Gabriel Sjoberg (xabbu cox net)
Re: secure software engineering methodology Mar 23 2004 01:24AM
Bill Weiss (houdini nmt edu) (1 replies)
Mads Rasmussen(mads (at) opencs.com (dot) br [email concealed])@Mon, Mar 22, 2004 at 10:42:49AM -0300:
>
> Do any of you have any experience with methodologies for software
> engineering of secure software?

I have some experience with the Cleanroom method, using the book "Toward
zero-defect programming" by Allan Stavely.

It has shown to be a reliable method for producing error free code. It is
not a method of developing any faster, you simply shift debugging time
(some of it after the software ships) to design time.

There is a decent review of the book at this site, which was written by
the teacher of the Cleanroom class I took:
http://www.nmt.edu/~shipman/reading/stavely.html

--
Bill Weiss

The reason the Poisson disk method of supersampling with jitter works is
monkeys.
-- Prof. John C. Hart, CS319 (Graphics II)
University of Illinois, Champaign-Urbana, IL

[ reply ]
Re: secure software engineering methodology Mar 23 2004 05:05PM
Mads Rasmussen (mads opencs com br)
Re: secure software engineering methodology Mar 23 2004 12:17AM
John Viega (viega securesoftware com)


 

Privacy Statement
Copyright 2010, SecurityFocus